diff --git a/.github/workflows/pipelines-drift-detection.yml b/.github/workflows/pipelines-drift-detection.yml
new file mode 100644
index 00000000..56c92320
--- /dev/null
+++ b/.github/workflows/pipelines-drift-detection.yml
@@ -0,0 +1,118 @@
+name: Pipelines
+run-name: Drift Detection
+on:
+  workflow_call:
+    inputs:
+      # This field can be overriden to customize the runner used for pipelines
+      # workflows.
+      #
+      # IMPORTANT: To use self-hosted runners this workflow must be hosted in
+      # the same GitHub organization as your infra-live repository.
+      # See https://docs.github.com/en/actions/using-workflows/reusing-workflows#using-self-hosted-runners
+      #
+      # The value must be an escaped JSON string that will be decoded to the
+      # jobs.runs-on field
+      # See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idruns-on
+      #
+      # For example:
+      # - A simple github runner: "\"ubuntu-22.04\""
+      # - A list of labels: "[\"self-hosted\", \"linux\"]"
+      # - A map: "{group: \"ubuntu-runners\", labels: \"ubuntu-20.04-16core\"}"
+      runner:
+        type: string
+        default: '"ubuntu-latest"'
+    secrets:
+        PIPELINES_READ_TOKEN:
+          required: true
+env:
+  PIPELINES_CLI_VERSION: v0.26.2-rc1
+  PIPELINES_ACTIONS_VERSION: main
+  TERRAGRUNT_PARALLELISM: 10
+
+jobs:
+  pipelines_drift_detection:
+    name: Detect Infrastructure Drift
+    runs-on: ${{ fromJSON(inputs.runner) }}
+    steps:
+      - name: Checkout Pipelines Actions
+        uses: actions/checkout@v4
+        with:
+          path: pipelines-actions
+          repository: gruntwork-io/pipelines-actions
+          ref: ${{ env.PIPELINES_ACTIONS_VERSION }}
+          token: ${{ secrets.PIPELINES_READ_TOKEN }}
+
+      - name: Check out repo code
+        uses: actions/checkout@v4
+        with:
+          path: infra-live-repo
+          fetch-depth: 0
+
+      - name: Cache Providers
+        id: cache-providers
+        uses: actions/cache@v4
+        with:
+          path: ~/.cache/terragrunt/providers
+          key: ${{ runner.os }}-terragrunt-providers
+
+      - name: Bootstrap Workflow
+        id: gruntwork_context
+        uses: ./pipelines-actions/.github/actions/pipelines-bootstrap
+        with:
+          token: ${{ secrets.PIPELINES_READ_TOKEN }}
+          working_directory: "."
+          terragrunt_command: "run-all plan --terragrunt-exclude-dir=."
+          branch: "main"
+
+      - name: "Run terragrunt run-all plan"
+        id: terragrunt
+        uses: ./pipelines-actions/.github/actions/pipelines-execute
+        env:
+          TERRAGRUNT_AUTH_PROVIDER_CMD: "pipelines auth terragrunt-credentials --ci github-actions --cloud aws --wd . --event-type pr-synched-created"
+        with:
+          token: ${{ secrets.PIPELINES_READ_TOKEN }}
+          tf_binary: ${{ steps.gruntwork_context.outputs.tf_binary }}
+          working_directory: ${{ steps.gruntwork_context.outputs.working_directory }}
+          terragrunt_command: ${{ steps.gruntwork_context.outputs.terragrunt_command }}
+          infra_live_repo_branch: ${{ steps.gruntwork_context.outputs.branch }}
+          gruntwork_config_file: ${{ steps.gruntwork_context.outputs.gruntwork_config_file }}
+          infra_live_repo: "."
+          infra_live_directory: "."
+          deploy_branch_name: ${{ steps.gruntwork_context.outputs.deploy_branch_name }}
+
+      - name: "Parse plans"
+        id: tfplan
+        working-directory: ./infra-live-repo
+        shell: bash
+        env:
+          WORKING_DIRECTORY: ${{ steps.gruntwork_context.outputs.working_directory }}
+          GH_TOKEN: ${{ github.token }}
+          PLAN_FOLDER: ${{ steps.terragrunt.outputs.plan_folder}}
+        run: |
+          pipelines tfplan detect-drift --working-directory "$WORKING_DIRECTORY" "$PLAN_FOLDER"
+
+
+      - name: "Create PR"
+        id: propose-infra-change
+        working-directory: ./infra-live-repo
+        shell: bash
+        env:
+          GH_TOKEN: ${{ github.token }}
+          WORKING_DIRECTORY: ${{ steps.gruntwork_context.outputs.working_directory }}
+          BRANCH_NAME: "drift-detection"
+          AUTHOR_NAME: ${{ github.actor }}
+          AUTHOR_EMAIL: ${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com
+
+        run: |
+          git_changes=$(git status --porcelain)
+          if [[ -n $git_changes ]]; then
+            pipelines scm propose-infra-change \
+              --working-directory "$WORKING_DIRECTORY" \
+              --change-request-branch-name "$BRANCH_NAME" \
+              --commit-message "Drift Detected" \
+              --title "Drift Detected" \
+              --author-name "$AUTHOR_NAME" \
+              --author-email "$AUTHOR_EMAIL" \
+              --force true
+          fi
+
diff --git a/.github/workflows/pipelines-root.yml b/.github/workflows/pipelines-root.yml
index 029fdb06..79a77f4b 100644
--- a/.github/workflows/pipelines-root.yml
+++ b/.github/workflows/pipelines-root.yml
@@ -101,6 +101,13 @@ jobs:
           path: infra-live-repo
           fetch-depth: 0
 
+      - name: Cache Providers
+        id: cache-providers
+        uses: actions/cache@v4
+        with:
+          path: ~/.cache/terragrunt/providers
+          key: ${{ runner.os }}-terragrunt-providers
+
       - name: Bootstrap Workflow
         id: gruntwork_context
         uses: ./pipelines-actions/.github/actions/pipelines-bootstrap
diff --git a/.github/workflows/pipelines.yml b/.github/workflows/pipelines.yml
index b5b76171..301b6de0 100644
--- a/.github/workflows/pipelines.yml
+++ b/.github/workflows/pipelines.yml
@@ -48,6 +48,14 @@ jobs:
           path: infra-live-repo
           fetch-depth: 0
 
+      - name: Cache Providers
+        id: cache-providers
+        uses: actions/cache@v4
+        with:
+          path: ~/.cache/terragrunt/providers
+          key: ${{ runner.os }}-terragrunt-providers
+
+
       - name: Preflight Checks
         uses: ./pipelines-actions/.github/actions/pipelines-preflight-action
         with: