Scan Scheduling

Automate infrastructure drift detection with scheduled scans.

Overview

Scheduled scans allow you to:

Automatically detect drift on a regular basis
Catch unauthorized changes quickly
Maintain infrastructure compliance
Reduce manual monitoring effort

Scheduling applies to both repository scans (Terraform drift detection) and cloud discovery scans (AWS, Azure, and GCP resource enumeration). Cloud discovery scheduled scans create one scan per active Cloud Account on the configured interval.

Setting Up Schedules

Repository-Level Schedule

Set a default schedule for all workspaces:

Navigate to your repository
Click Settings (gear icon)
Find Scan Schedule
Select frequency
Click Save

Workspace-Level Schedule

Override for specific workspaces:

Navigate to the workspace
Click Settings
Set Custom Schedule
Choose frequency and time
Click Save

Schedule Options

Predefined Schedules

Option	Frequency	Best For
Hourly	Every hour	Critical production
Daily	Once per day	Production systems
Weekly	Once per week	Staging/Dev
Monthly	Once per month	Stable infrastructure
Manual Only	No automatic scans	On-demand only

Custom Schedules

For more control, use cron expressions:

┌───────────── minute (0-59)
│ ┌───────────── hour (0-23)
│ │ ┌───────────── day of month (1-31)
│ │ │ ┌───────────── month (1-12)
│ │ │ │ ┌───────────── day of week (0-6, Sunday=0)
│ │ │ │ │
* * * * *

Common Examples

Schedule	Cron Expression	Description
Every hour	`0 * * * *`	Top of every hour
Daily at 6 AM	`0 6 * * *`	6:00 AM UTC daily
Weekdays at 9 AM	`0 9 * * 1-5`	Mon-Fri at 9 AM
Weekly Monday	`0 0 * * 1`	Midnight Monday
Monthly 1st	`0 0 1 * *`	Midnight, 1st of month
Every 4 hours	`0 /4 * *`	Every 4 hours

Time Zone

All schedules use UTC time zone. Convert from your local time:

Your Time Zone	UTC Offset	9 AM Local = UTC
EST (New York)	UTC-5	14:00 (2 PM)
PST (Los Angeles)	UTC-8	17:00 (5 PM)
GMT (London)	UTC+0	09:00
CET (Berlin)	UTC+1	08:00
JST (Tokyo)	UTC+9	00:00 (midnight)

Scan Behavior

What Happens During Scheduled Scan

Trigger: Schedule time reached
Queue: Scan added to queue
Execute: Runner picks up scan
Complete: Results stored
Notify: Alerts sent (if configured)

Scan Pipeline

Schedule Triggers
       │
       ▼
┌─────────────┐
│    Clone    │ Download repository
└──────┬──────┘
       │
       ▼
┌─────────────┐
│    Init     │ terraform init
└──────┬──────┘
       │
       ▼
┌─────────────┐
│    Plan     │ terraform plan
└──────┬──────┘
       │
       ▼
┌─────────────┐
│   Detect    │ Parse drift
└──────┬──────┘
       │
       ▼
┌─────────────┐
│  Analyze    │ AI analysis
└──────┬──────┘
       │
       ▼
┌─────────────┐
│  Complete   │ Store results
└─────────────┘

Handling Failures

If a scheduled scan fails:

Retry: Automatic retry after 5 minutes
Alert: Notification sent (if configured)
Log: Error recorded in scan history
Skip: Next scheduled scan proceeds normally

Notifications

Configure Alerts

Set up notifications for scheduled scans:

Go to Settings → Notifications
Enable desired alerts:

Alert Type	Description
Scan Complete	Every completed scan
Drift Detected	Only when drift found
Critical Drift	Only critical severity
Scan Failed	When scans fail

Alert Channels

Email: Sent to your registered email
Slack: Webhook integration for real-time team notifications
Webhooks: Custom HTTP POST endpoints for integration with external systems

Alert Content

Email alerts include:

Subject: [Controlinfra] Drift detected in production/

Summary:
• Repository: my-org/infrastructure
• Workspace: production/
• Drifts Found: 3
• Highest Severity: Critical

Quick View:
🔴 aws_security_group.web - Ingress rule modified
🟡 aws_instance.api - Instance type changed
🟢 aws_s3_bucket.logs - Tag added

View Details: https://Controlinfra.com/scans/abc123

---
You're receiving this because you have notifications
enabled for this repository.

