LogoLogo
  • Welcome to Firefly Documentation
  • Introduction
    • What is Firefly?
    • Who is Firefly for?
    • Why use Firefly?
    • Terminology (Glossary)
  • Key Features
    • Infrastructure-as-Code Automation
    • Cloud Asset Inventory
    • Drift Detection & Remediation
    • Policy-as-Code for Compliance & Governance
    • Cost Visibility & Optimization
    • AI Assistant
    • ChatOps Integration
  • Getting Started
    • Account Setup & Onboarding
    • Connecting Cloud Accounts
    • UI Walkthrough & Navigation
    • First Steps in Firefly
  • Detailed Guides
    • Dashboard Overview
    • Cloud Asset Inventory
      • Remediating Drifts
      • Deleting Assets
      • Creating IaC-Ignore Rules
      • Creating Exclude-Drift Rules
    • Policy & Governance
      • Creating Policy-as-Code Governance Rules
      • Remediating Policy Violations
    • Workflows & Guardrails
      • Creating Workflows
      • Creating Guardrail Rules
    • Codification
    • Self-Service
    • IaC Explorer
    • Event Center
    • Backup and Disaster Recovery
    • Notifications
    • User Management
    • SSO Configuration
  • Integrations
    • Integrations Overview
    • Integrating Data Sources
      • AWS
      • Azure
      • Google Cloud
      • Kubernetes
      • Akamai
      • Datadog
      • New Relic
      • Okta
      • GitHub
      • Cloudflare
      • NS1
      • PagerDuty
      • MongoDB Atlas
      • HashiCorp Vault
    • Integrating IaC Remote State
      • Terraform Cloud
      • Google Cloud Storage
      • env0
      • HashiCorp Consul
      • Firefly States Redactor
    • Integrating Version Control
      • GitHub
      • GitLab
      • Azure DevOps
      • CodeCommit
      • Bitbucket
    • Integrating Notifications
      • Slack
      • Microsoft Teams
      • PagerDuty
      • Opsgenie
      • Torq
      • Webex
      • Google Chat
      • Webhook
    • Integrating Project Management
      • Jira
      • ServiceNow
    • Integrating Workflows with CI/CD
    • Integrating Backstage
    • Integrating MCP
  • Use Cases & Best Practices
    • Cloud Governance & Visibility
    • Cost Optimization Strategies
    • Compliance and Security Best Practices
    • Infrastructure Automation & Self-Service
    • Best Practices and Implementation Tips
  • Analytics & Reporting
    • Analytics Dashboard Overview
    • Using Analytics for Improvement
    • Exporting and Sharing Reports
    • Analytics Security and Privacy
  • Code Snippets & Examples
    • Terraform Snippet for an AWS EC2 Instance (Codified via Firefly)
    • Example Rego Policy (OPA) for a Custom Rule
    • GitHub Actions Workflow YAML for Firefly Integration
    • JSON Output Example: Exporting Inventory
  • Troubleshooting & FAQs
    • Common Issues and Solutions
    • FAQs
  • General Information
    • Firefly API
      • Authentication
      • Inventory
      • Codification
      • Workflows
      • Self-Service
      • Policy & Governance
      • IaC Explorer
      • Event Center
      • Backup & Disaster Recovery
      • Notifications
      • Integrations
      • Identity & Access Management
    • Security & Compliance
    • Pricing Tiers & Add-ons
    • Contacting Support
Powered by GitBook
On this page
  • General Terms
  • Asset
  • Unmanaged Asset
  • Codified Asset
  • Drifted Asset
  • Ghost Asset
  • Pending Asset
  • Undetermined Asset
  • IaC-Ignored Asset
  • Child Asset
  • ClickOps & Event Tracking
  • ClickOps
  • Mutation Event
  • Event Center
  • Ownership Attribution
  • Infrastructure-as-Code (IaC) & Governance
  • IaC (Infrastructure-as-Code)
  • IaC Coverage
  • IaC Explorer
  • Terraform State File (.tfstate)
  • Blast Radius
  • Codification
  • Advanced Codification
  • Module Creation
  • Module Call Alignment
  • Drift Remediation
  • Governance & Compliance
  • Policy Packs
  • Cost Optimization Insights
  • Workflows & Guardrails
  • Workflows
  • Guardrails
  • FireflyCI
  • Integrations
  • Data Source Integrations
  • Version Control Integrations
  • CI/CD Integration
  • Notification Integrations
  • IaC Remote State Integrations
  • Project Management Integrations

Was this helpful?

