Plan Noise & Custom Rules

Terraform plans often contain recurring changes that aren't real problems — attribute ordering, computed defaults, provider quirks. DriftWise detects these patterns automatically and lets you suppress or fix them.

Built-in Rules

DriftWise ships with a library of known noise patterns. Examples:

Rule	Provider	What it catches
`aws-tags-all`	AWS	`tags_all` attribute always showing as changed
`aws-iam-policy-json`	AWS	IAM policy JSON re-ordered on every plan
`aws-sg-self-ref`	AWS	Security group inline ingress/egress conflicts

Built-in rules are enabled by default. Disable any rule per-org without deleting it.

List built-in rules

curl "https://app.driftwise.ai/api/v2/builtin-rules" \
  -H "x-api-key: $DRIFTWISE_API_KEY"

Disable a built-in rule for your org

curl -X POST "https://app.driftwise.ai/api/v2/orgs/$ORG_ID/disabled-rules" \
  -H "x-api-key: $DRIFTWISE_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "rule_type": "noise",
    "builtin_rule_id": "<rule_id>",
    "reason": "optional context for audit log"
  }'

rule_type must be noise or risk. List disabled rules with GET /api/v2/orgs/$ORG_ID/disabled-rules. Re-enable by calling DELETE /api/v2/orgs/$ORG_ID/disabled-rules/<disabled_rule_id>.

Viewing Noise Patterns

DriftWise tracks recurring plan changes across your analyses. View detected patterns:

curl "https://app.driftwise.ai/api/v2/orgs/$ORG_ID/plan-noise" \
  -H "x-api-key: $DRIFTWISE_API_KEY"

Returns patterns that exceed your recurrence threshold within the detection window.

Configure detection sensitivity

curl -X PUT "https://app.driftwise.ai/api/v2/orgs/$ORG_ID/plan-noise/settings" \
  -H "x-api-key: $DRIFTWISE_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "recurrence_threshold": 3,
    "window_days": 30
  }'

Setting	Description
`recurrence_threshold`	Minimum occurrences before a pattern is flagged as recurring (min: 1)
`window_days`	Time window for counting recurrences (min: 1)

Suppressing Noise

When you identify a pattern as noise, suppress it:

curl -X POST "https://app.driftwise.ai/api/v2/orgs/$ORG_ID/plan-noise/suppress" \
  -H "x-api-key: $DRIFTWISE_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "fingerprints": ["abc123..."],
    "resource_addresses": ["aws_instance.web"],
    "reason": "Known tags_all drift, tracked in INFRA-1234",
    "is_false_positive": true,
    "duration": "90d"
  }'

Field	Type	Description
`fingerprints`	string[]	Pattern fingerprints to suppress (max 100)
`resource_addresses`	string[]	Terraform resource addresses (max 100)
`reason`	string	Why this is being suppressed
`is_false_positive`	bool	Flag as a false positive for tracking
`duration`	string	`7d`, `30d`, `90d`, or `forever`

List suppressions

curl "https://app.driftwise.ai/api/v2/orgs/$ORG_ID/plan-noise/suppressions" \
  -H "x-api-key: $DRIFTWISE_API_KEY"

Delete a suppression

curl -X DELETE "https://app.driftwise.ai/api/v2/orgs/$ORG_ID/plan-noise/suppressions/<suppression_id>" \
  -H "x-api-key: $DRIFTWISE_API_KEY"

Generating Fixes

DriftWise can generate AI-powered fix recommendations for noisy patterns:

curl -X POST "https://app.driftwise.ai/api/v2/orgs/$ORG_ID/plan-noise/<fingerprint>/fix" \
  -H "x-api-key: $DRIFTWISE_API_KEY"

Returns tiered fix options with trade-offs:

{
  "fixes": [
    {
      "label": "Use lifecycle ignore_changes",
      "summary": "Add ignore_changes for tags_all to prevent recurring diff",
      "detail": "```hcl\nlifecycle {\n  ignore_changes = [tags_all]\n}\n```",
      "pros": ["Eliminates noise immediately", "No state changes needed"],
      "cons": ["Hides real tag changes on this resource"]
    }
  ],
  "confidence": "high",
  "trace_id": "trace-uuid"
}

info

Fix generation is rate-limited (30/hour per org) and consumes a slot of the platform-LLM weekly quota + hourly rate limit (see Platform LLM Quotas). Configure BYOK to bypass both platform gates.

Custom Rules

Create your own rules to detect org-specific noise or risk patterns.

Noise rules

Flag recurring benign changes specific to your infrastructure:

curl -X POST "https://app.driftwise.ai/api/v2/orgs/$ORG_ID/custom-rules" \
  -H "x-api-key: $DRIFTWISE_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "rule_type": "noise",
    "name": "EKS cluster version drift",
    "description": "EKS auto-upgrades minor versions, causing plan noise",
    "config": {
      "severity": "harmless",
      "fixes": [
        {
          "label": "Pin EKS version",
          "summary": "Set explicit kubernetes_version in config",
          "detail": "Add `version = \"1.29\"` to your aws_eks_cluster resource",
          "pros": ["Prevents auto-upgrade drift"],
          "cons": ["Requires manual version bumps"]
        }
      ]
    }
  }'

Noise severity levels: harmless, warning, caution

Risk rules

Flag specific resource patterns as risky:

curl -X POST "https://app.driftwise.ai/api/v2/orgs/$ORG_ID/custom-rules" \
  -H "x-api-key: $DRIFTWISE_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "rule_type": "risk",
    "name": "Public S3 bucket detection",
    "description": "Flag any S3 bucket without explicit public access block",
    "config": {
      "resource_types": ["aws_s3_bucket"],
      "flag": "missing_public_access_block"
    }
  }'

Managing custom rules

# List rules (optionally filter by type)
curl "https://app.driftwise.ai/api/v2/orgs/$ORG_ID/custom-rules?rule_type=noise"

# Enable/disable a rule
curl -X PATCH "https://app.driftwise.ai/api/v2/orgs/$ORG_ID/custom-rules/<rule_id>" \
  -H "Content-Type: application/json" \
  -d '{ "enabled": false }'

# Delete a rule
curl -X DELETE "https://app.driftwise.ai/api/v2/orgs/$ORG_ID/custom-rules/<rule_id>"

Built-in Rules​

List built-in rules​

Disable a built-in rule for your org​

Viewing Noise Patterns​

Configure detection sensitivity​

Suppressing Noise​

List suppressions​

Delete a suppression​

Generating Fixes​

Custom Rules​

Noise rules​

Risk rules​

Managing custom rules​