Navigating the IaC Explorer

The IaC Explorer provides full visibility of your IaC stacks, including all of their components.

Use the filters and tables below to view detailed information about the types of IaC stacks.

Firefly does not support all providers. If you would like Firefly to support your provider type, let us know.

Terraform

Applied Stacks

Filters

Description

IaC Status

State of the IaC:

Contains Drifts: IaC stack contains drifted assets
Contains Ghost: IaC stack contains ghost assets
Active: Assets managed by the IaC stack are deployed
Scanning: Firefly is scanning the IaC stack
Empty: IaC does not contain managed assets
Unavailable: The IaC stack is unavailable for Firefly integration
Not Supported: Firefly does not support the IaC stack provider or the asset types
Corrupted: IaC stack is corrupted

Data Source

Integrated cloud or SaaS provider

Data Source Status

If the provider is supported by or integrated with Firefly

Backend

Where the IaC stack is stored

Asset Type

Type of asset described by the IaC stack

TF Versions

Version of Terraform used by the stack

Providers

Terraform providers used by the stack

Modules

Terraform modules

Table

Column

Description

Opens the module calls to the Terraform stack

Module Call Name opens the module call block code in your VCS
Module Name opens the module implementation folder in your VCS
Module Version version that was used to deploy the module call
Misconfigurations displays the number of IaC stacks with security controls that are inaccurately configured or left insecure. (Risk levels are based on Trivy)
View Assets opens the assets generated by the IaC module call

Module(s) partially applied. To view the unsynced stacks, hover over the image. To update the module in each stack, run terraform apply.

Name

Name the provider gives to the asset

Version

Terraform version according to IaC type

IaC Status

Percentage of assets managed by code

Backend

Where the IaC stack is stored

Data Source

Type of asset described by the IaC stack

Last Applied

The last time the terraform apply command was used

Assets

Opens the assets generated by the IaC stack

To view the IaC stack file and its properties, select the kebab at the end of the row.
- Stack Contents displays the IaC stack file.
- Properties displays your Providers (integrations) and Assets.
To create a map of your cloud infrastructure, select Map.

Remediating unsynced IaC stacks and partially applied modules

IaC stacks that have not been updated to reflect the latest changes and updates in their repositories are marked with a warning icon.
Use this tool to detect discrepancies, such as configuration drifts, unexpected behavior and potential security risks.
To view details about the discrepancy, hover over the warning icon. You can view which modules were updated but not reflected in the IaC stack:

To remediate unsynced IaC stacks:

To view which modules are not up-to-date, hover over the warning icon.
To update the IaC stack, run terraform apply with the target module. This action ensures the Iac stack is aligned with the updated module.
Verify the IaC stack is no longer marked in the Applied Stacks tab.

To remediate partially applied modules:

To view which IaC stacks are not applied, hover over the warning icon.
To ensure the module updates are fully reflected in the infrastructure, apply the necessary IaC stacks.
Verify the module is no longer marked in the Modules tab.

Providers

Select the Plus icon to open the table below:

Column

Description

Provider ID

ID of the integration

Status

If the cloud provider is supported by or integrated with Firefly
If a IaC stack is missing an integration, you can add it by selecting +Add Integration

Number of state files

Number of state files managed by the integration

Backends

View and manage the location where your IaC stacks are stored.

Column

Description

Integration

Name of the integration between Firefly and the service provider where the backend is located

Backend

Where the IaC stack is stored

Stacks

Number of IaC stacks stored in the backend

Last Scan Date

Last time the backend was scanned

Scan Now

Scans the backend for updated IaC stacks

Settings

Backend Settings

Exclusions

Add an exclusion pattern (according to the location of a IaC stack) to prevent that IaC stack from being scanned

Encryption

Supply a GCS encryption key that enables Firefly to access your IaC stack data

Event-driven

Copy and run the Terraform code in your Terraform repository to enable event-driven backend scanning

Modules

After you integrate your VCS, Firefly scans the code to locate your Terraform modules. Selecting the module opens that folder in your integrated VCS.

