Resource Graph
Visualize your infrastructure as an interactive graph showing resources, dependencies, drift, and real-time status.
What is Resource Graph?
Resource Graph transforms your Terraform state files and Kubernetes clusters into interactive visual maps. See how resources connect, identify dependencies, detect drift from live infrastructure, overlay incidents, and get AI-powered insights-all in one powerful view.
IaC / Terraform
Visualize Terraform state files from GitHub or S3. See VPCs, subnets, security groups, instances and their dependencies. Detect drift from live AWS resources.
Kubernetes
Map Deployments to Pods, Services to Endpoints, and Nodes to workloads. Overlay active incidents directly on affected resources.
Key Features
Visual Dependencies
See exactly which resources depend on others. Plan changes with confidence.
Drift Detection
Compare Terraform state to live AWS resources. Identify manual changes.
Incident Overlay
See active Kubernetes incidents directly on affected pods and deployments.
AI Chat
Ask questions about any resource. Get optimization and troubleshooting suggestions.
Cost Analysis
View estimated costs per resource. Get AI recommendations to reduce spend.
Multi-Source
Load state from GitHub repos, S3 buckets, or connect to live Kubernetes clusters.
IaC Resource Graph
Visualize Terraform state files and detect infrastructure drift.
State Sources
Load Terraform state from multiple sources:
GitHub Repository
Browse connected repositories, select branch, and navigate to state files.
• Repository dropdown with all integrations
• Branch selection (default branch first)
• File tree with collapsible directories
• Auto-detects .tfstate files
S3 Backend
Connect directly to S3 buckets storing Terraform state.
• Select AWS integration
• Specify bucket and key path
• Multi-region support
• Automatic file discovery
Terraform Resource Categories
Resources are automatically categorized and color-coded:
Network
VPC, Subnet, Security Group, Load Balancer, NAT Gateway, Route Table
Compute
EC2, Lambda, ECS, EKS, Auto Scaling Group
Storage
S3 Bucket, EBS Volume, EFS, Snapshots
Database
RDS, DynamoDB, ElastiCache, Aurora
Security
IAM Role, IAM Policy, KMS Key, Secrets Manager
Other
CloudWatch, SNS, SQS, and other resources
Dependency Relationships
The graph shows how resources connect:
| Edge Type | Meaning |
|---|---|
| depends_on | Explicit Terraform dependency |
| references | Resource references another's attributes |
| manages | Parent-child relationship (e.g., VPC → Subnet) |
Drift Detection
Compare Terraform state to live AWS infrastructure and identify manual changes ("ClickOps").
How Drift Detection Works
1Parse State - Extract resources and regions from Terraform state
2Scan AWS - Query live resources in detected regions
3Compare - Attribute-level comparison of state vs. live
4Report - Show drifted resources with severity levels
Drift Severity Levels
Critical
Resource deleted
High
Instance type changed
Medium
State changed
Low
Tags modified
Drift Summary
After detection, you'll see:
| Metric | Description |
|---|---|
| Total Resources | Number of resources in state |
| Live Resources | Resources found in AWS |
| Drifted | Resources with differences |
| Critical Drifts | Deleted or severely changed |
| Drift % | Percentage of resources with drift |
Multi-Account Drift Detection
Compare state from one AWS account against live resources in another:
State Source: AWS Account A (S3 backend)
Live Resources: AWS Account B (production)
Use Case: Detect when production drifts from IaC-managed state
Remediation Workflow
When drift is detected:
- Click Fix Drift on any drifted resource
- ops0 passes drift details to IaC chat
- AI writes Terraform code to fix the drift
- Review and apply the changes
Kubernetes Resource Graph
Visualize cluster resources with incident overlay and real-time status.
Kubernetes Resource Types
Deployment
StatefulSet
DaemonSet
ReplicaSet
Pod
Service
Ingress
Node
ConfigMap
Secret
Job
Namespace
Kubernetes Relationships
The graph visualizes key relationships:
| Relationship | Example |
|---|---|
| Ownership | Deployment → ReplicaSet → Pod |
| Scheduling | Node → Pod (which pods run where) |
| Routing | Service → Pod (via label selectors) |
| Ingress | Ingress → Service → Pod |
| Configuration | Pod → ConfigMap, Pod → Secret |
| Containment | Namespace → all resources within |
Filtering & Views
Namespace Filter
View all namespaces or select a specific one. Graph updates dynamically.
Resource Type Filter
Show only Workloads, Services, or All resources.
Show Nodes
Toggle cluster nodes on/off to see pod placement.
Incidents Only
Filter to show only resources with active incidents.
Pod Status Colors
Running
Pending
Creating
Failed
CrashLoop
Incident Overlay
See active incidents directly on the resource graph.
Incident Indicators
Resources with active incidents show:
- Warning icon on the resource node
- Animated pulse indicating active issue
- Severity color (P1 red, P2 orange, P3 yellow)
- Incident count badge showing number of issues
Incident Severity
P1 - Critical
Service down, data loss risk
P2 - High
Degraded performance
P3 - Medium
Non-critical issue
Incident Popover
Click an incident indicator to see:
- Incident title and severity
- Current status (open, acknowledged, resolved)
- Occurrence count
- Last seen timestamp
- Link to full incident details
AI-Powered Features
Get intelligent insights about any resource.
Resource AI Chat
Click the AI button (sparkles icon) on any resource node to:
Analyze Configuration
"What does this security group allow?" • "Explain this IAM policy"
Get Best Practices
"Is this instance type optimal?" • "Should I enable encryption?"
Troubleshoot Issues
"Why is this pod failing?" • "What's causing the connection timeout?"
Optimize Costs
"How can I reduce costs for this instance?" • "Is this RDS oversized?"
Cost Optimization
For AWS resources, AI can:
- Show estimated monthly/hourly costs
- Recommend cheaper instance types
- Suggest Reserved Instance purchases
- Identify unused resources
- Click Implement to create Terraform code for optimizations
Take Action
After AI analysis, click Take Action to:
- Pass recommendations to IaC chat
- Produce Terraform code automatically
- Review and apply changes
Graph Controls
Navigation
| Control | Action |
|---|---|
| Scroll wheel | Zoom in/out (0.1x - 2x) |
| Click + Drag | Pan the view |
| Click node | Select and view details |
| Double-click | Center on node |
| Escape | Deselect all |
Toolbar
| Button | Function |
|---|---|
| Zoom In/Out | Adjust zoom level |
| Fit View | Fit all nodes in viewport |
| Mini-map | Toggle mini-map overlay |
| Refresh | Reload resource data |
| Detect Drift | Run drift detection (IaC) |
Resource Details Panel
Click any node to open the details panel.
Information Shown
| Section | Content |
|---|---|
| Overview | Name, type, ID, namespace/region |
| Status | Running, pending, failed with colored badge |
| Replicas | Ready/desired count (Kubernetes) |
| Labels | Kubernetes labels as badges |
| Attributes | Full resource data (JSON or table view) |
| Dependencies | Resources this depends on |
| Dependents | Resources that depend on this |
| Drift | State vs. live differences (IaC) |
| Incidents | Active incidents (Kubernetes) |
Attribute Views
JSON View
Syntax-highlighted, expandable/collapsible sections, copy to clipboard, clickable URLs
Table View
Flattened key-value pairs, type-aware styling, property count, copy all
Example: Terraform State Graph
Visualizing a VPC setup with EC2 instances:
┌─────────────────────────────────────────────────────────────────┐
│ Resource Graph │
│ production-vpc • 24 resources • Last synced: 2 min ago │
├─────────────────────────────────────────────────────────────────┤
│ │
│ ┌──────────────┐ │
│ │ aws_vpc │ │
│ │ production │ │
│ │ ● Running │ │
│ └──────┬───────┘ │
│ ┌───────────┼───────────┐ │
│ ▼ ▼ ▼ │
│ ┌────────────┐ ┌────────────┐ ┌────────────┐ │
│ │ subnet │ │ subnet │ │ igw │ │
│ │ public-1a │ │ public-1b │ │ main │ │
│ │ ● Running │ │ ● Running │ │ ● Running │ │
│ └─────┬──────┘ └─────┬──────┘ └────────────┘ │
│ │ │ │
│ └───────┬──────┘ │
│ ▼ │
│ ┌────────────┐ │
│ │ aws_sg │ │
│ │ web-sg │ │
│ │ ● Running │ │
│ └─────┬──────┘ │
│ ┌────────┼────────┐ │
│ ▼ ▼ ▼ │
│ ┌──────────┐┌──────────┐┌──────────┐ │
│ │ instance ││ instance ││ instance │ │
│ │ web-1 ││ web-2 ││ web-3 │ │
│ │● Running ││● Running ││⚠ Drifted │ │
│ └──────────┘└──────────┘└──────────┘ │
│ │
│ Legend: ● Running ⚠ Drifted ✕ Failed │
└─────────────────────────────────────────────────────────────────┘
Example: Investigating Drift
When drift is detected on a resource:
aws_instance.web-3
DriftedDrift Summary
2 attributes changed since last terraform apply
Changes Detected
instance_type:t3.medium→t3.largeHigh
monitoring:false→trueLow
Example: Kubernetes Resource Graph
Visualizing a Deployment with incidents:
┌─────────────────────────────────────────────────────────────────┐
│ Resource Graph - Namespace: api-gateway │
│ Incidents: 1 active │
├─────────────────────────────────────────────────────────────────┤
│ │
│ ┌──────────────┐ │
│ │ Ingress │ │
│ │ api-gateway │ │
│ │ ● Active │ │
│ └──────┬───────┘ │
│ ▼ │
│ ┌──────────────┐ │
│ │ Service │ │
│ │ api-gateway │ │
│ │ ● Active │──────┐ │
│ └──────┬───────┘ │ │
│ ▼ ▼ │
│ ┌──────────────┐ ┌──────────────┐ │
│ │ Deployment │ │ HPA │ │
│ │ api-gateway │ │ api-gateway │ │
│ │ ⚠ 2/3 Ready │ │ 3→10 replicas│ │
│ └──────┬───────┘ └──────────────┘ │
│ │ │
│ ┌─────────┼─────────┐ │
│ ▼ ▼ ▼ │
│ ┌──────┐ ┌──────┐ ┌──────┐ │
│ │ Pod │ │ Pod │ │ Pod │ │
│ │-2xkjp│ │-9vwrt│ │-kp3mn│ │
│ │● Run │ │● Run │ │🔴 P1 │ ← CrashLoopBackOff │
│ └──────┘ └──────┘ └──────┘ │
│ │
│ Legend: ● Running ⚠ Warning 🔴 Incident │
└─────────────────────────────────────────────────────────────────┘
Clicking the incident indicator on Pod -kp3mn shows:
P1 - Critical5 occurrences
CrashLoopBackOff: Missing DB_PASSWORD environment variable
Last seen: 2 minutes ago