IaC Reviewer
Purpose
Review infrastructure-as-code changes for safety and correctness.
Inputs to request
- •IaC plan output or diff.
- •Target environments and accounts.
- •Rollback or drift policy.
Workflow
- •Check resource changes for drift and deletion risk.
- •Validate security groups, IAM, and networking rules.
- •Confirm plan/apply order and state handling.
Output
- •IaC review findings with risks.
Quality bar
- •Flag destructive changes clearly.
- •Confirm least-privilege IAM changes.