Common Issues and Solutions

Note: Check the Firefly Status Page for Firefly's current status.

This guide covers the most frequently encountered issues and their solutions when working with Firefly.


Resource Management Issues

Ghost Assets

Q: How do I resolve a "ghost drift" asset showing in Firefly?

A ghost drift asset occurs when Firefly detects a mismatch between your Infrastructure as Code (IaC) and actual cloud resources.

What causes ghost drift assets:

  • Resource exists in IaC but not in the cloud.

  • Resource was manually deleted without updating IaC.

Resolution steps:

  • Remove it from your IaC configuration. Available in Firefly, check the delete asset action guide.

  • For Terraform: Use terraform state rm <resource> or delete from code and run terraform apply.

  • Firefly will stop listing it as ghost once the IaC reference is removed.

Prevention tips:

  • Always use proper IaC destroy commands instead of manual deletions.

  • Use Firefly's drift detection feature to detect and resolve ghost assets.

  • Implement proper change management processes.

Undetermined Resources

Q: Some of my cloud resources show as Undetermined in Firefly. What does this mean?

Firefly does not fully support certain cloud resources, especially niche offerings.

What to expect:

  • Resources appear in Inventory with limited information.

  • Policies not be evaluated on these resources.

  • Classification as managed/unmanaged is not available.

Solutions:

  • Continue managing these resources via IaC.

  • Contact Firefly support to request support for specific resource types.


Integration Issues

Missing Assets After Integration

Q: I just integrated a cloud account, but I don't see any assets in Firefly.

Troubleshooting steps:

  1. Check integration status:

    • Navigate to Settings > Integrations and select the data source.

    • Verify the Scanning Status is in the last few hours.

    • Look for error messages and resolve any credential issues. For more information, contact Firefly support.

  2. Wait for initial scan:

    • Initial scans can take several hours for large environments

    • Check if a scan is currently in progress

  3. Trigger manual scan:

    • Go to Settings > Integrations and select the data source.

    • In the integration menu, click on the Scan Assets option.

  4. Verify permissions:

    • AWS: Ensure IAM role has ReadOnlyAccess or equivalent.

    • Azure: Verify service principal has Reader role.

    • GCP: Check service account has appropriate viewer permissions.

    • For any other data source, check the relevant token permissions. For more information, check the Integration Guide.

Event-Driven Upgrade

Q: Firefly shows Event-Driven disabled for my cloud integration. What is this?

Event-driven mode provides real-time updates instead of periodic scanning.

Benefits:

  • Near-instant drift detection (minutes vs. up to 24 hours).

  • More accurate resource state tracking.

  • Faster policy violation alerts.

How to upgrade:

  • Check the Integration Guide for the specific cloud provider.

  • Contact Firefly support for further assistance.

Note: If you cannot upgrade due to cost or complexity concerns, daily polling will continue to work.


Notification and Alert Issues

Troubleshooting Missing Notifications

Q: My Firefly notifications aren't coming through (Slack/Email/etc). How do I debug?

Step-by-step debugging:

  1. Verify notification rules:

    • Go to the Notifications page.

    • Check that rules are active (toggle on).

    • Confirm events have occurred that match your criteria.

  2. Test the integration:

    • Go to Settings > Integrations and select the notification integration.

    • Click on the Test button to send a test notification.

  3. Common fixes:

    • Check the Integration Guide for the specific notification integration.

    • Contact Firefly support for further assistance.


Workflows and Guardrails Issues

Blocked Terraform Plans by Guardrails

Q: A Terraform plan is being blocked by a guardrail in Firefly, but I believe the change is okay.

Resolution options:

  1. Override (if available):

    • Go to Workflows > Workspaces and select the blocked run.

    • Use the Override option (requires appropriate permissions).

  2. Adjust the change:

    • Review the policy violation message.

    • Modify your Terraform code to comply.

    • Common fixes: add required tags, enable encryption, adjust resource sizes.

  3. Update the policy:

    • Go to Workflows > Guardrails and select the guardrail.

    • Click on the Edit button.

    • Update the policy to your needs.

    • Click on the Save button.

Pro tip: Use violation remediation to quickly fix compliance issues rather than bypassing guardrails.

Endpoint Availability

Q: What happens to my run if Firefly's endpoint is unavailable?

Behavior during outages:

  • CI/CD pipeline execution continues normally.

  • Infrastructure changes are applied as usual.

  • Deployment updates and logs won't appear in Firefly dashboard.

  • Status tracking resumes once endpoint is accessible.

Recommendations:

  • Configure fireflyci to not block pipelines on Firefly errors.

  • Monitor Firefly's status page for service updates.

Slow or Stuck Workflows

Q: My Firefly workflow is running slowly or appears stuck.

Common causes and solutions:

  1. Large plan files:

    • Break down large Terraform configurations.

    • Use targeted applies when possible.

  2. Network connectivity:

    • Check firewall rules for Firefly endpoints.

    • Verify DNS resolution.

    • Test connectivity from CI/CD environment.

  3. Resource contention:

    • Check for concurrent workflows.

    • Review resource limits in CI/CD system.

  4. Workflow configuration:

    • Verify workflow triggers are correct.

    • Review timeout settings.

For more information, check the Workflows CI/CD integration guide.


General Troubleshooting Tips

Getting Help

  1. Check Firefly Status:

    • Visit Firefly's status page for known issues.

    • Check maintenance windows and scheduled updates.

  2. Gather Information:

    • Screenshot error messages.

    • Collect relevant logs from CI/CD systems.

    • Note timing of issues (when they started).

  3. Contact Support:

    • Use the in-app support chat.

    • Email support with detailed context.

    • Include account information and affected resources.

    • For more information, check the contacting support guide.

Last updated

Was this helpful?