Skip to main content

Overview

Anyshift treats Terraform as a first-class citizen. Annie reads your code (modules, resources, variables) and your state (.tfstate files from S3 or HCP Terraform Cloud), and links both to the actual cloud resources they manage.

Code

HCL parsed from your connected Git repositories: modules, resources, data sources, variables, outputs, and inter-module references.

State

.tfstate ingested from S3 buckets and HCP Terraform Cloud workspaces. Managed instances are linked back to their declarations and forward to the live cloud resources they manage.

How It Connects

Once your Terraform code and state are both connected, Annie builds this chain in her knowledge graph: A Terraform module declaration is instantiated as a state entry, which manages a live AWS VPC That chain is what lets you ask questions across layers, from code, to state, to the running resource, without leaving the chat.

Connecting Your Terraform

Git (code)

Connect GitHub or GitLab to ingest your Terraform modules, resources, and references.

HCP Terraform (state)

Connect HashiCorp Cloud Platform workspaces to ingest state from HCP Terraform Cloud.
S3 state buckets are auto-discovered.If your Terraform state lives in S3, there’s nothing extra to configure. Once your AWS account is connected, Annie detects state buckets automatically from your ingested Terraform backend blocks and from AWS API extraction. You’ll see them in the Anyshift app under Integrations → Terraform Backends.

What You Can Ask Annie

  • “Which resources are managed by Terraform vs. manually?”
  • “Show me all modules that use the aws_instance resource”
  • “Which workspaces deploy to the prod environment?”
  • “What variables does the networking module expose?”
  • “What resources depend on this module?”
  • “If I destroy this VPC, what breaks?”
  • “Which services will be affected by changing this security group rule?”
  • “What resources were modified outside of Terraform?”
  • “Which live resources are not in any state file?”
See the Drift Detection page for more.

Real-World Examples

I just ran terraform apply and want to verify what actually changed.“What changed in the last 30 minutes?”
I found 5 resources updated:
  • aws_instance.prod-api-1: instance_type → t3.large
  • aws_instance.prod-api-2: instance_type → t3.large
  • aws_autoscaling_group.prod-api-asg: desired_capacity → 4
  • aws_lb_target_group.prod-api-tg: 2 new targets
  • aws_cloudwatch_metric_alarm.prod-api-cpu: threshold → 80
All changes match your most recent plan.
I’m about to refactor a shared module and want to know what depends on it.“What uses the shared-networking module?”
14 workspaces reference shared-networking:
  • platform-prod (3 VPCs, 12 subnets)
  • data-prod (1 VPC, 6 subnets)
  • security-prod (consumes outputs: vpc_id, private_subnets)
Breaking changes to the outputs will require coordinated updates.

Get Started

Connect a Git provider

Ingest your Terraform code.

Connect a state backend

Ingest your Terraform state from HCP (S3 is auto-detected).