Terminology (Glossary)
This section provides a comprehensive list of all key terms used in Firefly. Understanding these terms will help you navigate the platform and make the most of its features.
General Terms
Asset
A cloud resource that Firefly discovers in your environment, such as an AWS EC2 instance, an Azure VM, or a Kubernetes cluster. Assets can be unmanaged, codified, drifted, or ghost assets, depending on their relationship with Infrastructure-as-Code (IaC).
Unmanaged Asset
A cloud resource that was created manually (via ClickOps) and is not currently managed by any Infrastructure-as-Code (IaC) tool. Unmanaged assets can be codified to bring them under IaC management.
Codified Asset
A cloud resource that is fully managed using Infrastructure-as-Code. Firefly detects that the resource has an associated Terraform/Pulumi/CloudFormation definition.
Drifted Asset
A resource that was initially created and managed via IaC but has since been manually modified. Drift means the current cloud configuration does not match the original definition in code.
Ghost Asset
A resource that exists only in the IaC state file but no longer exists in the cloud. This happens when an IaC-managed resource is deleted outside of the IaC workflow, leaving a stale record in the Terraform state file.
Pending Asset
This status is temporary. The asset is still in the process of being analyzed, and Firefly has not yet determined its IaC status. In other words, the asset is in a waiting state until Firefly finishes scanning and classifying it.
Undetermined Asset
Firefly was unable to determine the asset's IaC status. This can happen if Firefly has partial information about the asset but cannot fully match it to an IaC state or definition. For example, Firefly might detect the resource in an IaC file but not be able to find it via cloud scanning (or vice versa), making its status unclear. An undetermined asset could potentially be codified, drifted, or unmanaged – but the platform isn't certain due to missing data or an unsupported resource type.
IaC-Ignored Asset
The asset has been manually marked to be ignored in Firefly's IaC tracking. Assets with this status were unmanaged but a user created an IaC-Ignore rule to exclude them from IaC coverage. They will not count toward "unmanaged" asset counts or appear in codification suggestions. (Common examples are default cloud resources that you decide to ignore in the platform.)
Child Asset
A resource that is part of a larger codified module or stack but isn't independently codified on its own. In Firefly, a "child" asset is managed by its parent resource's IaC definition. For example, an AWS EBS volume that is automatically created as part of an EC2 instance is considered a child asset – it's managed through the EC2's configuration, not directly by separate IaC code. Child assets don't need their own IaC because they are created and managed by the parent's IaC.
ClickOps & Event Tracking
ClickOps
Refers to the manual creation or modification of cloud resources using a cloud provider's web console. Firefly detects ClickOps changes and flags them as unmanaged or drifted assets.
CLI/SDK Event
Refers to the creation or modification of cloud resources using a cloud provider's CLI, SDK, or API.
Mutation Event
Any detected change to an infrastructure resource, whether manual (ClickOps, CLI, or SDK) or automated (via CI/CD, Terraform, or API). Mutation events provide a detailed log of configuration changes, including what was modified and by whom.
Event Center
Ownership Attribution
Firefly tracks who made a change to an asset through multiple sources: cloud logs (AWS CloudTrail, Azure Activity Logs, GCP Audit Logs) for IAM users, roles, or service accounts; and Git blame information for changes made through IaC.
Infrastructure-as-Code (IaC)
IaC (Infrastructure-as-Code)
IaC Coverage
A metric that indicates the percentage of assets managed by Infrastructure-as-Code. A higher IaC coverage means fewer ClickOps/manual changes.
IaC Explorer
Terraform State File (.tfstate)
A JSON file that stores the current state of Terraform-managed infrastructure. Firefly reads state files to determine which resources are codified and which are unmanaged or ghost assets.
Blast Radius
The scope of impact when making a change in Terraform or another IaC tool. Firefly's Blast Radius Analysis helps assess how updates to Terraform modules might affect large parts of an infrastructure.
Codification
Advanced Codification
A Firefly capability that allows for modularized codification by generating IaC modules instead of flat configurations. It supports module creation, module calls, dependency handling, and cloud migrations between AWS, Azure, and GCP.
Module Creation
Instead of generating a one-time resource definition, Firefly can structure codified assets into reusable Terraform modules, ensuring better maintainability.
Module Call Codification
Firefly recognizes existing Terraform modules in your repositories and able to codify discovered resources with them, improving standardization and reusability.
Drift Remediation
Governance & Compliance
Policy Packs
Cost Optimization Insights
Workflows & Guardrails
Workflows
Guardrails
FireflyCI
The binary used for Firefly CI/CD integration that is used to enforce IaC policies during pipeline runs.
Integrations
Data Source Integrations
Version Control Integrations
CI/CD Integration
Notification Integrations
IaC Remote State Integrations
Project Management Integrations
This glossary ensures you understand all Firefly terminology used throughout the platform. By becoming familiar with these terms, you'll be able to fully utilize Firefly's governance, compliance, and automation capabilities.
Last updated
Was this helpful?