Does InfraTwin make changes to my cloud?

No. InfraTwin is read-only against your live environment. Every simulation runs against a separate, in-memory model. No connector role we ask for ever includes write or mutate permissions to production.

How long does it take to see value?

Most teams connect their first cloud account, repo, and CI in under an hour. Simulation results show up on the next pull request you open. Median customers see measurable incident reduction inside the first 90 days.

Which clouds and IaC tools are supported?

AWS, Google Cloud, Azure, and Oracle Cloud are first-class. We support Terraform, OpenTofu, Pulumi, AWS CDK, and Crossplane for infrastructure-as-code, plus Helm and raw Kubernetes manifests. The connector catalog is in the integrations section.

How is this different from a Terraform plan?

A plan tells you which resources will change. InfraTwin tells you what will happen — to latency, error budgets, cost, IAM exposure, and dependent services — under realistic load. It runs on top of the plan, not instead of it.

How does pricing work?

InfraTwin is priced per environment under management, not per seat. Every plan includes unlimited users, unlimited pull request simulations, and unlimited integrations. We offer annual commitments and multi-year agreements for enterprise.

What about data residency and compliance?

We are SOC 2 Type II and ISO 27001 certified. You can choose US or EU regional deployments, or run a single-tenant instance inside your own VPC. Customer-managed encryption keys are available on Enterprise plans.

Can InfraTwin run inside our network?

Yes. The control plane is available as a single-tenant cloud deployment or as a private install for regulated environments. Connectors run with least-privilege roles, and the data plane can be kept entirely inside your perimeter.

Do you support GitHub, GitLab, and Bitbucket?

All three. InfraTwin posts simulation verdicts as native PR checks and merge-blocking statuses. Reviewers see the same verdict whether they live in GitHub Enterprise, GitLab self-managed, or Bitbucket Data Center.

Now in general availability — InfraTwin 2.0

Simulate any change before you ship it.

InfraTwin is the cloud infrastructure digital twin. It mirrors your real environment and replays every Terraform, Kubernetes, IAM, and cost change against it — so you ship with evidence, not hope.

Start a simulation Watch a 90-second demo

Mirrors AWS, GCP, Azure & Kubernetes
Read-only by design · SOC 2 Type II
Verdict on every pull request, in seconds

Topology · payments domainLive twin · refreshed 12s ago

Healthy At risk Impacted

ALBedge.api

payments-apiEKS · prod

auth-svcEKS · prod

eventsMSK · 6 brokers

ledger-dbRDS · multi-AZ

vaultHSM-backed

warehouseRedshift

2 services impacted · ledger-db saturation +18%Blast radius: 3 services

Blast radius

3 svc+1

Detected upstream impact

Cost delta

+$1.8k1.1%

30-day forecast

62ModerateChange risk · this PR

Verdict: ship with caution

2 services impacted · 1 IAM escalation flagged

InfraTwin Review · summaryPR #1284 · feat/rate-limit-policy

Generated in 1.2s

This change scales payments-api to 14 replicas and upgrades the ledger DB to a 2xlarge with multi-AZ. The twin verifies p99 stays under 220ms at simulated peak. One IAM escalation introduces broader S3 delete permissions — likely unintended.

Saturation risk in fraud-scoring
Predicted CPU 81% under historical Friday peak. HPA ceiling is 18 — recommend lifting to 24 to keep p99 under 220ms.
IAM escalation on payments-ci
Role gains DeleteObject on ledger-archives/*. Not in original PR description. Recommend scoping to ledger-archives/staging/*.
Cost delta within budget
Monthly forecast +$1,820 (1.1%). Driven by db.r6g.2xlarge upgrade. Reserved-instance coverage absorbs 64%.