Viewing Scheduled Scans

Upcoming Scans

See what's scheduled:

Go to Repositories
Click on a repository
View Next Scan timestamp

Or view all upcoming scans:

Go to Scans
Filter by Scheduled

Scan History

View past scheduled scans:

Scan History - production/

#47 | Dec 9, 6:00 AM  | ⚠️ 2 drifts | Scheduled
#46 | Dec 8, 6:00 AM  | ✅ Clean    | Scheduled
#45 | Dec 7, 6:00 AM  | ✅ Clean    | Scheduled
#44 | Dec 6, 3:15 PM  | ⚠️ 1 drift  | Manual
#43 | Dec 6, 6:00 AM  | ✅ Clean    | Scheduled

Managing Schedules

Pause Schedules

Temporarily disable scheduled scans:

Navigate to repository or workspace
Click Settings
Toggle Pause Scheduled Scans
Click Save

Use cases:

During maintenance windows
While making major changes
During incident response

Resume Schedules

Re-enable paused schedules:

Navigate to settings
Toggle Pause Scheduled Scans off
Click Save

Delete Schedule

Remove a schedule entirely:

Navigate to settings
Set schedule to Manual Only
Click Save

Quota Considerations

Cloud Runner Limits

If using cloud runners, schedules count against your quota:

Monthly Quota: 100 scans
Current Usage: 45 scans

Scheduled Scans:
• production/ - Daily (30 scans/month)
• staging/ - Weekly (4 scans/month)
• networking/ - Daily (30 scans/month)

Estimated Monthly: 64 scheduled + manual scans

Optimizing Quota Usage

Strategy	Impact
Reduce frequency	Daily → Weekly saves 75%
Scan off-hours	Lower priority, same coverage
Use self-hosted	Unlimited scans
Consolidate workspaces	Fewer scans needed

Best Practices

1. Match Frequency to Risk

Environment	Risk Level	Recommended
Production	High	Daily or more
Staging	Medium	Daily
Development	Low	Weekly
Archives	Minimal	Monthly

2. Schedule During Low-Activity Periods

yaml

# Better: Scan during off-hours
Schedule: 0 3 * * *  # 3 AM UTC

# Avoid: Scan during deployments
# Consider your deployment windows

3. Stagger Multiple Workspaces

yaml

# Stagger to avoid resource contention
production/: 0 6 * * *   # 6:00 AM
staging/:    0 7 * * *   # 7:00 AM
networking/: 0 8 * * *   # 8:00 AM

4. Enable Critical Alerts

At minimum, enable alerts for:

Critical severity drift
Scan failures

5. Review Trends

Regularly review scan history:

Are scans finding repeated drift?
Is drift increasing over time?
Are specific resources always drifting?

Troubleshooting

Scheduled Scan Didn't Run

Check if schedule is paused
Verify schedule configuration
Check for system maintenance
Review scan history for errors

Scans Running Too Often

Review cron expression
Check for multiple schedules
Verify time zone calculation

Missing Notifications

Check email spam folder
Verify notification settings
Confirm email address is correct
Check notification preferences

Quota Exhausted

Reduce scan frequency
Remove unnecessary workspaces
Upgrade plan
Use self-hosted runners

Next Steps

Drift Detection - Understanding results
Self-Hosted Runners - Unlimited scans
Settings - Configure notifications

Scan Scheduling ​

Overview ​

Setting Up Schedules ​

Repository-Level Schedule ​

Workspace-Level Schedule ​

Schedule Options ​

Predefined Schedules ​

Custom Schedules ​

Common Examples ​

Time Zone ​

Scan Behavior ​

What Happens During Scheduled Scan ​

Scan Pipeline ​

Handling Failures ​

Notifications ​

Configure Alerts ​

Alert Channels ​

Alert Content ​

Viewing Scheduled Scans ​

Upcoming Scans ​

Scan History ​

Managing Schedules ​

Pause Schedules ​

Resume Schedules ​

Delete Schedule ​

Quota Considerations ​

Cloud Runner Limits ​

Optimizing Quota Usage ​

Best Practices ​

1. Match Frequency to Risk ​

2. Schedule During Low-Activity Periods ​

3. Stagger Multiple Workspaces ​

4. Enable Critical Alerts ​

5. Review Trends ​

Troubleshooting ​

Scheduled Scan Didn't Run ​

Scans Running Too Often ​

Missing Notifications ​

Quota Exhausted ​

Next Steps ​