  1. Introduction

Terminology (Glossary)

This section provides a comprehensive list of all key terms used in Firefly. Understanding these terms will help you navigate the platform and make the most of its features.

General Terms

Asset

A cloud resource that Firefly discovers in your environment, such as an AWS EC2 instance, an Azure VM, or a Kubernetes cluster. Assets can be unmanaged, codified, drifted, or ghost assets, depending on their relationship with Infrastructure-as-Code (IaC).

Unmanaged Asset

A cloud resource that was created manually (via ClickOps) and is not currently managed by any Infrastructure-as-Code (IaC) tool. Unmanaged assets can be codified to bring them under IaC management.

Codified Asset

A cloud resource that is fully managed using Infrastructure-as-Code. Firefly detects that the resource has an associated Terraform/Pulumi/CloudFormation definition.

Drifted Asset

A resource that was initially created and managed via IaC but has since been manually modified. Drift means the current cloud configuration does not match the original definition in code.

Ghost Asset

A resource that exists only in the IaC state file but no longer exists in the cloud. This typically happens when an IaC-managed resource is deleted outside of the IaC workflow, leaving a stale record in the Terraform state file.

Pending Asset

This status is temporary. The asset is still in the process of being analyzed, and Firefly has not yet determined its IaC status. In other words, the asset is in a waiting state until Firefly finishes scanning and classifying it.

Undetermined Asset

Firefly was unable to determine the asset's IaC status. This can happen if Firefly has partial information about the asset but cannot fully match it to an IaC state or definition. For example, Firefly might detect the resource in an IaC file but not be able to find it via cloud scanning (or vice versa), making its status unclear. An undetermined asset could potentially be codified, drifted, or unmanaged – but the platform isn't certain due to missing data or an unsupported resource type.

IaC-Ignored Asset

The asset has been manually marked to be ignored in Firefly's IaC tracking. Assets with this status were unmanaged but a user created an IaC-Ignore rule to exclude them from IaC coverage. They will not count toward "unmanaged" asset counts or appear in codification suggestions. (Common examples are default cloud resources that you decide to ignore in the platform.)

Child Asset

A resource that is part of a larger codified module or stack but isn't independently codified on its own. In Firefly, a "child" asset is managed by its parent resource's IaC definition. For example, an AWS EBS volume that is automatically created as part of an EC2 instance is considered a child asset – it's managed through the EC2's configuration, not directly by separate IaC code. Child assets typically don't need their own IaC because they are created and managed by the parent's IaC.

ClickOps & Event Tracking

ClickOps

Refers to the manual creation or modification of cloud resources using a cloud provider's web console, CLI, or API instead of an IaC tool. Firefly detects ClickOps changes and flags them as unmanaged or drifted assets.

Mutation Event

Any detected change to an infrastructure resource, whether manual (ClickOps) or automated (via CI/CD, Terraform, or API). Mutation events provide a detailed log of configuration changes, including what was modified and by whom.

Event Center

Ownership Attribution

Firefly tracks who made a change to an asset, linking events to IAM users, roles, or service accounts based on cloud logs (AWS CloudTrail, Azure Activity Logs, GCP Audit Logs).

Infrastructure-as-Code (IaC) & Governance

IaC (Infrastructure-as-Code)

IaC Coverage

A metric that indicates the percentage of assets managed by Infrastructure-as-Code. A higher IaC coverage means fewer ClickOps/manual changes.

IaC Explorer

Terraform State File (.tfstate)

A JSON file that stores the current state of Terraform-managed infrastructure. Firefly reads state files to determine which resources are codified and which are unmanaged or ghost assets.

Blast Radius

The scope of impact when making a change in Terraform or another IaC tool. Firefly's Blast Radius Analysis helps assess how updates to Terraform modules might affect large parts of an infrastructure.

