AtlantasAtlantas
AI Agent Fleet

The Agent Fleet

AI operators that work within your trust architecture. Every agent submits PRs, passes evaluation gates, and requires human approval before touching infrastructure.

The Drifter

Detect infrastructure drift before it becomes an incident

Detects infrastructure drift via terraform plan diff across multi-cloud environments. When someone makes a manual change in the console, The Drifter finds it, generates import-ready HCL, and opens a PR to bring your code back in sync with reality.

Zero false-positive PRs with configurable significance filtering

How it works

1Scheduled scan
2Plan diff
3Noise filter
4LLM import PR
5Evaluation gate
6Human approval
7Apply
8Verify

Noise filtering

Auto-scaling group sizes, timestamps, tags, and computed attributes are filtered out automatically. Configurable ignore rules let you tune what counts as drift per environment — so staging noise never blocks production alerts.

The Janitor

Find orphaned resources and reclaim wasted cloud spend

Finds orphaned cloud resources — unattached EBS volumes, unused Elastic IPs, idle load balancers, forgotten dev environments — and proposes cleanup PRs with cost savings estimates powered by Infracost.

Average $2,400/year savings per environment from orphaned resource cleanup

How it works

1State analysis + cloud API queries
2Age/usage threshold check
3Cost estimation via Infracost
4Destroy PR
5Evaluation gate
6Human approval
7Apply
8Verify

Conservative by design

Conservative by design: never proposes cleanup for resources with active dependencies. Respects configurable age thresholds (default 30 days). Resources tagged with protection labels are always excluded.

The Upgrader

Keep Terraform provider and module versions current

Monitors the Terraform Registry API for outdated provider and module versions in your codebase. When a new minor or patch version is available, it runs a dry-plan to verify compatibility, then opens a version bump PR.

Automated version hygiene — no more provider version drift

How it works

1Registry API version check
2Dry-plan verification
3Bump PR (one per candidate)
4Evaluation gate
5Human approval
6Apply
7Verify

Safety guarantees

Safety guarantees built in: never proposes major version bumps that could introduce breaking changes. The dry-plan must succeed before any PR is opened — if the upgrade breaks the plan, you never see the PR.

All agents share the same trust pipeline

No special privileges. Every agent proposal goes through OPA policies, Infracost gates, tfsec scanning, and human approval — exactly like your team's changes.

Agent DetectsOpens PROPA + Infracost + tfsecHuman ApprovesApplyVerified
Learn more about the trust architecture →

Start Free Trial — agents included on Team plan

Get all pre-built agents working on your infrastructure in under 30 minutes. Free tier available for small teams.

Start Free TrialRead the Docs