Skip to main content
The Tech Debt Inventory is Draftt’s core data model: a continuously updated, searchable catalog of all resources and findings across your infrastructure, applications, configurations, and compliance posture. It is the single source of truth for what Draftt has discovered.

What Gets Inventoried

Draftt automatically catalogs resources and findings across five categories of technical debt.

Lifecycle Debt

Outdated software, runtimes, and libraries that are no longer supported by their vendors. Examples:
  • Database engines beyond extended support (PostgreSQL 10, MySQL 5.7, Redis 5)
  • Container runtimes reaching EOL (Kubernetes 1.20, containerd 1.4)
  • Operating systems without security patches (CentOS 7, Ubuntu 16.04 LTS)
  • Programming language runtimes past LTS date (Python 3.7, Node.js 14)
  • Libraries or frameworks approaching EOL (proactive flagging)
Data enrichment: Vendor support timeline, EOL date, security patch status, breaking changes in target version.

Configuration Debt

Infrastructure and code that deviates from defined standards, baselines, or intended state. Examples:
  • Security violations (unencrypted storage, open security groups, disabled logging)
  • Tag inconsistency (resources missing required tags, team assignment, or cost center)
  • Certificate expiration approaching
  • Configuration that violates organizational governance policies
Data enrichment: Which policy is being violated, specific configuration that is non-compliant, recommended correction.

Ownership Debt

Infrastructure and code without clear responsibility, making it difficult to maintain, scale, and modernize. Examples:
  • Orphaned cloud resources (no team owns or is responsible for)
  • Services without code owner (no CODEOWNERS entry)
  • Repositories without designated maintainers
  • Legacy systems where original team has moved on
Data enrichment: Possible owners inferred from cloud tags, IDP catalog data, Git history, and deployment metadata.

Cost Debt

Infrastructure and services consuming resources without proportionate business value. Examples:
  • Idle compute instances with zero utilization for extended periods
  • Unattached storage volumes
  • Over-provisioned resources (instance type larger than usage patterns require)
  • Unused managed services (databases with no connections, unused load balancers)
Data enrichment: Monthly cost of the resource, cost reduction opportunity, utilization metrics.

Compliance Debt

Infrastructure and processes that don’t meet regulatory or organizational requirements. Examples:
  • Encryption gaps (required encryption not enabled on sensitive data)
  • Access control violations (excessive permissions)
  • Audit trail gaps (logging disabled, logs not retained per policy)
  • Compliance policy exceptions without documented approval
Data enrichment: Which compliance framework is affected, remediation requirement.

How Items Are Categorized

Each finding in the Tech Debt Inventory is assigned multiple attributes that enable filtering, prioritization, and analysis.

Category

Primary classification of technical debt type: Lifecycle, Configuration, Ownership, Cost, or Compliance. Some findings span multiple categories.

Policy Status

Resources are evaluated against active policies and assigned a status. Lifecycle policies use standard statuses (Supported, Impending, Outdated, Deprecated). Governance policies use custom statuses you define (e.g., Compliant, Non-Compliant, Unknown). See Governance Policies for how status assignment works.

Ownership

Which team or individual is responsible for the resource. Draftt infers ownership from cloud resource tags, IDP catalog data, CODEOWNERS files, and repository metadata. Resources without identifiable ownership are flagged as orphaned. See Resource Ownership for ownership assignment methods.

Where Policies Appear

The inventory is surfaced across the platform: Policies Page - View all active policies, their status breakdowns, and last evaluation timestamps. Re-evaluate any policy on demand. Dashboard - Select any policy from the dropdown to view its status breakdown over time. Track governance trends. Inventory View - Filter by policy in the sidebar. View all resources under a policy with their assigned status. Governance policies show only relevant columns.

Filtering and Searching

The Tech Debt Inventory supports filtering using DrafttQL. You can filter by resource type, policy, status, ownership, tags, and resource-specific fields. Saved views let you create and reuse common filter combinations for quick access during team meetings and governance reviews.

Best Practices for Inventory Management

Keep ownership current. Ensure cloud resource tags and IDP catalog entries reflect actual team ownership. Stale ownership means findings sit unassigned. Review findings regularly. Use the inventory in your governance cadence: weekly check-ins on policy violations, monthly reviews of trends, quarterly reviews of policy effectiveness. Use filters strategically. Before meetings, pre-generate filtered views (e.g., “all non-compliant infrastructure for Team X”). Filtered views drive faster decision-making and focus discussion. Connect integrations. Push findings to your ticketing and collaboration tools so remediation happens in the systems your teams already use.