Using the Terracotta AI Bot in Pull Requests
🤖 Using the Terracotta AI Bot in Your PR
The Terracotta AI bot is always available in your pull request to provide real-time, contextual support for infrastructure-related questions.
🔍 What It Can Do
The bot can answer questions related to:
-
Terraform syntax, modules, resources, and usage
-
CDK for Terraform (CDK-TF) in TypeScript
-
Cloud provider services like AWS, GCP, Azure
-
Contextual understanding of your PR, including:
- The full diff
- The surrounding IaC code
- The overall repository structure
This means you can ask about:
- Why a particular line in the PR might cause a misconfiguration
- What a specific module does
- How does a change impact the infrastructure as a whole
- Security or cost implications of changes
💬 How to Ask Questions
You can engage with the bot directly inside a PR comment:
- Mention the bot directly:
@try-terracotta What does this IAM role allow?- Use the
tc:shorthand:
tc: What resources will be created from this diff?The bot will respond contextually within the same thread, utilizing knowledge of your repository and IaC tooling.
The bot understands context across the repo, so feel free to ask high-level architecture or drift-related questions.
🛠️ Command Reference
All commands are typed as PR comments. They trigger specific analysis tasks and post results in the same thread.
Terraform Commands
| Command | Description |
|---|---|
tc:review | Full AI code review with structured findings, severity ratings, and fix suggestions |
tc:plan | Run terraform plan and analyze security, cost, and blast radius |
tc:summary | High-level summary of infrastructure changes in the PR |
tc:cost | Monthly and annual cost impact estimation for proposed changes |
tc:drift | Compare Terraform state against live cloud resources for drift |
tc:guard | Check PR against your organization's custom guardrail policies |
tc:conflict | Detect resource conflicts across active PRs modifying Terraform in parallel |
tc:blast-radius | Map downstream impact — direct dependencies, transitive effects, cross-stack risks |
tc:deps | Analyze module-level topology, critical paths, and single points of failure |
tc:architecture | Generate a Mermaid infrastructure diagram of the resource dependency graph |
Security Commands
| Command | Description |
|---|---|
tc:iam | Deep-dive IAM analysis — privilege escalation, wildcard actions, overly broad trust policies |
tc:tag | Validate resource tagging against organizational standards |
Kubernetes Commands
| Command | Description |
|---|---|
tc:k8s-review | Detailed code review of Kubernetes manifests with structured findings |
tc:k8s-security | Audit RBAC, pod security standards, and privilege escalation risks |
tc:k8s-validate | Validate YAML syntax, schema compliance, and manifest correctness |
tc:k8s-resources | Analyze resource requests, limits, and CPU/memory allocation |
tc:k8s-summary | Summarize all Kubernetes manifest changes in the PR |
tc:k8s-guard | Validate K8s manifests against your organization's guardrail policies |
tc:k8s-conflict | Detect conflicts in K8s manifests across multiple open PRs |
🔍 Full API Reference
For programmatic access to these same commands, see the Terracotta API documentation.
📋 TL;DR
- Mention
@try-terracottaor usetc:prefix to interact with the bot in any PR - 10 Terraform commands, 2 security commands, and 7 Kubernetes commands available
- The bot has full context of your repo, diff, and infrastructure state
- All commands post structured findings with severity ratings and fix suggestions
Updated 2 days ago