CLI Reference
Every drift command at a glance. The CLI is the only interface to the Drift platform — there is no web dashboard.
Account
| Command | Description |
drift account login | Log in with the username and password your platform admin issued you (stores a session) |
Drift is in closed alpha — accounts are provisioned by the platform admin. Once you're logged in the
CLI keeps your session and refreshes it for you; you won't be asked again on this machine.
Slices
| Command | Description |
drift slice create [name] | Create a slice (opens the configurator in your browser) |
drift slice create <name> --free | Create a free Hacker slice without the browser (--headless is an alias, handy in CI) |
drift slice list | List your slices (* marks the active one) |
drift slice use <name> | Set the active slice for the commands that follow |
drift slice plan | Show the active slice's plan and resource usage |
drift slice resize [name] | Resize a slice — browser by default, or --from a Driftfile |
drift slice restart | Restart your slice |
drift slice delete <name> [--yes] | Delete a slice and everything in it (irreversible) |
Snapshots
Portable backups of a whole slice — source code, data, secrets, and sites, with no Drift-specific files in the archive.
| Command | Description |
drift slice snapshot create [--name label] | Snapshot the active slice (polls until ready) |
drift slice snapshot list | List snapshots with id, name, size, and status |
drift slice snapshot download <id> [-o path] | Download a snapshot archive |
drift slice snapshot restore <id> | Restore a snapshot into the active slice |
drift slice snapshot delete <id> [--yes] | Delete a snapshot |
Custom domains
Point your own hostname at a slice; Drift verifies ownership and issues the TLS certificate. See the Quick Start for the full flow.
| Command | Description |
drift slice domain add <host> | Register a custom hostname (prints the DNS records to create) |
drift slice domain verify <host> | Re-check the TXT record and, on success, issue the certificate |
drift slice domain list | List custom hostnames for the active slice |
drift slice domain remove <host> | Remove a hostname, its certificate, and its routing |
Deployment
| Command | Description |
drift project deploy | Deploy everything declared in your Driftfile manifest |
drift project diff | Show the divergence between your local Driftfile and the live slice |
drift plan <Driftfile> | Preview a project's resource needs against your quota (dry run) |
A deploy only ever creates or grows a slice — to shrink one, use drift slice resize.
Secrets declared in a Driftfile can pull values from your shell with $ENV references, resolved
at deploy time.
Atomic
Develop
| Command | Description |
drift atomic new [name] | Add a function to an element — a flat file, not a folder (interactive wizard) |
drift atomic deploy <dir> [-e element] | Deploy a function (Go, Python, Node, Ruby, PHP, Rust) |
drift atomic run <dir> [--port N] | Run locally with hot reload |
drift atomic fetch [path] | Resolve dependencies for every function under a path |
Operate
| Command | Description |
drift atomic list | List deployed functions (flat or grouped by element) |
drift atomic logs <name> [-n N] [-f] | Fetch function logs (-f streams new lines) |
drift atomic logs purge <name> | Clear a function's in-memory logs |
drift atomic metrics <name> | Request count, error rate, and average duration |
drift atomic delete <name> | Delete a deployed function |
Roll back
| Command | Description |
drift atomic history <name> | Show a function's deployment history |
drift atomic rollback <name> <position> | Roll back to an earlier deployment (positions from history) |
drift atomic redeploy <name> | Re-deploy the last known artifact |
Authentication
| Command | Description |
drift atomic auth set <fn> <key> [-m method] | Set or rotate a function's API key |
drift atomic auth list <fn> | List the API keys configured for a function (fingerprints, not raw keys) |
drift atomic auth revoke <fn> [-m method] | Revoke a function's API key |
Elements & triggers
| Command | Description |
drift atomic element list | List functions grouped by element |
drift atomic trigger list | List registered triggers |
drift atomic trigger register queue <name> --queue Q --target URL | Poll a Backbone queue and invoke a function on each message |
drift atomic trigger register schedule <name> --cron "..." --target URL | Fire a function on a 5-field cron schedule |
drift atomic trigger unregister <name> | Remove a trigger |
Alerts
| Command | Description |
drift atomic alert add <name> <function> | Register an alert (function errors trigger a webhook notification) |
drift atomic alert list | List alerts on the active slice |
drift atomic alert remove <name> | Remove an alert |
Egress
| Command | Description |
drift atomic egress list | Show the slice's outbound allowlist |
drift atomic egress refresh | Re-resolve DNS and re-apply the allowlist |
drift atomic egress test <host> | Check whether a host is allowed (local pattern match, no DNS) |
Backbone
Secrets
| Command | Description |
drift backbone secret set KEY=VALUE | Store a secret (encrypted at rest, AES-256-GCM) |
drift backbone secret get KEY | Retrieve a secret's value |
drift backbone secret list | List secret names |
drift backbone secret delete KEY | Delete a secret |
NoSQL
| Command | Description |
drift backbone nosql write --collection C --data '{...}' | Write a JSON document to a collection |
drift backbone nosql read --key K [--collection C] | Read a document by key |
drift backbone nosql list [--collection C] [--field F --value V] [--limit N] | List documents, optionally filtered by a field |
drift backbone nosql drop <collection> | Delete a collection and all its documents |
Cache
| Command | Description |
drift backbone cache set <key> <value> [--ttl 3600] | Set a cache entry (TTL in seconds, 0 = no expiry) |
drift backbone cache get <key> | Read a cache entry |
drift backbone cache exists <key> | Check whether a key exists |
drift backbone cache del <key> | Delete a cache entry |
Queues
| Command | Description |
drift backbone queue push <name> '<json>' | Push a JSON message onto a queue |
drift backbone queue peek <name> | Read the next message without removing it |
drift backbone queue pop <name> | Take the next message (destructive) |
drift backbone queue len <name> | Print the queue depth |
drift backbone queue drop <name> | Delete a queue and all its messages |
Blobs
| Command | Description |
drift backbone blob put <bucket> <key> <file> | Upload a file to a bucket |
drift backbone blob get <bucket> <key> | Download a blob (streams to stdout) |
drift backbone blob list <bucket> | List keys in a bucket |
drift backbone blob delete <bucket> <key> | Delete a blob |
Locks
| Command | Description |
drift backbone lock acquire <name> <owner> [--ttl 30] | Acquire a named lock (conflicts if already held) |
drift backbone lock renew <name> <owner> [--ttl 30] | Extend a lock's TTL |
drift backbone lock release <name> <owner> | Release a named lock |
Status
| Command | Description |
drift backbone status | Per-subsystem health: cache entries, NoSQL disk, queue depths, blob counts, active locks |
Canvas
| Command | Description |
drift canvas deploy <dir> [--route /path] | Deploy a static site (mounted at / by default) |
Canvas proxies /api/* to Atomic within the same process — your static site and your API
share one origin, so there's no CORS to configure.
Session
Your login and active slice live in ~/.drift/session.json. The active slice is preserved
across logins. Every authenticated request carries:
Authorization: Bearer <jwt> — your identity
X-Slice: <active-slice> — the target slice
Tokens are refreshed automatically on a 401. If the refresh fails, you're prompted to log in again.