5 min read infrastructure

The Future of IaC PR Reviews: Letting AI Handle the Terraform Tax

The Future of IaC PR Reviews: Letting AI Handle the Terraform Tax

HashiCorp's Terraform has been around for over a decade. It has become the default tool for defining and deploying infrastructure as code. It's declarative, version-controlled, GitOps-friendly, and supposed to bring safety and consistency to infrastructure workflows.

And yet, reviewing Terraform code in pull requests is still hard.

In modern infrastructure workflows, there’s one moment everyone agrees is non-negotiable: the pull request. In game theory, a Schelling point is a solution that people naturally tend to choose in the absence of communication — a focal point that everyone just instinctively recognizes. In infrastructure teams, the pull request has become exactly that: the implicit meeting place where code, context, and accountability converge.

It’s where decisions are made, approvals are granted, and mistakes are caught — or missed. It’s the line of defense where infrastructure moves forward safely or takes on hidden risk. It’s the Schelling point — the shared, silent agreement that this is where infrastructure changes are reviewed, debated, and either approved or rejected. It’s where context meets accountability. And it’s where things often fall apart.

Terraform Reviews Today: Predictable, but Fragile

Over the last few years, teams have adopted tools and workflows to bring more order to Terraform. Internal platforms wrap Terraform in CI/CD pipelines. Tools help manage plans, applies, and environments. Teams write guides to standardize how modules are structured and how changes get approved.

These systems bring a level of consistency that was severely needed. But they stop short where it matters most: the review itself.

Terraform reviews still rely on human reviewers manually scanning the plan, interpreting diffs, and reasoning about consequences. It works — until it doesn’t.

Reviewers miss subtle dependency changes, overlook out-of-band drift, and approve clean-looking plans that actually revert hotfixes. They guess. They hope.

This is the Terraform tax: the invisible cost of reviews that require more cognitive load than our tools support. It's the weight of context that doesn’t live in the code, and too often, doesn’t make it into the conversation.

Problem: Automation Without Judgment

Today’s tooling helps teams enforce workflows. You can require plans before merging, gate applications with approvals, and write policies for tagging, cost controls, and resource naming.

But none of that substitutes for understanding.

These tools don’t know that an IAM change will affect three downstream services, that a recreated resource will break a production database, or that a change will silently undo a console hotfix that hasn’t been codified during an incident.

Terraform plan output doesn’t tell you that a security group you’re deleting is still in use. It doesn’t explain why a change is happening. It doesn’t even tell you when the underlying state is wrong.

What’s missing is a layer of intelligent review — one that sees the bigger picture, spots what matters, and explains it in plain language.

We’re not saying automation is terrible. We’re saying it’s incomplete without judgment—the kind of judgment that comes from understanding intent, impact, and infrastructure in their true context.

A Better Way: AI as The All Seeing Eye

This is where we see AI stepping in — not to replace existing tools, but to augment them.

Terracotta AI believes the pull request is ideal for AI to operate initially. It’s where the infrastructure change is proposed, discussion happens, approval gates are enforced, and most importantly, it’s the last best chance to catch mistakes before they hit production.

At Terracotta AI, we’re building an AI+UX layer that lives directly inside the PR, adding intelligence, context, and visibility where they're needed most.

Here’s how it works:

  • State-aware reviews: Terracotta AI connects to your Terraform state and cloud environment to understand the actual infrastructure being affected, not just what the code says.
  • Drift detection: We identify when your Terraform code is about to wipe out or overwrite live infrastructure that has drifted from the declared state.
  • Dependency analysis: We trace resource relationships across modules and environments to spot unintended side effects.
  • Inline comments: Terracotta AI leaves feedback directly in the PR — explaining risks, highlighting what changed, and suggesting what to double-check.
  • Readable summaries: Every PR gets a human-readable review summary that acts like a staff-level engineer walking you through the change.
  • Cost impact: Get an instant and clear cost analysis of what your changes will introduce to the overall cloud spending budget.
  • AI Chat bot: Ask questions about the changes, the remote state, and everything in between. Terracotta's AI is trained with thousands of best practice guides, cloud provider documents, code examples, security best practices, and so much more.

It’s not just automation. It’s not just rules. It’s AI built for infrastructure, operating at the point of decision that can make or break production environments.

Because it lives in your existing GitHub or GitLab workflow, it doesn’t ask teams to change how they work—it just asks them to work more confidently.

This Isn’t About Replacing Your Stack

To be clear: we’re not trying to replace your CI pipelines or your favorite Terraform wrapper. Those tools are essential for managing scale, enforcing structure, and handling execution.

But they assume human reviewers will do the hard thinking. And increasingly, that assumption is breaking.

Terracotta AI sits on top of these tools — analyzing context, catching edge cases, and giving your reviewers the signal they need to act confidently.

Think of it like pairing with a senior engineer who already understands the stack, the state, and the organizational landmines. One who doesn’t get tired, doesn’t overlook drift, and doesn’t skip the diff review because it’s late on a Friday.

A New Model for Infrastructure Collaboration

Infrastructure is only getting more complex. Multi-cloud, multi-team, multi-pipeline—the surface area keeps growing, but the way we review it hasn’t changed.

We believe it’s time to move beyond automation and into intelligence. We need to bring context into the review, not just code. We need to give engineers tools that actually help them reason, not just execute.

This is the future of IaC PR reviews: AI as your infrastructure agent.

It’s how we reduce toil, prevent outages, and move faster without breaking things.

And it starts in the PR.

Carlos Feliciano

Carlos Feliciano

Founder & CEO of Terracotta AI (YC S23), former director of solutions architecture @OpsRamp, Cloud Connoisseur.
San Francisco Bay Area