Terminology (Glossary)

This section provides a comprehensive list of all key terms used in Firefly. Understanding these terms will help you navigate the platform and make the most of its features.

General Terms

Asset

A cloud resource that Firefly discovers in your environment, such as an AWS EC2 instance, an Azure VM, or a Kubernetes cluster. Assets can be unmanaged, codified, drifted, or ghost assets, depending on their relationship with Infrastructure-as-Code (IaC).

Unmanaged Asset

A cloud resource that was created manually (via ClickOps) and is not currently managed by any Infrastructure-as-Code (IaC) tool. Unmanaged assets can be codified to bring them under IaC management.

Codified Asset

A cloud resource that is fully managed using Infrastructure-as-Code. Firefly detects that the resource has an associated Terraform/Pulumi/CloudFormation definition.

Drifted Asset

A resource that was initially created and managed via IaC but has since been manually modified. Drift means the current cloud configuration does not match the original definition in code.

Ghost Asset

A resource that exists only in the IaC state file but no longer exists in the cloud. This typically happens when an IaC-managed resource is deleted outside of the IaC workflow, leaving a stale record in the Terraform state file.

Pending Asset

This status is temporary. The asset is still in the process of being analyzed, and Firefly has not yet determined its IaC status. In other words, the asset is in a waiting state until Firefly finishes scanning and classifying it.

Undetermined Asset

Firefly was unable to determine the asset's IaC status. This can happen if Firefly has partial information about the asset but cannot fully match it to an IaC state or definition. For example, Firefly might detect the resource in an IaC file but not be able to find it via cloud scanning (or vice versa), making its status unclear. An undetermined asset could potentially be codified, drifted, or unmanaged – but the platform isn't certain due to missing data or an unsupported resource type.

IaC-Ignored Asset

The asset has been manually marked to be ignored in Firefly's IaC tracking. Assets with this status were unmanaged but a user created an IaC-Ignore rule to exclude them from IaC coverage. They will not count toward "unmanaged" asset counts or appear in codification suggestions. (Common examples are default cloud resources that you decide to ignore in the platform.)

Child Asset

A resource that is part of a larger codified module or stack but isn't independently codified on its own. In Firefly, a "child" asset is managed by its parent resource's IaC definition. For example, an AWS EBS volume that is automatically created as part of an EC2 instance is considered a child asset – it's managed through the EC2's configuration, not directly by separate IaC code. Child assets typically don't need their own IaC because they are created and managed by the parent's IaC.

ClickOps & Event Tracking

ClickOps

Refers to the manual creation or modification of cloud resources using a cloud provider's web console, CLI, or API instead of an IaC tool. Firefly detects ClickOps changes and flags them as unmanaged or drifted assets.

Mutation Event

Any detected change to an infrastructure resource, whether manual (ClickOps) or automated (via CI/CD, Terraform, or API). Mutation events provide a detailed log of configuration changes, including what was modified and by whom.

Event Center

Ownership Attribution

Firefly tracks who made a change to an asset, linking events to IAM users, roles, or service accounts based on cloud logs (AWS CloudTrail, Azure Activity Logs, GCP Audit Logs).

Infrastructure-as-Code (IaC) & Governance

IaC (Infrastructure-as-Code)

IaC Coverage

A metric that indicates the percentage of assets managed by Infrastructure-as-Code. A higher IaC coverage means fewer ClickOps/manual changes.

IaC Explorer

Terraform State File (.tfstate)

A JSON file that stores the current state of Terraform-managed infrastructure. Firefly reads state files to determine which resources are codified and which are unmanaged or ghost assets.

Blast Radius

The scope of impact when making a change in Terraform or another IaC tool. Firefly's Blast Radius Analysis helps assess how updates to Terraform modules might affect large parts of an infrastructure.

Codification

Advanced Codification

A Firefly capability that allows for modularized codification by generating IaC modules instead of flat configurations. It supports module creation, module calls, dependency handling, and cloud migrations between AWS, Azure, and GCP.

Module Creation

Instead of generating a one-time resource definition, Firefly can structure codified assets into reusable Terraform modules, ensuring better maintainability.

Module Call Alignment

Firefly recognizes existing Terraform modules in your repositories and suggests aligning newly codified resources with them, improving standardization.

Drift Remediation

Governance & Compliance

Policy Packs

Cost Optimization Insights

Workflows & Guardrails

Workflows

Guardrails

FireflyCI

A CI/CD integration that ensures Infrastructure-as-Code best practices before deployments. FireflyCI scans IaC changes in Git repositories and prevents merging of misconfigured code, ensuring policy compliance at the code level.

Integrations

Data Source Integrations

Version Control Integrations

CI/CD Integration

Firefly integrates with GitHub, GitLab, Bitbucket, and other DevOps tools to enforce IaC policies during pull requests (via FireflyCI). Learn more in Integrating Workflows with CI/CD.

Notification Integrations

IaC Remote State Integrations

Project Management Integrations

This glossary ensures you understand all Firefly terminology used throughout the platform. By becoming familiar with these terms, you'll be able to fully utilize Firefly's governance, compliance, and automation capabilities.