Detecting Drift

Detect drift in a stack in Resource Manager. Drift is the difference between the actual, real-world state of your infrastructure and the stack's last executed configuration.

Common reasons for occurrence of drift include a team member adding a production tag to your resources or deleting a resource.

You can detect drift for new stacks created from compartments or for stacks where the last job run was Apply or Import state. When detecting drift, you can specify all resources or selected resources.


After detecting drift, list drift status for resources. See Listing Drift Status.

Using the Console

  1. Open the navigation menu and click Developer Services. Under Resource Manager, click Stacks.
  2. Choose a compartment that you have permission to work in (on the left side of the page).
  3. Click the name of the stack that you want.
    The Stack details page opens.
  4. Go to More actions and select Run drift detection.
  5. In the Run drift detection panel, select the option you want.
    • All resources: Detects drift for all resources in the stack.

    • Selected resources: Detects drift for the specified resources in the stack.

      You can select an address from the list or enter the address. Each resource is identified by a resource address, which is a string derived from the resource type and name specified in the stack's Terraform configuration plus an optional index. For example, the resource address for the fourth Compute instance with the name "test_instance" is oci_core_instance.test_instance[3]. The resource type is oci_core_instance, a period acts as delimiter, the resource name is test_instance, and the index is 3 in bracket). For more details and examples of resource addresses, see the Terraform documentation at

  6. (Optional) Configure advanced options:
    • Upgrade provider versions (stack must be Terraform 0.14 and later; older stacks must be upgraded to use Terraform Registry): Retrieves the latest versions available from the configured source of Terraform providers.

      Required if provider versions in the Terraform configuration changed since the last time a job was run on the stack. Dependency lock files are automatically managed for new and updated stacks. Providers are updated within the version constraints of your Terraform configuration.

    • Optionally tag the job.
  7. Click Run drift detection.

A work request is started. When the work request is complete, the drift status appears in the Stack information tab.