LogoLogo
  • Welcome to Firefly Documentation
  • Introduction
    • What is Firefly?
    • Who is Firefly for?
    • Why use Firefly?
    • Terminology (Glossary)
  • Key Features
    • Infrastructure-as-Code Automation
    • Cloud Asset Inventory
    • Drift Detection & Remediation
    • Policy-as-Code for Compliance & Governance
    • Cost Visibility & Optimization
    • AI Assistant
    • ChatOps Integration
  • Getting Started
    • Account Setup & Onboarding
    • Connecting Cloud Accounts
    • UI Walkthrough & Navigation
    • First Steps in Firefly
  • Detailed Guides
    • Dashboard Overview
    • Cloud Asset Inventory
      • Remediating Drifts
      • Deleting Assets
      • Creating IaC-Ignore Rules
      • Creating Exclude-Drift Rules
    • Policy & Governance
      • Creating Policy-as-Code Governance Rules
      • Remediating Policy Violations
    • Workflows & Guardrails
      • Creating Workflows
      • Creating Guardrail Rules
    • Codification
    • Self-Service
    • IaC Explorer
    • Event Center
    • Backup and Disaster Recovery
    • Notifications
    • User Management
    • SSO Configuration
  • Integrations
    • Integrations Overview
    • Integrating Data Sources
      • AWS
      • Azure
      • Google Cloud
      • Kubernetes
      • Akamai
      • Datadog
      • New Relic
      • Okta
      • GitHub
      • Cloudflare
      • NS1
      • PagerDuty
      • MongoDB Atlas
      • HashiCorp Vault
    • Integrating IaC Remote State
      • Terraform Cloud
      • Google Cloud Storage
      • env0
      • HashiCorp Consul
    • Integrating Version Control
      • GitHub
      • GitLab
      • Azure DevOps
      • CodeCommit
      • Bitbucket
    • Integrating Notifications
      • Slack
      • Microsoft Teams
      • PagerDuty
      • Opsgenie
      • Torq
      • Webex
      • Google Chat
      • Webhook
    • Integrating Project Management
      • Jira
      • ServiceNow
    • Integrating Workflows with CI/CD
    • Integrating Backstage
    • Integrating MCP
  • Use Cases & Best Practices
    • Cloud Governance & Visibility
    • Cost Optimization Strategies
    • Compliance and Security Best Practices
    • Infrastructure Automation & Self-Service
    • Best Practices and Implementation Tips
  • Analytics & Reporting
    • Analytics Dashboard Overview
    • Using Analytics for Improvement
    • Exporting and Sharing Reports
    • Analytics Security and Privacy
  • Code Snippets & Examples
    • Terraform Snippet for an AWS EC2 Instance (Codified via Firefly)
    • Example Rego Policy (OPA) for a Custom Rule
    • GitHub Actions Workflow YAML for Firefly Integration
    • JSON Output Example: Exporting Inventory
  • Troubleshooting & FAQs
    • Common Issues and Solutions
    • FAQs
  • General Information
    • Firefly API
      • Authentication
      • Inventory
      • Codification
      • Workflows
      • Self-Service
      • Policy & Governance
      • IaC Explorer
      • Event Center
      • Backup & Disaster Recovery
      • Notifications
      • Integrations
      • Identity & Access Management
    • Security & Compliance
    • Pricing Tiers & Add-ons
    • Contacting Support
Powered by GitBook
On this page
  • Explore the Cloud Inventory
  • Set Up a Policy (Governance)
  • Configure Notifications

Was this helpful?

  1. Getting Started

First Steps in Firefly

A few initial activities are recommended to get value from Firefly:

Explore the Cloud Inventory

Navigate to the Inventory page to see the list of all assets Firefly has aggregated from your connected accounts. Here you can filter and search resources across AWS, GCP, Azure, Kubernetes, and SaaS providers all in one place.

Try using the filters at the top of the Inventory to drill down by provider, region, resource type, tag, or owner. For example, you might filter to a specific AWS account and resource type EC2 Instance to see your VMs, or filter by an Owner tag to see assets owned by a team.

The Inventory is your single source of truth for what's running in your cloud. Click on a resource in the table to view its Asset Details – including its configuration info, tags, IaC state (if managed by code), change history, and any policy violations or drift status.

This will help you quickly identify which assets are "codified" (managed by IaC) and which are "unmanaged" (created manually and not yet in code). Firefly automatically classifies every resource as codified, drifted, unmanaged, or ghost.

As a best practice, note any important unmanaged assets – you can decide to codify them (generate IaC) to bring them under control.

Set Up a Policy (Governance)

Go to the Policies & Governance section to view built-in policy checks and optionally create your first custom policy. Firefly comes with a library of built-in policies (powered by OPA's Rego rules via KICS) that check your assets for security, compliance, and best practices issues.

These include categories like access control, encryption, resource naming, cost optimization, etc. Initially, you might see a summary of how many resources pass or violate the built-in policies.

As a new user, a good first step is to identify one or two critical policies to enforce. For example, you might want to ensure "No public S3 buckets" or "Databases must be encrypted". You can create a Custom Policy for this if it isn't covered by the built-ins.

To create a policy:

  1. Click "+ New Policy"

  2. Give it a name

  3. Choose a category (or create a new one) and severity level

  4. Write the rule in Rego (or use the AI policy generator to help)

Firefly provides an Input Schema and testing interface so you can validate the policy against existing assets before saving. Once your policy is active, Firefly will scan all relevant assets and report any violations.

The Governance dashboard will show a compliance score (the percentage of assets passing each policy). As you get started, setting up a few key policies establishes guardrails for your environment.

Configure Notifications

It's important to get alerts when Firefly detects changes or issues. Under Settings > Notifications, configure how you'd like to receive alerts about drift, policy violations, or other events.

Firefly can send notifications to various channels: you can integrate Slack, Microsoft Teams, PagerDuty, email, or create Jira tickets, among others.

For Slack, you have two options:

  • Using the Firefly Slack App

  • Setting up a webhook URL

In either case, you'll authorize Firefly to post messages to your workspace. Similar steps apply for Teams (via an incoming webhook connector) and PagerDuty (via an API integration key).

After integration, define what events trigger notifications. For example, you might enable alerts for:

  • Drift detected (when an infrastructure change occurs outside of IaC)

  • Policy violation detected

  • New unmanaged asset discovered

Firefly will then send a message with details whenever those events occur. According to your configuration, Firefly will deliver messages to your chosen channel – e.g. posting a Slack message when a non-compliant change is blocked or sending a PagerDuty incident when a critical drift is found.

Setting up notifications early ensures you have near real-time visibility. Firefly's platform is event-driven for AWS, Azure, and GCP, tracking CloudTrail and equivalent events in near real-time, so you will be promptly alerted of changes.

As a next step, you can also explore the Events or Activity view in Firefly to see a log of all changes detected. Notifications and event monitoring help your team respond quickly to any issues that Firefly surfaces.

By completing these first steps – connecting your accounts, exploring the inventory, defining basic policies, and enabling notifications – you'll have a solid foundation in Firefly. You'll be able to continuously monitor your cloud assets, get alerted to important changes, and start improving your infrastructure management with Infrastructure-as-Code and policy guardrails.

PreviousUI Walkthrough & NavigationNextDashboard Overview

Last updated 1 month ago

Was this helpful?