Filter

Description

Module Source

Location where the module is stored

Module Source Type

Type of storage where the module is stored

Misconfigurations

Severities of misconfiguration in the code

Table

Column

Description

Select Low, Medium, High, or Critical to show more information about that level of security risk
Select the file to open the IaC stack in your integrated VCS

Name

Opens the location in your integrated VCS where the module is stored

Repository

Repository where your module is located

Last Contributor

Last user to make changes to the module

Misconfigurations

Displays the number of IaC stacks with security controls that are inaccurately configured or left insecure. (Risk levels are based on Trivy).

Last Module Update

When the module was last updated

State Files

List of stacks containing the modules

Repositories

View and manage the repositories of your integrated VCS.

Column

Description

VCS Integration

Integration name

Repository Name

Name of the repository

Modules Discovered

Number of modules in the repository

Resources Managed

Number of resources managed by the repository

Last Scan Date

Last time the repository was scanned

Scan Now

Scans the repository for changes

CloudFormation

Applied Stacks

Filters

Description

AWS account

Your AWS account

Status

IaC status in AWS

Region

Region the stack was deployed

Language

CDK programming language

Table

Column

Description

Name

Opens the link in the AWS console to the CloudFormation stack remote location

Status

IaC status in AWS

IaC Status

Percentage of assets managed by code

Description

Comments about your IaC stack

Region

Region the stack was deployed

Language

CDK programming language

Created time

When the IaC stack was deployed

Assets

Opens the assets generated by the IaC stack

To view the IaC stack file and its properties, select the kebab at the end of the row.

Stack Contents displays the IaC stack file
Properties displays your Providers (integrations)

Backends

Column

Description

Integration

Name of the integration between Firefly and the service provider where the backend is located

Backend

Where the IaC stack is stored

Stacks

Number of IaC stacks stored in the backend

Last Scan Date

Last time the backend was scanned

Scan Now

Scans the backend for updated IaC stacks

Pulumi

Applied Stacks

Filters

Description

IaC Status

State of the IaC:

Contains Drifts: IaC stack contains drifted assets
Contains Ghost: IaC stack contains ghost assets
Active: Assets managed by the IaC stack are deployed
Scanning: Firefly is scanning the IaC stack
Empty: IaC does not contain managed assets
Unavailable: The IaC stack is unavailable for Firefly integration
Not Supported: Firefly does not support the IaC stack provider or the asset types
Corrupted: IaC stack is corrupted

Data Source

Integrated cloud or SaaS provider

Data Source Status

If the provider is supported by or integrated with Firefly

Backend

Where the IaC stack is stored

Asset type

Type of asset described by the IaC stack

Table

Column

Description

Name

Name the provider gives to the asset

Version

Version according to IaC type

IaC Status

Percentage of assets managed by code

Backend

Where the IaC stack is stored

Last Applied

The last time the terraform apply command was used

Assets

Opens the assets generated by the chart

To view the Properties, the Providers and Assets, select the kebab at the end of the row.

Backends

Column

Description

Integration

Name of integration

Backend

Where the IaC stack is stored

Stacks

Number of IaC stacks stored in the backend

Last Scan Date

Last time the backend was scanned

Scan Now

Scans the backend for updated IaC stacks

Helm Installed Charts

Column

Description

Name

Opens the location of the chart

Chart Status

Status of chart deployment

Chart

Kubernetes name of the chart

Chart Version

Version of the chart

App Version

Version of the application in the chart

Revision

Revision number for the release

Cluster

Kubernetes cluster name

Namespace

Namespace where the chart was deployed

Last Applied

The last time the chart was updated

Assets

Opens the assets generated by the chart

To view the IaC stack file and its properties, select the kebab at the end of the row.

Stack Contents displays the IaC stack file
Properties displays your Providers (integrations)

Kustomize Installed Artifacts

Column

Description

Name

Opens the Kustomize application

Revision

Revision number for the release

Cluster

Kubernetes cluster name

Namespace

Namespace where the Kustomize application was deployed

Last Applied

The last time the application was updated

Assets

Opens the assets generated by the application

To view the Providers of your Kustomize application, select the kebab at the end of the row.

Argo Directory Installed Artifacts

Column

Description

Name

Opens the Argo Directory application

Revision

Revision number for the release

Cluster

Kubernetes cluster name

Namespace

Namespace where the Argo Directory application was deployed

Last Applied

The last time the application was updated

Assets

Opens the assets generated by the application

To view the providers of your Argo Directory application, select the kebab at the end of the row.

PreviousCompose: Generating new configuration NextWorkflows

Last updated 5 months ago