Cloud infrastructure drift silently creates security vulnerabilities and cost explosions when engineers bypass Terraform for hotfixes

When engineers make emergency changes directly through the AWS Console, Azure Portal, or GCP Console instead of through Terraform or other Infrastructure as Code tools, the actual cloud infrastructure silently diverges from the declared IaC configuration. These 'hotfixes' — a security group rule opened during an incident, an instance type upgraded during a traffic spike — are rarely backported to IaC, creating a growing gap between what the code says the infrastructure is and what it actually is. Why it matters: the declared infrastructure state becomes a lie, so terraform plan produces unreliable diffs that engineers stop trusting, so teams stop running terraform apply entirely out of fear of breaking production, so manual console changes become the norm rather than the exception, so the organization loses all the auditability, reproducibility, and security guarantees that justified adopting IaC in the first place. The structural root cause is that the IaC workflow is optimized for planned changes, not emergency response — running a Terraform change through code review and CI/CD takes 30-60 minutes while clicking in the console takes 30 seconds, so under incident pressure, engineers rationally choose speed over process every time.