Notifications

Firefly's Notifications system keeps you informed about important changes in your cloud infrastructure. Whether it's a configuration drift, a policy violation, or a change in asset status, Firefly ensures you and your team receive timely alerts through your preferred communication channels.

Overview

Notifications in Firefly are designed to help you stay on top of critical events in your environment. When there are changes to the state or configuration of your assets, Firefly can notify you via email, Slack, Microsoft Teams, Opsgenie, Torq, PagerDuty, Webex, Google Chat, or custom webhooks. This enables rapid response to issues, improved governance, and better collaboration across teams.

Notifications can be tailored to your needs, choose which events trigger alerts, where they are sent, and who receives them. This flexibility ensures you only get the information that matters most to your operations.

Types of Notifications

Firefly supports a variety of notification types, including:

  • Drift Detection: Alerts when a resource's actual state diverges from its IaC definition.

  • Policy Violation: Informs you of governance rule violations.

  • ClickOps Event Detected: Alerts when a resource is altered manually outside of IaC, directly in the cloud console.

  • Workspace Run: Notifies about IaC deployments.

  • Workspace Guardrail Violation: Alerts for violations detected at the workspace level blocking the deployment from completion.

You can view the timestamp and creator of each notification subscription, making it easy to audit who set up which alerts and when.

Notification Criteria and Customization

When creating a notification, you can specify detailed criteria to control when and how notifications are sent:

  • Event Type: Choose the type of event (drift, policy violation, etc.).

Drift Detection & ClickOps Event

  • Data Source: Select which cloud providers or IaC sources to monitor.

  • Action Type: Select the type of actions, create, update or delete actions. Only available for ClickOps event.

  • Asset Type: Filter by resource type (e.g., EC2 instance, S3 bucket, GKE cluster, etc.).

  • Tags: Use tags to target specific resources or environments.

  • Owner: Notify based on resource ownership.

  • Location: Filter by region of the resource

Policy Violation

  • Policy: Select the policy that was violated.

Workspace Run

  • Workspaces: Select the workspaces to monitor.

  • Repository: Select the repository to monitor.

  • Workspace labels: Select the workspace labels to monitor. Will monitor all workspaces with the selected labels.

  • Workspace status: Select the workspace status to alert on. Will alert on all runs with the selected status.

Workspace Guardrail Violation

  • Guardrail rule: Select the guardrail rule that was violated.

  • Destination: Choose where notifications are sent (Slack, Teams, etc.).

  • Channel: Depends on the destination, choose the channel to send the notification to.

  • Email Addresses: If you selected email as the destination, select the email addresses to send the notification to.

This granularity allows you to create highly targeted notification rules. For example, you might set up a rule to alert your SRE team about drifts in production AWS accounts, while sending policy violation alerts to your security team.

Supported Notification Integrations

Firefly integrates with a wide range of notification platforms. For detailed setup instructions, see the Notification Integrations documentation:

Each integration guide covers prerequisites, and setup steps.

Note: You can also send notifications to your team via email.

How to Create and Manage Notifications

  1. Navigate to the Notifications Page: Go to the Notifications page in the Firefly UI.

  2. Add New Notification: Click Add new to open the notification creation form.

  3. Configure Notification:

    • Select the event type (e.g., Drift Detection, Policy Violation).

    • Optionally provide a name for the notification.

    • Set criteria (data source, asset type, tags, owner, location).

    • Choose the destination (Slack, Teams, etc.).

  4. Save and Activate: Click Create to save the notification. You can enable/disable notifications as needed.

  5. Audit and Manage: View all notification subscriptions, including their creator and timestamp. Edit or delete as required.

Tip: You can filter and search your notification rules to quickly find and manage them, especially in large environments.

Best Practices

  • Customize for Critical Events: Set up notifications for high-impact events (e.g., drift in production, policy violations) to ensure rapid response.

  • Avoid Alert Fatigue: Use tags, asset types, and destinations to avoid unnecessary noise. Route only relevant alerts to each team/channel.

  • Review Regularly: Periodically review and update your notification rules to match evolving infrastructure and team needs.

  • Use Dedicated Channels: Create separate channels or destinations for different alert types (e.g., security, SRE, compliance).

Example Notification Scenarios

  • Governance: Receive alerts when a policy or guardrail rule is violated, helping enforce compliance.

  • Drift Detection: Get notified immediately when a resource drifts from its IaC definition, enabling quick remediation.

  • ClickOps Detection: Know when resources are created manually, outside of your IaC process.

  • IaC Deployment Failure: Get notified when a workspace deployment fails.

Troubleshooting

  • Not Receiving Notifications?

    • Check that the integration is active and properly configured.

    • Review notification rule criteria for accuracy.

    • Ensure the destination (channel, webhook, etc.) is accessible.

    • Consult the integration-specific troubleshooting sections.

  • Too Many Notifications?

    • Refine your criteria (tags, asset types, severity).

    • Use separate channels for different alert types.

    • Disable or delete redundant rules.

Last updated

Was this helpful?