Suggested next steps attached as PR commentsConfidence 94%

Trusted by platform, SRE, and FinOps teams at high-stakes organizations

NBNorthwind Bank

HXHelix Health

PLPleiades Logistics

CRConvex Robotics

STStratum Telco

L&FLumen & Forge

AAAtlas Aviation

QEQuanta Energy

FCFerrous Capital

HSHyperion Studios

NBNorthwind Bank

HXHelix Health

PLPleiades Logistics

CRConvex Robotics

STStratum Telco

L&FLumen & Forge

AAAtlas Aviation

QEQuanta Energy

FCFerrous Capital

HSHyperion Studios

The cost of shipping blind

Production keeps surprising teams that shouldn't be surprised.

Cloud platforms have grown faster than the tools that review changes to them. Static plans, after-the-fact dashboards, and tribal knowledge aren't enough.

Terraform plans hide what they actually change

A plan tells you the resources. It doesn't tell you which services lose quorum, which SLOs slip, or which dashboards turn red at 3am.

Cost shows up in the invoice, not the pull request

By the time finance flags the spike, the workload has been running for three weeks and the engineer has moved on to the next thing.

IAM drifts faster than reviews can catch

Every merge tweaks a role, a binding, a policy. Quarterly audits surface what should have been caught at PR time.

Staging never matches production

Different scale, different data shapes, different traffic. Green in staging means almost nothing about Tuesday at 2pm in production.

InfraTwin closes the gap between intent and outcome — before the deploy, not after.

How InfraTwin works

Mirror. Propose. Simulate. Decide.

Four steps. The same loop you already use in code review — applied to your entire cloud.

01Step 1 of 04
Mirror
InfraTwin connects to AWS, GCP, Azure, and your Kubernetes clusters. It builds a continuous, read-only model of your real environment — topology, configuration, traffic shape, cost surface, and policy state.
01
Mirror
- AWS · 3 accounts1,284 resources mirrored
- Kubernetes · 6 clusters98% topology coverage
- Datadog · live traffic shapeReplay-ready
aws.twin.connected
gcp.twin.connected
azure.twin.connected
02Step 2 of 04
Propose
Open a pull request. Push a Terraform plan. Commit a Helm chart. InfraTwin attaches to your CI and captures the proposed change as a scenario against the live twin.
02
Propose
- PR #1284 · payments-apifeat/rate-limit-policy
- + 4 added · ~ 3 changedTerraform plan attached
- CI hook · GitHub ActionsTriggered by pull_request
aws.twin.connected
gcp.twin.connected
azure.twin.connected
03Step 3 of 04
Simulate
We replay realistic load, dependencies, and failure modes against the twin. Reliability, latency, cost, and security signals are evaluated together — not in four separate tools.
03
Simulate
- Reliability twin · runp99 = 218ms · within SLO
- Cost twin · run+$1,820 / month
- IAM twin · run1 escalation flagged
aws.twin.connected
gcp.twin.connected
azure.twin.connected
04Step 4 of 04
Decide
Reviewers see a single verdict: what changes, what breaks, what costs more, and which roles gain access. Approve, request changes, or block — directly from GitHub, GitLab, or Bitbucket.
04
Decide
- Verdict · ship with caution2 reviewers required
- Merge gate · blockinguntil IAM scope reduced
- Slack · platform-changesNotified · 3 owners
aws.twin.connected
gcp.twin.connected
azure.twin.connected

Terraform Twin

Terraform plans tell you what changes. We tell you what happens.

InfraTwin runs every plan against a live model of your infrastructure. Reviewers see effects on services, cost, and access — alongside the diff.

Every plan turns into a verdict
InfraTwin reads your Terraform, OpenTofu, Pulumi, or Crossplane plan and simulates it against the live twin in seconds.
Diff includes downstream effects
Not just resource changes — the services, dashboards, and policies that depend on them.
Drift detection, continuously
Catch declarations that no longer match reality before they break the next deploy.
Module-aware reviews
Reviewers see ownership and historical impact for each module, not a wall of HCL.

payments_api.tfPlan #4821 · branch feat/rate-limit-policy

4 1 3

# module.payments_api.aws_ecs_service.api

~~ desired_count = 8 -> 14

# tags propagated to task

# module.payments_api.aws_security_group_rule.ingress

-- cidr_blocks = ["10.42.0.0/16"]

++ cidr_blocks = ["10.42.0.0/16", "10.51.0.0/16"]

# module.warehouse.aws_db_instance.analytics

~~ instance_class = db.r6g.large -> db.r6g.2xlarge

~~ allocated_storage = 200 -> 600

++ multi_az = true

Twin verdict: ship with caution

Reviewed in 38s

Reliability Insights

Predict the incident. Then prevent it.

