Terraform PR risk gate

Catch risky Terraform changes before merge

TerraGate turns a Terraform plan into a reviewer-ready merge decision: what changed, what can break, why it matters, and what would be posted back to GitHub after approval.

Evidence-backed findingsGitHub draft previewHosted safe samples

Demo ready

Run the security sample to see a complete review: merge decision, evidence-backed findings, GitHub comment draft, approval gate, and audit history.

First scenario

Security risk review

Shows why the PR should not merge until ingress, database exposure, and IAM scope are fixed.

Fastest path to value

A reviewer should be able to understand the product in one run: launch a sample, inspect evidence, approve the draft, and see what would be posted to GitHub.

Run the hosted review

Start with a safe Terraform sample that finishes in seconds.

Read the decision brief

See the recommended merge decision, top findings, and evidence.

Preview GitHub output

Inspect the PR comment and approval state before posting.

Adopt private safeguards

Turn on real auth, live GitHub writes, Infracost, and policy packs.

Total runs

Pending approvals

High or critical risk

Hosted sample reviews

Launch a preloaded review without uploading sensitive Terraform data. Each sample runs the same graph, findings, remediation, approval, and audit workflow used by uploaded plans.

Block mergeBest first demo

Security risk review

Public SSH, public RDS, and wildcard IAM policy findings mapped to Terraform evidence.

Expected: Critical risk with public exposure evidence

Focus: Security reviewer + governance policy checks

Require operator approvalOperational risk

Production blast radius

Stateful replacement risk with rollback, backup, and approval checklist details.

Expected: High risk from stateful replacements

Focus: Blast radius + runbook readiness

Review budget impactCost control

Cost spike review

Large compute, NAT gateway, cost-center, and policy threshold checks.

Expected: Cost threshold exceeded

Focus: Cost reviewer + governance tags

Trust controls

Built into the review flow

Evidence before explanation

Rules parse the Terraform plan and attach JSON-path evidence before AI-assisted summaries are generated.

Approval before external writes

GitHub comments and suggested commits are drafted first, then blocked until a reviewer approves them.

Redacted reviewer inputs

Secret-like values, plan internals, and PR patch context are reduced before reviewer nodes use them.

Auditable demo history

Runs keep findings, check status, approval state, policy context, artifacts, and action history.

Available command modes

3 live modes

Available

Review Terraform PR

Upload a Terraform plan and run deterministic security, cost, reliability, and governance review.

Available

Generate Runbook

Generate backup, rollback, maintenance, signoff, and validation checklists from review evidence.

Available

Compliance Check

CIS and NIST-style checklist mapped to findings, evidence, and approval state.

Coming soon

Planned features

Coming soon

Investigate Incident

Logs, metrics, and runbook reasoning for incident triage.

Coming soon

Optimize Cloud Cost

Waste detection, rightsizing candidates, and accountability workflows.

Recent runs

Loading run history...