Skip to main content

Change Analysis Process

Overmind's change analysis follows a structured timeline that transforms your Terraform plan into actionable insights. Understanding this process helps teams know what to expect during their deployment workflow.

How Change Analysis Works​

When you run overmind terraform plan, Overmind initiates a multi-step analysis process that examines your proposed changes. Each step builds on the previous one, culminating in identified risks that are displayed above the timeline in the UI.

The analysis follows this sequence:

1. Mapping Resources​

The process begins when Overmind receives your Terraform plan. During this step:

  • Parses the Terraform plan output
  • Strips sensitive data while preserving change information
  • Matches each Terraform resource to its corresponding cloud resource
  • Resources with known mappings are processed for dependency analysis
  • Resources without mappings are noted but skipped

Successfully mapped resources are counted and displayed, showing you exactly which resources Overmind can analyze.

2. Simulating Blast Radius​

With mapped resources identified, Overmind simulates the blast radius to understand the potential scope of impact:

  • Dependency Discovery: Uses real-time API calls to discover relationships between resources
  • Cross-Service Mapping: Identifies connections across different cloud services and accounts
  • Impact Scope: Determines which resources might be affected by your changes
  • Metrics: Reports the total number of items and edges (connections) in the blast radius

The blast radius includes both direct dependencies (resources you're changing) and indirect ones (resources that depend on what you're changing).

3. Recording Observations​

As the blast radius is calculated, Overmind records observations about your infrastructure:

  • Captures the current state and configuration of affected resources
  • Documents relationships and dependencies discovered during analysis
  • Notes configuration details relevant to understanding potential impacts

These observations provide the foundation for the next analysis phases.

4. Forming Hypotheses​

Using the recorded observations and blast radius data, Overmind's AI forms hypotheses about potential risks:

  • Analyzes patterns in your infrastructure changes
  • Identifies scenarios that could lead to issues
  • Considers how changes might cascade through connected resources
  • Generates detailed hypotheses about potential impacts

Each hypothesis includes a description of the potential issue and the reasoning behind it.

5. Investigating Hypotheses​

Overmind then investigates each hypothesis to validate or refine it:

  • Gathers additional evidence from the infrastructure graph
  • Evaluates the likelihood and severity of each potential issue
  • Confirms or rules out hypothesized risks
  • Classifies validated risks by severity (High, Medium, Low)

Risks Found: If risks are identified, they are displayed prominently above the change analysis timeline in the UI. Each risk includes:

  • A title summarizing the issue
  • Severity level (High, Medium, or Low)
  • Detailed explanation of the potential impact
  • The reasoning and evidence behind the assessment

After Analysis: Apply Tracking​

When you proceed with overmind terraform apply, additional tracking occurs:

Change Started​

Marks the beginning of actual infrastructure modifications:

  • Takes a snapshot of the current state for comparison
  • Activates change monitoring

Change Finished​

Upon completion of the apply process:

  • Records the end time of infrastructure changes
  • Triggers post-change validation
  • Enables before/after comparison

Change Validation​

Verifies that changes were applied correctly:

  • Checks that resources match expected configurations
  • For container deployments, verifies correct image hashes
  • Ensures the actual infrastructure state matches intended changes

Timeline Characteristics​

The change analysis timeline has several important characteristics:

  • Sequential Processing: Each step builds on the previous one's output
  • Flexible Timing: Steps may take varying amounts of time based on infrastructure complexity
  • Partial Success: Some steps can succeed even if others encounter issues
  • Real-time Updates: Progress is shown as each step completes

Status Tracking​

Each step in the timeline tracks:

  • Duration: How long the step took to complete
  • Status: Success, in progress, or error
  • Metrics: Relevant counts (resources mapped, items in blast radius, hypotheses formed, etc.)