Latency, saturation, error budgets, and dependency blast radius — simulated together against realistic traffic shapes.

Forecast · payments-api

24-hour latency simulation, post-change

p50 p95 p99

p99 latency

218ms12ms

Error budget burn

−9%vs current

MTTR (simulated)

4m32s−42%

SLO compliance

99.93%within target

Latency forecasting

Predict p50, p95, and p99 changes per service before the change ships.

Error budget impact

See exactly how much budget a release is likely to burn under realistic load.

Dependency blast radius

Map upstream and downstream effects across every team's services.

Capacity headroom

Catch saturation risks before autoscalers fall behind real traffic.

Cost Forecasting

See the invoice before you merge it.

Every pull request gets a 30-day forecast — broken down by service, team, and commitment coverage. FinOps becomes a code-review checkbox.

30-day forecast

Monthly cost projection on every pull request, broken down by service and team.

Budget guardrails

Block merges that push a service or environment past its committed budget.

Idle and overprovisioned

Surface unused capacity continuously, not in a quarterly cleanup.

Reserved & savings plans

Forecast commitment utilization before sales pressure forces a decision.

Forecast · prod-aws

30-day cost trajectory · after this PR

Current After change

Monthly delta

+$1,8201.1%

Reserved coverage

64%+4%

Waste recovered

−$18.3kthis quarter

Idle workloads

12ready to retire

IAM & Cloud Security

Catch privilege escalations at PR time, not at audit time.

InfraTwin computes effective access before and after each change. Reviewers see who gains what — across roles, federation, and service accounts.

Effective access diff

Compare resolved permissions before and after the change, not just policy syntax.

Privilege escalation

Detect role chains that quietly grant admin-equivalent access across accounts.

Policy drift

Catch silent drift between declared IaC and the live state of your cloud.

Sensitive resource exposure

Flag any change that broadens access to data stores, secrets, or production keys.

Audit-grade trail on every approval

Every simulation, verdict, and decision is logged with attribution and timestamps.

Effective access · diffprod-aws · 5 principals affected

1 escalation

role/payments-cikms:eu-west-1:ledger-key

Decrypt, ReEncrypt

Added

role/payments-cis3:ledger-archives/*

PutObject, DeleteObject

Escalation

role/warehouse-runnersecretsmanager:prod/stripe-webhook

GetSecretValue

Added

role/legacy-reportsrds:prod-ledger

Connect (legacy)

Removed

role/sre-botec2:Describe*

ReadOnly

Unchanged

Net change: +2 permissions · 1 removedMerge blocked pending review

Kubernetes rollout simulationeks-prod-eu1 · helm chart v4.18.2

Probes simulated

payments-apiprod

Replicas 8 → 14 · rollout: Healthy

4m32s

CPU64%

Mem71%

Saturation58%

fraud-scoringprod

Replicas 12 → 18 · rollout: Degraded

4m32s

CPU81%

Mem88%

Saturation79%

ledger-writerprod

Replicas 6 → 6 · rollout: Healthy

4m32s

CPU48%

Mem52%

Saturation35%

1 workload near saturation · suggest +HPA cap to 24 No PodDisruption regressions

Kubernetes Replay

Cluster changes you can trust before kubectl apply.

Schedule, scale, and rollout behavior simulated across clusters — including NetworkPolicies, service meshes, and disruption budgets.