Codification

Advanced Codification

A Firefly capability that allows for modularized codification by generating IaC modules instead of flat configurations. It supports module creation, module calls, dependency handling, and cloud migrations between AWS, Azure, and GCP.

Module Creation

Instead of generating a one-time resource definition, Firefly can structure codified assets into reusable Terraform modules, ensuring better maintainability.

Module Call Alignment

Firefly recognizes existing Terraform modules in your repositories and suggests aligning newly codified resources with them, improving standardization.

Drift Remediation

Governance & Compliance

Policy Packs

Cost Optimization Insights

Workflows & Guardrails

Workflows

Guardrails

A Firefly feature that enforces security and compliance at the provisioning stage by preventing misconfigured infrastructure from being deployed. Guardrails apply Open Policy Agent (OPA) policies to IaC files before deployment. Learn more in Creating Guardrail Rules.

FireflyCI

A CI/CD integration that ensures Infrastructure-as-Code best practices before deployments. FireflyCI scans IaC changes in Git repositories and prevents merging of misconfigured code, ensuring policy compliance at the code level.

Integrations

Data Source Integrations

Version Control Integrations

CI/CD Integration

Firefly integrates with GitHub, GitLab, Bitbucket, and other DevOps tools to enforce IaC policies during pull requests (via FireflyCI). Learn more in Integrating Workflows with CI/CD.

Notification Integrations

Firefly can integrate with Slack, Microsoft Teams, and other notification platforms to send alerts and updates. Learn more in Integrating Notifications.

IaC Remote State Integrations

Project Management Integrations

This glossary ensures you understand all Firefly terminology used throughout the platform. By becoming familiar with these terms, you'll be able to fully utilize Firefly's governance, compliance, and automation capabilities.

PreviousWhy use Firefly?NextInfrastructure-as-Code Automation

Last updated 1 month ago

Was this helpful?

A Firefly feature that provides a timeline-based view of all mutation events, allowing users to track changes, detect unauthorized modifications, and audit ClickOps activities. Learn more in .

A methodology for managing cloud infrastructure using code-based configurations (e.g., Terraform, Pulumi, CloudFormation) instead of manual processes. Firefly integrates with multiple IaC frameworks to help users achieve better governance and automation. Learn more in .

A Firefly feature that provides visibility into IaC stacks, Terraform modules, and providers used across your cloud environment. It helps users understand how infrastructure is structured in code. Learn more in .

The process of converting unmanaged cloud resources into Infrastructure-as-Code. Firefly automatically generates Terraform/Pulumi/CloudFormation code to bring unmanaged resources under IaC control. Learn more in .

Firefly's ability to detect and automatically fix drifted resources by either reapplying the IaC definition or regenerating the correct Terraform code for manual review. Learn more in .

Predefined security and compliance rules that Firefly applies to IaC configurations and cloud assets. Policies can enforce tagging conventions, network security settings, and best practices. Learn more in .

Firefly analyzes your cloud infrastructure for unused or overprovisioned resources, helping reduce cloud spending. Learn more in .

Automated processes within Firefly that help enforce governance and security. Workflows can apply policy checks, remediation actions, and compliance rules across your cloud environments. Learn more in .

Firefly connects with AWS, Azure, GCP, Kubernetes, and SaaS platforms (Datadog, GitHub, etc.) to fetch real-time configuration data. Learn more in .

Firefly integrates with GitHub, GitLab, Bitbucket, and other DevOps tools to enforce IaC policies during pull requests (via FireflyCI). Learn more in .

Firefly integrates with Terraform Cloud and Terraform Enterprise to fetch IaC remote state data. Learn more in .

Firefly can integrate with project management platforms such as Jira to generate tickets for unmanaged assets, policy violations and more. Learn more in .

Event Center
Infrastructure-as-Code Automation
IaC Explorer
Codification
Drift Detection & Remediation
Policy & Governance
Cost Visibility & Optimization
Workflows & Guardrails
Integrating Data Sources
Integrating Version Control
Integrating IaC Remote State
Integrating Project Management