Cloud Asset Inventory

The Cloud Asset Inventory page is the heart of Firefly, providing a comprehensive, searchable list of all your cloud resources across accounts and regions. This page enables managing resources, filtering, and exporting your inventory data in powerful ways.

When you navigate to Inventory, you'll see a table of assets. Each row is a resource (e.g. an EC2 instance, an S3 bucket, a GKE cluster, a Datadog monitor) along with key properties: cloud provider, asset type, name, environment/tag, IaC status, etc. At the top, and on the left side of the table, there are multiple ways to filter and segment the data:

Filter by Provider, Type, Tags, and more

The Inventory includes a filter menu with dropdowns for Data Source (provider account), Asset Type, Location (region/cluster), Tags, Owner, and so on. For example, you can select Data Source = AWS Account A and Asset Type = S3 Bucket to list only S3 buckets in that account.

The Owner filter is especially useful to see who made the last change: for AWS resources, Firefly can show the CloudTrail Event Owner and event time, for IaC-managed resources, it shows the Git commit author and commit date (when Git integration is enabled). You can combine filters (e.g. all AWS EC2 instances in us-east-1 tagged with Environment:Production). The table updates in real-time as you apply filters.

Asset Categories (Live vs Deleted)

Just above the table, there are quick toggles for viewing Live assets or Deleted assets. Firefly keeps track of assets that existed and were later terminated. By toggling Deleted, you can see resources that have been removed (this helps with auditing what was deleted). Usually you'll keep it on Live to see active resources. There is also a Types view that groups assets by category (e.g. all EC2 instances, all S3 buckets) for a high-level look.

Asset Flags

In the top-right corner of the Inventory, you'll find flag filters to highlight certain conditions. These include flags such as Policy (showing assets with policy violations), Mutations (assets with changes/revisions you can compare), Comments (assets that have user comments attached), Git (assets whose IaC code is linked to Git and can be traced), GitOps (assets managed by GitOps tools like Argo CD), and Relationships (assets that have dependency mappings).

For example, clicking the Policy flag will filter the list to only assets that have one or more governance policy violations (letting you focus on non-compliant resources). These flags are a quick way to slice the inventory by specific governance or metadata criteria.

Search Bar

You can also perform a free-text search across all assets using the search bar. This does a full-text search on resource names and configurations. For instance, you could search for an IP address like 0.0.0.0/0 to find any security group or firewall rule allowing open access. Or search a specific resource ID or name to jump directly to it. This is very handy when you have thousands of assets, just type a keyword and Firefly will filter the inventory to matching items.

Once you have a filtered view, you can save custom views for reuse. From the Views menu at the top bar, select Save Current View to bookmark your filter set (e.g. a view for Prod Kubernetes Clusters). This allows quick access later without reapplying filters.

Asset Details

Clicking on a specific asset row opens the Asset Details pop-up. Here you can manage the individual resource and see rich information:

Info Tab

Basic info about the asset, its cloud metadata, tags, creation date, etc. If the asset is managed by IaC, it shows which stack and file it comes from. If it's unmanaged, you will see an option to codify it. There's also a Governance sub-tab showing any policy violations affecting this asset (e.g. Encryption not enabled with severity level). If the asset's Terraform code is in an integrated Git repo, a Git sub-tab shows a direct link to the code and the last commit info.

Configuration Tab

This shows the actual configuration associated with the asset. It will show the resource configuration retrieved from the cloud provider. If that asset is drifted, there is a Drift Details button at the bottom left of the pop-up that you can click to see changes side by side.

Mutation Log

Firefly tracks changes (mutations) to each asset over time. In the Mutation Log tab, you can see a timeline of changes detected. If an asset's configuration changed (via IaC or manually), each change is listed with timestamp and what changed. This is great for audit trail and understanding drift. Firefly even allows rollback: if you select a previous revision in the Mutation Log, you can click Codify Revision to generate the code to revert the asset back to that state.

