Here's a scenario every DevOps engineer has lived through at least once. You set up drift detection for your Terraform infrastructure. Maybe it's a cron job running terraform plan , maybe it's a fancier tool. Either way, it works. It finds drift. It sends alerts. The problem is it finds everything . Tag changes. Description updates. Auto-scaling group adjustments. Security group modifications. Instance type changes. All of it lands in the same Slack channel with the same urgency. For the first week, your team looks at every alert. By week three, people start skimming. By month two, that Slack channel is muted. I know this because it happened to us. And buried in that noise? A security group change that opened SSH to the internet. Nobody caught it for eleven days. The core problem isn't detection. It's prioritization. terraform plan is perfectly capable of detecting drift. It's been doing it since 2014. The detection part is solved. What isn't solved is the question that comes after detection: so what?…