Skip to main content
Generating code with AI is easy; generating safe, production-ready infrastructure is hard. Backdrift includes a dedicated Validation Engine that runs before deployment.

The Validation Engine

We analyze your Blueprint against the Well-Architected Framework, scoring it across five pillars:

Security

PII detection, tenant isolation, access controls

Reliability

Backups, recovery, fault tolerance

Performance

Indexing, caching, query optimization

Cost

Resource sizing, usage estimates

Operations

Logging, metrics, health checks

Validation Report

After running validation, you’ll see a detailed report: 
Overall Score: 85/100

Security (90/100)
├── ✅ Multi-tenant isolation configured
├── ✅ JWT authentication enabled
├── ⚠️ PII detected: email field on User entity
└── ⚠️ No audit logging configured

Reliability (80/100)
├── ✅ Point-in-time recovery enabled
├── ✅ created_at/updated_at timestamps present
└── ⚠️ No soft delete configured

Performance (95/100)
├── ✅ Primary key indexes created
├── ✅ Foreign key indexes created
└── ✅ Tenant key indexes created

Cost (75/100)
├── ✅ Pay-per-request billing (no over-provisioning)
└── ⚠️ Estimated monthly cost: $45-$120

Operations (85/100)
├── ✅ Health endpoint configured
├── ✅ Structured logging enabled
└── ⚠️ No custom alarms configured

PII Detection

Backdrift automatically detects Personally Identifiable Information:
Field PatternDetection
email, email_addressEmail PII
phone, phone_numberPhone PII
ssn, social_securitySSN PII (Critical)
address, streetAddress PII
dob, birth_dateDate of Birth PII
When PII is detected, we recommend:
  • Encryption at rest
  • Access logging
  • Data retention policies

Auto-Fixes

Backdrift doesn’t just complain—it fixes.

Safe Fixes (Low Risk)

Applied automatically or with one click:
  • Adding created_at and updated_at timestamps
  • Enabling structured logging
  • Adding missing indexes
  • Setting default retention policies

Medium Risk Fixes

Require confirmation:
  • Enabling encryption on existing fields
  • Adding audit logging
  • Changing field types

High Risk Fixes

Require explicit acknowledgment:
  • Removing fields (data loss potential)
  • Changing primary keys
  • Modifying tenant isolation

One-Click Fix All

For issues classified as Safe, you can apply all fixes at once: 
Found 5 safe fixes:
├── Add created_at to Task entity
├── Add updated_at to Task entity
├── Enable point-in-time recovery on Task table
├── Add index on project_id field
└── Configure log retention (30 days)

[Apply All Safe Fixes]

Cost Estimation

Before deploying, we estimate your monthly costs at two tiers:
TierUsersEstimated Cost
Starter0-100 users55-25/month
Production100k+ users150150-500/month
This includes:
  • Database storage and read/write operations
  • API Gateway requests
  • Lambda invocations
  • Authentication operations
  • File storage (if configured)
Estimates are based on typical usage patterns. Actual costs depend on your specific traffic and data volumes.

Non-Technical Summary

For stakeholders who don’t speak “infrastructure”, we generate plain-English summaries: 
Your backend is ready for production with a few recommendations:

✅ Security is strong - user data is isolated by organization
✅ Performance is optimized - all queries will be fast
⚠️ Consider adding audit logging for compliance
⚠️ Email addresses should have additional protection

Estimated cost: $15-$45/month for typical startup usage

Deployment

Ready to deploy? Learn about safe deployments and rollbacks.