Drift Detection & Remediation

Drift Detection is one of Firefly's core strengths. Drift occurs when the actual state of a resource in the cloud diverges from the desired state defined in your IaC configuration. For example, a team member might manually open a port in a firewall, or change an instance type through the console, creating a mismatch between code and reality. Firefly continuously monitors for such drifts across your infrastructure and alerts you as soon as they detected.

Key capabilities for drift management:

Real-time Drift Alerts

Firefly detects configuration drift in real-time (via event-driven hooks and periodic scans). The moment a resource's live configuration deviates from what's in the IaC definition, Firefly flags a drift. You can receive instant notifications through your preferred channels (Slack, Microsoft Teams, PagerDuty, etc.) thanks to Firefly's ChatOps integration. This proactive alerting lets you address issues before they escalate.

Drift Insight & Visualization

In the Firefly console, drifted resources are clearly indicated (with a "drifted" status and highlight). For each drift, Firefly shows the difference between the actual state and the IaC state. For example, it might display that a security group rule is open in AWS (actual) whereas your Terraform expects it closed. This side-by-side diff or summary makes it easy to understand what changed.

Remediation Suggestions

Firefly doesn't stop at telling you what drifted – it helps you fix it. Firefly generates context-specific remediation steps or code to resolve the drift. In many cases, it will produce the exact Infrastructure-as-Code changes needed to bring the system back in sync. These could be Terraform code adjustments or CLI commands. For instance, if an EC2 instance type was changed manually, Firefly could suggest the Terraform code update (or a terraform plan to change it back).

One-Click or Automated Fixes

With Firefly's remediation feature, you can apply fixes with minimal effort. After reviewing the suggested fix, you might choose to auto-apply it. Firefly can open a Pull Request to your Git repo with the necessary code changes to match the live state (or vice versa). This keeps the remediation under version control. Alternatively, for immediate issues, you might copy a CLI command from Firefly to quickly revert a change. Either way, Firefly's guided remediation turns hours of manual editing into a single-click resolution.

How remediation works in practice

Suppose your Terraform config declares an EC2 instance with type t2.micro and 2 CPU threads per core, but someone manually changed it to t2.nano with 1 CPU thread per core directly in the AWS console. Firefly will detect this drift (e.g., instance_type = t2.nano in AWS vs t2.micro in code, and cpu_threads_per_core = 1 in AWS vs 2 in code) and alert you. In the Firefly UI, you'd see the EC2 instance marked as drifted with details of these mismatches. Firefly would then generate a fix – in this case, it might be a Terraform code snippet to update the instance configuration to t2.nano and 1 CPU threads per core, or a terraform apply command to revert the changes. You could then have Firefly commit that Terraform code change to Git, and run your pipeline to sync the state. Within minutes, the drift is resolved and your code and cloud are back in sync, without manually writing any code or logging into the console.

Drift Detection and Remediation maintain alignment between your infrastructure's actual state and its intended configuration in code. This proactive approach helps prevent service disruptions by identifying unauthorized modifications early, while also ensuring your infrastructure remains compliant with organizational policies and security standards.