Infrastructure drift silently accumulates, making emergency region migrations risky or impossible. Teams don't know if their IaC actually matches reality until crisis hits.
Continuously compares live infrastructure against Terraform state, alerts on drift, auto-generates PRs to fix it, and provides a region-portability score showing how quickly you could redeploy elsewhere.
freemium
Drift is a universally acknowledged pain in every DevOps team running Terraform at scale. The Reddit post with 447 upvotes about emergency region migration validates this acutely. Teams routinely discover drift only during incidents — by then it's too late. However, many teams tolerate drift until it bites them, so converting latent pain to urgency requires good positioning.
Estimated TAM: ~$1.5B for IaC management tooling. Serviceable market for drift-specific tooling is narrower (~$200-400M) targeting the ~50,000+ companies running Terraform at scale. Strong expansion potential as IaC adoption grows and compliance mandates increase. Not a massive horizontal market, but large enough for a very successful company.
Platform engineering teams already pay $30-50/user/month for Spacelift/env0. Drift-specific tooling with migration scoring is differentiated enough to command similar pricing. The compliance and disaster-recovery angle unlocks budget from security/risk teams, not just DevOps. However, some teams will try to DIY with cron + terraform plan scripts, creating a free alternative floor.
Core drift detection (terraform plan diffing) is straightforward. Auto-PR generation is achievable. BUT: the region-portability scoring is genuinely complex — requires deep understanding of provider-specific resources, data gravity, service availability per region, and cross-region dependencies. Multi-cloud support multiplies complexity. A solo dev could build MVP for a single cloud (AWS) in 6-8 weeks, but it's tight. Need Terraform state file parsing, cloud API integration, Git integration for PRs.
No existing tool combines drift detection + auto-PR remediation + migration-readiness scoring. Spacelift/env0 treat drift as a feature, not the product. Firefly is closest on asset discovery but lacks the migration angle entirely. The region-portability score is a genuinely novel differentiator that no competitor offers. Risk: incumbents could add this feature in 6-12 months if it gains traction.
Continuous drift monitoring is inherently recurring — infrastructure changes daily, drift accumulates constantly, and the portability score needs constant recalculation. This is classic monitoring SaaS: once teams depend on drift alerts, churn is very low. Per-workspace or per-state-file pricing scales naturally with customer growth.
- +Region-portability scoring is a genuinely novel differentiator with no existing competition
- +Inherently sticky recurring product — drift monitoring can't be a one-time check
- +Validated pain signal from high-engagement community discussion (447 upvotes)
- +Compliance and disaster-recovery positioning unlocks budget beyond DevOps teams
- +Auto-PR remediation is a clear UX improvement over existing re-apply workflows
- !Spacelift or env0 could ship a drift-focused feature set within 6-12 months, eroding differentiation
- !Region-portability scoring is technically complex and hard to make accurate — inaccurate scores would destroy trust
- !Market requires enterprise sales motions (SOC2, SSO, on-prem agents) which are expensive for a solo founder
- !Teams may DIY basic drift detection with terraform plan cron jobs and only need the premium features at scale
- !Multi-cloud and multi-provider support expectations could fragment focus early
Infrastructure orchestration platform with drift detection, policy-as-code, and collaborative Terraform management. Runs scheduled drift detection and can trigger reconciliation runs.
Self-service infrastructure platform with drift detection, cost estimation, and governance. Detects drift on schedule and can auto-remediate by re-applying.
Cloud asset management platform that discovers all cloud resources, maps them to IaC, detects drift and unmanaged resources, and can codify unmanaged assets into Terraform.
Open-source Terraform CI/CD that runs plans and applies in your own infrastructure. Has drift detection capabilities via scheduled plan runs.
IaC orchestration and management tool focused on code generation, stacks management, and change detection. Adds drift detection on top of Terraform workflows.
AWS-only, GitHub-only. Agent that connects to Terraform Cloud/S3 state files, runs periodic drift detection against live AWS resources, sends Slack/email alerts with drift summaries, and auto-opens GitHub PRs with terraform import blocks or config fixes. Include a simple region-portability dashboard showing percentage of resources that are region-portable vs region-locked (RDS, ElastiCache, etc). Skip multi-cloud, skip GitLab, skip self-hosted Git for MVP.
Free: up to 3 state files, daily drift checks, Slack alerts only. Pro ($29/workspace/month): unlimited state files, hourly checks, auto-PR remediation, region-portability score. Enterprise ($custom): SSO/SAML, on-prem agent, custom policies, SLA, audit logs. Upsell path: drift-as-compliance-evidence for SOC2/ISO audits.
8-12 weeks to MVP with first paying design partners. 3-4 months to first organic revenue. The DevOps buyer is technical and evaluates quickly — short sales cycles for team-level purchases ($500-2000/month). Enterprise deals (5-6 figure ACV) take 3-6 months.
- “Keep your terraform driftless and providers + modules updated guys”
- “Our RDS database was constantly losing storage”
- “the whole transition to another region took less than a day”