Infrastructure-as-Code Orchestration

Infrastructure-as-Code Orchestration in Firefly provides automated management and governance for your Terraform, OpenTofu, and Terragrunt deployments. While Infrastructure-as-Code Automation handles the generation and codification of IaC, orchestration manages the entire deployment lifecycle with workflows and policy enforcement.

Key Capabilities of IaC Orchestration

Automated Workflows

Firefly Workflows automate your IaC deployment process by connecting to your Git repositories and executing plan on pull requests and apply on merge. Each workflow is tied to a workspace that includes your IaC code, variables, execution environment, and deployment history. This eliminates manual deployment steps and ensures consistent, repeatable infrastructure changes.

Policy Enforcement with Guardrails

Firefly Guardrails provide automated policy enforcement by evaluating plan outputs against predefined rules. These rules can control costs, enforce security policies, manage resource permissions, and ensure compliance standards. Guardrails integrate with Policy-as-Code capabilities to block non-compliant deployments before they reach your infrastructure.

Flexible Deployment Options

Firefly supports multiple deployment models:

  • Firefly-Managed: Turnkey solution with secure, managed runners.

  • Self-Hosted Runners: Execute within your network boundaries.

  • CI/CD Integration: Enhance existing pipelines with visualization and governance.

Organizational Structure

Projects provide organizational boundaries with role-based access control, while Variable Sets enable centralized configuration management. This hierarchical structure supports complex multi-team environments with proper isolation and variable inheritance.

Benefits

  • Automated Deployments: Reduce manual effort and eliminate human errors.

  • Policy Compliance: Ensure all changes meet organizational standards before deployment.

  • Audit Trail: Complete visibility into deployment history and decisions.

  • Team Collaboration: Integrate with existing VCS and chat workflows.

  • Risk Mitigation: Prevent security breaches and cost overruns through automated checks.

For detailed implementation guides, refer to the Workflows documentation.

PreviousInfrastructure-as-Code AutomationNextCloud Asset Inventory

Last updated

Was this helpful?