# FAQs

Welcome to the Firefly FAQs. This comprehensive guide addresses common questions users encounter while using Firefly. Use the table of contents below to quickly find the information you need.

***

## General Usage

#### Q: How do I get started with Firefly?

**A:** Follow these steps to begin using Firefly:

1. **Account Setup**: Complete the initial onboarding process.
2. **Connect Integrations**: Link your cloud and SaaS accounts and IaC tools.
3. **Initial Scan**: Allow Firefly to discover your infrastructure.
4. **Explore Features**: Use the inventory, compliance, and codification features.

**Related Documentation**: [Getting Started Guide](https://docs.firefly.ai/getting-started/account-setup-and-onboarding).

#### Q: What should I do if Firefly isn't detecting my resources?

**A:** Check these common issues:

* **Integration Status**: Verify your cloud and SaaS account integrations are active.
* **Permissions**: Ensure IAM roles have the necessary read permissions.
* **Refresh Data**: Manually trigger a rescan from the integration settings.

If issues persist, check the [Common Issues](https://docs.firefly.ai/troubleshooting-and-faqs/common-issues) guide or contact Firefly support.

***

## Access Management & RBAC

#### Q: How do I manage users and access in Firefly?

**A:** Firefly uses Role-Based Access Control (RBAC) to manage permissions. To access these features:

1. **Navigate**: Go to *Access Management* in the navigation menu (only Admins can access this).
2. **Manage Users, Teams, and Service Accounts**: Add or remove users, create teams, and set up service accounts for automation.
3. **Assign Roles**: Assign roles (Admin, Viewer, or custom roles) to users, teams, or service accounts.
4. **Create API Keys**: Generate API keys with scoped permissions for users, teams, or service accounts.

**Key Concepts**:

* **Admin Role**: Full access to all scopes and actions.
* **Viewer Role**: Read-only access to all supported areas.
* **Custom Roles**: Admins can create additional roles with specific permissions and integrations.
* **Service Accounts**: Create identities for automation tools or CI/CD systems without tying them to human users.

**Related Documentation**: [Access Management & RBAC](https://docs.firefly.ai/getting-started/access-management-rbac)

#### Q: What are the different permission modes?

**A:** Firefly supports three permission modes:

* **Full Access (Admin)**: Grants all available permissions across all data sources. All actions are enabled, and all integrations are accessible.
* **Read-only**: Users can view everything but cannot create, update, delete, or remediate.
* **Limited Access (Scoped)**: Fully customizable, including specific integrations (for example, specific AWS/GCP/Azure accounts) and specific actions (for example, "View Inventory" but not "Delete Asset").

#### Q: How do I create API keys?

**A:** To create API keys:

1. **Navigate**: Go to *Access Management*.
2. **Select**: Choose a User, Team, or Service Account.
3. **Create Key**: Click to create a new API key pair.
4. **Store Securely**: Copy both the Access Key and Secret Key (they will only be shown once) and store them securely.

**Best Practices**:

* Use Service Accounts for automation instead of human API keys.
* Rotate API keys regularly.
* Review role assignments periodically.

**Related Documentation**: [Access Management & RBAC](https://docs.firefly.ai/getting-started/access-management-rbac)

***

## Feature Behavior

#### Q: Why aren't my Terraform state files showing resources as codified?

**A:** This usually happens due to state file discovery issues:

**For AWS/Azure/Google Cloud Backends**:

* Validate that the state file is with the allowed extensions (usually `.tfstate`).
* Manually trigger scan, from the integration settings.
* Verify state files are in the configured bucket.

**For Other Backends**:

* Explicitly integrate via *Integrations > IaC Remote State*.
* Verify state file format and accessibility.

#### Q: How do I handle drifted ghost assets?

**A:** Drifted ghost assets are resources that exist in your IaC but not in the cloud:

**Steps to Resolve**:

1. **Verify Deletion**: Confirm the resource was actually deleted.
2. **Remove from Code**: Delete the resource definition from your Terraform files. Available in Firefly, check the [delete asset action](https://github.com/gofireflyio/product-docs/blob/main/detailed-guides/cloud-asset-inventory/delete-asset.md) guide.
3. **Update State**: Run `terraform refresh` to update state files.

***

## Security & Compliance

#### Q: What access does Firefly have to my cloud environment?

**A:** Firefly follows security best practices:

**Read-Only Access**:

* Firefly uses least-privilege IAM roles.
* No ability to modify infrastructure directly.
* Only configuration metadata is accessed, not data content.

**Data Handling**:

* All data is stored encrypted.
* No sensitive data (keys, secrets) is collected.

#### Q: How do I ensure secure integration with Firefly?

**A:** Follow these security guidelines:

1. **Use Least Privilege**: Grant only necessary permissions.
2. **Regular Audits**: Review integration permissions regularly.
3. **Rotate Keys**: Update API keys and tokens periodically.
4. **Compliance**: Ensure alignment with your security policies.

**Related Documentation**: [Security & Compliance](https://docs.firefly.ai/general-information/security-and-compliance)

***

## Getting Help

#### Q: What support options are available?

**A:** Firefly offers multiple support channels.

**Documentation**:

* Comprehensive guides and tutorials.
* Searchable knowledge base.
* Code examples and best practices.

**Direct Support**:

* [Contact Support](https://docs.firefly.ai/general-information/contacting-support)
* Email support at <help@firefly.ai>.
* In-app chat.
* Dedicated account managers (enterprise).

**When Contacting Support**:

* Include relevant screenshots.
* Provide asset links and timestamps.
* Describe steps to reproduce issues.

#### Q: Where can I find additional resources?

#### Q: How do I stay updated with Firefly releases?

**A:** Keep track of updates through:

* **Release Notes**: Check for new features and bug fixes.
* **Email Notifications**: Subscribe to product updates.
* **Community Channels**: Follow announcements in forums.
* **Documentation**: Review updated guides and examples.