InfraDiff

Stop guessing what Terraform changes will break. InfraDiff tells you.

Comment

Inspiration

As a beginner DevOps Engineer, my day to day work often requires me to provision artifacts on the cloud using Terraform. Terraform plans tend to get large and it is tedious work to verify if the current manifest plan causes any unintended change, that might cause service disruptions. To prevent this I came up with InfraDiff.

What it does

InfraDiff analyzes Terraform plan outputs and explains the real-world impact of infrastructure changes. Instead of scanning raw diffs, developers get clear insights into:

  1. Whether a change is risky
  2. Whether it may cause downtime
  3. A plain-English explanation of what the change means.

InfraDiff currently supports Terraform plans for Vultr infrastructure and helps developers catch dangerous changes before deployment.

How I built it

InfraDiff is built as an npm library using TypeScript. It parses Terraform plan JSON files and applies deterministic rules to classify infrastructure changes and assess risk and downtime. To make the output more human-friendly, I integrated Gemini to generate concise explanations and safer deployment recommendations. Importantly, AI is only used for explanation and not for decision-making, ensuring reliability and predictability. The tool can be run locally in a single command and fits naturally into existing Terraform workflows.

Challenges I ran into

  1. Determining a way to prevent AI hallucinations. For this, I added deterministic rules instead of giving the entire plan to AI.

  2. Creating an NPM library out of the typescript modules that can be reused and modified with little effort and publishing it.

Accomplishments that I am proud of

InfraDiff was designed as a CLI-first developer tool and packaged as an installable npm library. This allows it to be used locally, shared across teams, or integrated into CI pipelines without modifying existing Terraform setups.

What I learned

  1. Using terraform with vultr provider.
  2. Creating npm packages.
  3. Calling gemini-2.5 using API key.

What's next for InfraDiff

  1. Support for cloud providers other than vultr.
  2. Support for models other than gemini.

Built With

Share this project:

Updates