Workload replay

Replay realistic pod scheduling, autoscaling, and disruption behavior in the twin.

Multi-cluster aware

Reason across clusters, namespaces, and federated services in one model.

Network & policy

Simulate NetworkPolicies, service meshes, and east-west traffic before rollout.

Rollout safety

Catch poison-pill manifests, drift, and broken probes before production.

AI-assisted review

An expert reviewer on every PR. Trained on your environment.

InfraTwin's assistant reads the diff, the simulation results, and your history — then writes a review the way your most senior engineer would.

Plain-English change review

Every PR gets a one-paragraph summary: what changes, what's risky, what to ask the author.

Recommended fixes

When the twin flags a regression, the assistant proposes a concrete change — not generic advice.

Root-cause hypotheses

Correlate simulated failures with the specific configuration lines that introduced them.

Faster postmortems

Replay the incident scenario in the twin to confirm what would, and wouldn't, have prevented it.

Private model · your data never leaves the region

Bring your own LLM provider or run on InfraTwin's regional inference.

See architecture

InfraTwin Review · summaryPR #1284 · feat/rate-limit-policy

Generated in 1.2s

Saturation risk in fraud-scoring
Predicted CPU 81% under historical Friday peak. HPA ceiling is 18 — recommend lifting to 24 to keep p99 under 220ms.
IAM escalation on payments-ci
Role gains DeleteObject on ledger-archives/*. Not in original PR description. Recommend scoping to ledger-archives/staging/*.
Cost delta within budget
Monthly forecast +$1,820 (1.1%). Driven by db.r6g.2xlarge upgrade. Reserved-instance coverage absorbs 64%.

Suggested next steps attached as PR commentsConfidence 94%

Integrations

Drops into the stack you already run.

Connect what you have. InfraTwin works with the clouds, IaC tools, CI systems, and observability platforms you already invest in.

Clouds

AWS
Google Cloud
Microsoft Azure
Oracle Cloud

IaC

Terraform
OpenTofu
Pulumi
AWS CDK
Crossplane

Kubernetes

EKS
GKE
AKS
OpenShift
Helm
Argo CD
Flux

VCS & CI

GitHub
GitLab
Bitbucket
GitHub Actions
CircleCI
Buildkite

Observability

Datadog
Grafana
New Relic
Honeycomb
Splunk

Security

Wiz
Snyk
Vault
Okta
Entra ID
Open Policy Agent

Comms

Slack
Microsoft Teams
PagerDuty
Opsgenie
Linear
Jira

Data

Snowflake
Databricks
BigQuery
Confluent
MongoDB Atlas

Need something custom? The connector SDK lets platform teams add anything with a public API.

Outcomes

Measurable change in 90 days.

What our customers report — across midmarket, enterprise, and regulated industries.

Change failure rate

−71%

Median, mid-market customers

MTTR for change-induced incidents

−54%

Across surveyed deployments

Cloud waste eliminated

23%

Average annualized recovery

Engineering hours returned

11k+

Per 100-engineer org, per year

Built for the teams who carry the pager

Different roles. Same loop. One platform.

Platform, SRE, FinOps, and security teams use the same twin — so a single simulation answers everyone's question.

Platform Engineering

Standardize how every team ships infrastructure

Give every team a paved path with simulation built in. Block unsafe patterns at PR time, not in a wiki nobody reads.

Site Reliability

See incidents before they happen

Replay realistic load and dependencies. Burn fewer error budgets. Spend on-call time on the surprises, not the avoidable.

FinOps

Stop spend at the pull request

Every change shows its monthly cost delta. Enforce budgets where decisions are made — in code review, not in a spreadsheet.

Cloud Security

Catch IAM drift before merge

Diff effective access on every change. Audit-grade evidence for every approval. Drift detection that runs continuously.

Read customer stories

Voices from the platform

Teams who replaced anxiety with evidence.

“InfraTwin caught a Terraform change that would have removed a security group used by a service two teams away. Plan looked clean. The twin showed the blast radius in 40 seconds. That alone paid for the year.”