Event Viewer

For cloud assets, Firefly can show the audit log events (like AWS CloudTrail events or Google Cloud Audit Logs) related to the asset. In the Event Viewer tab, you will see a graph of recent operations on this resource and a list of events (e.g. an API call that modified a security group). You can expand an event to see details of the request and response. This helps pinpoint who or what changed an asset, which is useful for security and compliance investigations.

Relationships & Architecture Diagram

The Relationships tab provides a visual map of how the asset connects to others. For example, if the asset is a VM, it will show relationships to the VPC, subnets, security groups, etc. You can click on any related resource in the map to navigate to its details. In the Architecture Diagram tab, Firefly can generate an architecture diagram for managed assets, illustrating its dependencies in the IaC stack. This is extremely helpful to understand context (e.g. this database is part of a cluster, or this Kubernetes Deployment owns these Pods).

Comments

There is also a tab where team members can leave comments or notes on an asset. If you want to annotate why something is in a certain state or mark that you're working on an issue, you can do it here for others to see.

Asset Actions

At the bottom of the Asset Details pop-up, you will find action buttons to manage the resource:

  • Codify – generate IaC code for the asset.

  • Migrate – for cloud resources, Firefly offers a Migrate feature to convert the resource into another cloud provider (e.g. generate Terraform for an EC2 instance on Azure). This is advanced and used for cross-cloud migration scenarios.

  • Share – copy a direct link to this asset (to share with a teammate or in an incident ticket). This is useful for sharing the asset details with a teammate or in an incident ticket.

  • Delete – remove the asset. For unmanaged assets, Firefly will provide a delete command. For codified assets, Firefly will open a pull request to delete its IaC definition (useful if you want to decommission it from code).

  • Create Jira Issue – if integrated, a button to create a Jira issue pre-filled with this asset's info (for tracking a problem or task related to the asset). This is useful for tracking a problem or task related to the asset.

  • Jump to Code – if the asset is managed by code in Git, this will open your Git repository directly at the code file and line for this resource.

  • Jump to Console – opens the cloud provider's console/web UI for the resource (e.g. AWS Console page for that EC2 instance).

Bulk Actions

Using the Inventory page, you can perform bulk actions as well. For example, you can select multiple unmanaged assets (checkboxes in the table) and choose Codify to generate IaC for all of them in one go. Firefly will ask you which IaC format (Terraform, Pulumi, etc.) and then produce code for each selected resource. Likewise, you can select any resources and hit the trash icon to delete them.

Exporting Inventory Data

One powerful feature is Exporting the inventory. If you want to generate a report of assets, click the Export option (at top-right of the table). You can export the filtered results in CSV or JSON format. Firefly allows exporting up to 10,000 assets based on your current filters. For example, you could filter to unmanaged assets in AWS and export that list as a CSV to share with your team. The export will include the columns visible in the inventory (like resource name, type, cloud, tags, etc.). This is useful for offline analysis, compliance audits, or integration with other tools.

Summary

In summary, the Cloud Asset Inventory is where you view and manage all resources. Use filtering to narrow down, use the asset details to investigate and take action (codify or remediate drifts), and export or save views as needed. It's a good practice to regularly review the Inventory for any anomalies: e.g., check the Unmanaged filter to see if new resources popped up outside of code, or use the Policy flag to see non-compliant assets and address them. The Inventory keeps your cloud estate transparent and under control by centralizing all asset information in one place.

Related Guides

For more detailed information on specific cloud asset inventory tasks, see these guides:

  • Creating Exclude-Drift Rules - Learn how to create rules that tell Firefly to ignore specific drift issues so it stops alerting about those particular differences.

  • Creating IaC-Ignore Rules - Learn how to create rules that exclude specific unmanaged assets from IaC coverage calculations and recommendations.

  • Deleting Assets - Learn how to safely delete both unmanaged (cloud-only) assets and codified (managed by IaC) assets from your environment.

  • Remediating Drifts - Learn how to remediate drifted assets by either aligning your IaC code to match the current asset configuration or reconciling assets to match your IaC code.

PreviousDashboard OverviewNextRemediating Drifts

Last updated

Was this helpful?