Review and apply a ChangeSet
Read the ADR and diagram, approve or reject, and apply infrastructure changes through the portal.
Review and apply a ChangeSet
A ChangeSet is how every infrastructure change moves from proposal to production in CloudBooster. You review the ADR, check the diagram, inspect the composition YAML, then approve or reject it. Nothing touches your AWS account until you say so.
Before you begin
- You need access to the project that contains the ChangeSet.
- If the project has approval rules configured, you may need to be an eligible approver before you can approve.
Open a ChangeSet
Navigate to Project → Environment → ChangeSets. The list shows all ChangeSets in that environment, each with a status badge.
| Status | Meaning |
|---|---|
proposed | Created, not yet reviewed |
previewing | Preview is being generated |
previewed | Preview ready, waiting for approval |
blocked | Waiting for required approvals before it can proceed |
approved | Approved and queued for apply |
applying | Apply is in progress |
applied | Successfully applied |
Click any row to open the review screen.
Read the ADR
The Architecture Decision Record (ADR) is a Markdown document that explains:
- What is changing — which AWS resources will be created, updated, or removed.
- Why — the original intent or finding that prompted the change.
- Trade-offs considered — alternative approaches the planner evaluated before settling on this one.
The ADR is generated by CloudBooster's LLM planner from the original intent, so it is written in plain language rather than infrastructure jargon. Read it first — if the "why" doesn't match your expectation, the rest of the review may not be necessary.
Inspect the diagram
The topology diagram (rendered from a Mermaid or D2 source) shows the state of your infrastructure after the ChangeSet is applied. This lets you see at a glance how resources relate — what connects to what, what's in which subnet, and how traffic flows.
You can zoom and scroll the diagram within the portal. The underlying source is also visible in a code tab if you want to read the raw markup.
The diagram shows the target state, not just the delta. If you want to see only what is new or modified, cross-reference the ADR and the composition diff.
Check the composition YAML
The composition is the canonical, editable form of the change. It is the specification that CloudBooster will use to drive the provider plan and, ultimately, the AWS API calls.
Before approving, you can edit the composition directly — for example:
- Change a database instance type from
db.t3.microtodb.t3.small. - Update an S3 bucket name to match your team's naming convention.
- Adjust a retention period or a CIDR block.
Click Edit composition to open the YAML editor inline. Changes are validated against the component schema as you type. Save before proceeding.
Editing the composition after the preview has been generated will trigger a new preview run. Wait for the preview to complete before approving.
Approve or reject
When the ChangeSet is blocked
If your project has approval rules that match this ChangeSet, the status will show as blocked until the required approvals are collected. The review screen shows each rule, its eligible approvers, and how many approvals have been received — for example, 1 of 2 required approvals.
If allow_self_approval is disabled on a rule (the default), the person who created the ChangeSet cannot count their own approval toward that rule. Another eligible approver must sign off.
Approve
When you are satisfied with the ADR, diagram, and composition, click Approve. The ChangeSet status moves to approved and the apply is triggered automatically.
Reject
If the change is not correct, click Reject and enter a reason. The ChangeSet is closed and no changes are applied to your AWS account. The creator will see your rejection reason and can create a revised ChangeSet if needed.
Monitor the apply
Once approved, the status moves to applying. The portal shows a live log of the deployment run as CloudBooster hands the provider plan to AWS. You can follow along line by line or wait for the final status.
For a full description of every status in the lifecycle, see ChangeSets.
Do not close the tab while the apply is running — the apply will complete in the background, but you will lose the live log view. Refresh the ChangeSet page to see the final result.
After the apply
The ChangeSet status moves to applied. CloudBooster records the change, its rationale, and its outcome for audit purposes.
If the ChangeSet was remediating one or more security findings, those findings are automatically marked resolved on the next scan. You do not need to manually close them. See Manage security findings for details on how findings and ChangeSets interact.
See also
- ChangeSets — full ChangeSet lifecycle and what each artifact contains.
- Manage security findings — how findings auto-resolve after a ChangeSet is applied.
- Set up approval rules — how to configure who must approve before a ChangeSet can be applied.