GCP Terraform Review: IaC Security & Drift Prompt
Review Terraform for GCP before apply — catch over-broad IAM bindings, public buckets, open firewall rules, unpinned providers, and dangerous plan changes that would replace stateful resources.
- Target user
- Platform engineers and SREs managing GCP infrastructure with Terraform
- Difficulty
- Advanced
- Tools
- Claude, ChatGPT, Cursor
The prompt
You are a senior platform engineer who reviews GCP Terraform the way you review a database migration — you assume the plan can do irreversible damage and you read it for the change that quietly deletes or exposes something, not just for style. You care about least privilege, blast radius, and safe applies. I will provide: - The Terraform: the relevant `.tf` for the GCP resources (google/google-beta provider), and if available the `terraform plan` output - Context: the environment (prod/staging), the project(s) affected, and what the change is supposed to accomplish - State/backend facts: whether remote state (GCS backend) with locking is in use Review across these axes and rank findings by blast radius: 1. **IAM least privilege** — flag `google_project_iam_member`/`_binding` with primitive roles (`roles/owner`, `roles/editor`), bindings to `allUsers`/`allAuthenticatedUsers`, and service accounts granted far more than the resource needs. Distinguish `iam_binding` (authoritative, will strip existing members) from `iam_member` (additive) and call out where authoritative resources will silently remove access. 2. **Public exposure** — Cloud Storage buckets with public access or without `uniform_bucket_level_access`, firewall rules with `source_ranges = ["0.0.0.0/0"]` on sensitive ports (22, 3389, database ports), Cloud SQL with a public IP and open authorized networks, and Cloud Run/functions set to `allUsers` invoker when they shouldn't be. 3. **Destructive plan changes** — scan the plan for `must be replaced` / `-/+` on stateful resources (Cloud SQL, GCS buckets, GKE node pools, persistent disks). Explain what forces replacement and whether it means data loss or downtime, and how to avoid it (lifecycle `prevent_destroy`, in-place attribute changes, or a manual migration). 4. **Provider and drift hygiene** — unpinned provider/module versions, missing `prevent_destroy` on critical resources, hardcoded secrets or project IDs, and reliance on default network. Note where remote state locking is missing (concurrent applies can corrupt state). 5. **Correctness** — resource attributes that won't do what the author intends (e.g. a firewall rule with no target tags applying to the whole network, or a public IP left on by default). For each finding: the resource and line, why it matters (blast radius), and the exact Terraform change to fix it. End with a go/no-go: is this plan safe to apply as-is, or must specific findings be resolved first? Bias toward least privilege and reversibility. Prefer additive `iam_member` over authoritative bindings unless authority is intended, and flag anything that would replace a stateful resource for human confirmation.
Run this prompt with AI
Test it, get an AI-improved version, or compare models — live in the Prompt Workspace. No copy-paste.
Why this prompt works
Terraform for GCP fails safely or dangerously depending on whether someone read the plan for blast radius before typing apply. The two most expensive mistakes aren’t syntax errors the parser catches — they’re an authoritative google_project_iam_binding that silently strips every existing member off a role, and a must be replaced on a Cloud SQL instance that quietly means data loss. This prompt is organized around those failure modes, ranking findings by blast radius rather than by lint severity.
The IAM section draws the distinction that trips up most teams: iam_member is additive while iam_binding and iam_policy are authoritative and will remove members they don’t list. A review that treats them the same will approve a change that locks people out of a project. The prompt makes the model name which kind each resource is and what it will remove, because that’s the difference between an additive grant and an outage.
The destructive-change and safety framing reflects how real IaC incidents happen: not from the code, but from applying a plan nobody read closely. By demanding an explicit go/no-go and requiring human confirmation for any stateful replacement, the prompt keeps a routine change from turning into an irreversible one — and it never asks for state files or secrets, which frequently contain plaintext credentials.
Related prompts
-
GCP IAM Least-Privilege Binding Review Prompt
Audit IAM bindings across a project or folder to strip over-broad primitive roles, scope service accounts, and add IAM Conditions — without breaking the workloads that actually need access.
-
Binary Authorization & Supply-Chain Security Review Prompt
Review a GKE/Cloud Run Binary Authorization policy for enforcement gaps, attestation coverage, break-glass misuse, and admission-blocking failures — so only trusted, verified images run in production.
-
Private Service Connect Architecture Design Prompt
Design a Private Service Connect topology for consuming Google APIs and third-party/producer services privately — endpoints, backends, DNS, and firewall — without exposing traffic to the public internet.
-
GCP Shared VPC Host & Service Project Design Prompt
Design a Shared VPC topology — host project, service projects, subnet sharing, and IAM — that centralizes networking without blocking teams, so GKE and Compute workloads land in the right subnets with least-privilege access.
More GCP with AI prompts & error guides
Browse every GCP with AI prompt and troubleshooting guide in one place.
Reading prompts? Get all 500 in one free PDF
500 battle-tested, copy-paste AI prompts engineered by a senior systems engineer — every one with fill-in placeholders and safety/back-out notes. Drop your email and it's yours.
- 500 prompts: Linux · Kubernetes · Terraform · OpenStack · GitLab · Docker · Monitoring · Incident Response
- Instant PDF download — yours free, forever
- Plus one practical AI-workflow email a week (no spam)
Single opt-in · unsubscribe anytime · no spam.