“Our cost reviews used to be a monthly ritual of guilt and surprise. Now the cost delta is on every PR. We've cut waste by twenty-three percent and we sleep more.”

“We replaced three tools — a drift detector, a cost forecaster, and a homegrown IAM diff bot — with one platform. Reviewers see a single verdict and the team actually trusts it.”

“We had a release that would have saturated our payments cluster on Black Friday. InfraTwin flagged it in CI. The fix was a four-line autoscaler change. Zero customer impact.”

“The IAM preview is the feature that sold the security team. We can finally see effective access change per PR, not just policy text. Audit prep dropped from two weeks to two days.”

“It feels like staging finally tells the truth. The twin gives us realistic confidence, not theater. Our change failure rate is down to under three percent.”

Enterprise & security

Architected for the environments that can't afford a misstep.

InfraTwin is built like the systems you're protecting — least-privilege, regional, auditable, and reversible by design.

SOC 2 Type IIISO 27001GDPRHIPAA-readyFedRAMP Moderate (in process)PCI DSS environment

SOC 2 Type II & ISO 27001

Independently audited controls. Annual penetration testing. Continuous monitoring of the platform that monitors yours.

Read-only by design

InfraTwin never mutates your cloud. Connector roles are least-privilege, scoped, and rotated automatically.

Regional residency

Run InfraTwin in the US, EU, or your own VPC. Configuration and telemetry never leave the region you choose.

SSO, SCIM & audit log

SAML, OIDC, SCIM provisioning, scoped API tokens, and a tamper-evident audit log. Every action attributable.

Customer-managed keys

Bring your own KMS for at-rest encryption. Disable HeapOverflow access entirely with break-glass approval.

Private deploy options

Single-tenant cloud, dedicated infrastructure, or on-prem control plane for regulated environments.

Need our security package, an architecture review, or BAA?

Trust Center has every policy, sub-processor, and audit report under NDA-free download.

Visit Trust Center Request architecture review

Pricing

Priced per environment. Never per seat.

Reviewers, approvers, and the team running it should never be billing line items. Buy the simulation, not the chair.

Team

For growing engineering orgs adopting simulation in code review.

$2,400per environment / month

Up to 3 cloud environments
Unlimited users & PR simulations
Terraform · Kubernetes · IAM · Cost
GitHub, GitLab, Bitbucket integrations
Standard support · email & Slack Connect
SSO via Google Workspace, GitHub, Microsoft

Start a simulation

Business

For platform teams running mission-critical infrastructure at scale.

$6,800per environment / month

Unlimited environments
Everything in Team, plus
Custom policy authoring & enforcement
Advanced cost models · multi-account FinOps
Priority support · 30-minute SLA
SAML SSO, SCIM provisioning, audit log export
Architectural reviews on roadmap items

Talk to sales

Enterprise

For regulated, multi-region, or single-tenant deployments.

Customannual agreement

Single-tenant cloud or private deployment
Customer-managed encryption keys (BYOK)
Regional data residency (US, EU, custom)
Dedicated solutions engineer
24/7 support · 15-minute SLA · named on-call
Procurement-friendly MSA & DPA
FedRAMP Moderate roadmap support

Request pricing

All plans include unlimited users, unlimited integrations, and unlimited pull request simulations. Annual agreements available with multi-year discounting.

Frequently asked

The questions reviewers ask first.

Short, direct answers. Our docs go deeper, and our team is happy to talk specifics.

Still curious?

A solutions engineer responds within one business day.

Talk to a person

Ready when you are

Ship the next change with evidence behind it.

Most teams open their first simulation within an hour and see measurable incident reduction in the first 90 days. We'll show you what that looks like in your environment.

Connect your first cloud account in under an hour
First simulation on your next pull request
Read-only by design — your environment is untouched

Start a simulation Book a guided walkthrough

No credit card. No connector that can mutate your cloud. Cancel any time.