Firefly - Cloud Asset Management

·

4 min read

What is Infrastructure as Code (IaC)

Infrastructure as Code (IaC) is the managing and provisioning of infrastructure through code instead of through manual processes.

With IaC, configuration files are created that contain your infrastructure specifications, which makes it easier to edit and distribute configurations. It also ensures that you provision the same environment every time. By codifying and documenting your configuration specifications, IaC aids configuration management and helps you to avoid undocumented, ad-hoc configuration changes.

Version control is an important part of IaC, and your configuration files should be under source control just like any other software source code file. Deploying your infrastructure as code also means that you can divide your infrastructure into modular components that can then be combined in different ways through automation.

Automating infrastructure provisioning with IaC means that developers don’t need to manually provision and manage servers, operating systems, storage, and other infrastructure components each time they develop or deploy an application. Codifying your infrastructure gives you a template to follow for provisioning, and although this can still be accomplished manually, an automation tool, such as Red Hat® Ansible® Automation Platform, can do it for you.

Problems with IaC

Complexity, Logic, Conventions, and Lack of Skills

One of the challenges of infrastructure as code is that it can be complex to define infrastructure configurations. This complexity can make it difficult for businesses to understand and maintain their infrastructure as code.

In addition, there are often conventions and standards that need to be followed when defining infrastructure as code, which can add to the complexity and a steep learning curve. In addition, skill staffers can be challenging to find. Businesses that do not have experience with IaC may not even know where to start and how to interview. Enterprises can remedy this by investing in IaC training and implementing continuous training programs for their staff.

Tooling Gaps and Feature Lag

One of the challenges of infrastructure as code is that there are often tooling gaps and feature lag. This means that there are often infrastructure as code tools that do not have all the features that businesses need.

Infrastructure as code tooling can lag in terms of new features and functionality. Therefore, you have no choice but to wait for the vendor to provide coverage; otherwise, you have to extend the functionality yourself or introduce new dependencies. The solution to this is investing in infrastructure as code tooling that is constantly updated and improved.

Configuration Drift

Configuration drift is another challenge of infrastructure as code. This occurs when there are differences between the infrastructure as code configuration and the actual infrastructure, such as manual or external updates to security patches. This can lead to non-compliance or even service failure over time.

Such differences can lead to unexpected behavior and can be difficult to debug. The solution to this is to use infrastructure as code tooling that can help identify and prevent configuration drift.

Challenging Role-Based Access Control (RBAC)

One of the challenges of infrastructure as code is that it can be challenging to manage role-based access control (RBAC). This is because infrastructure as code often needs to be stored in a central repository such as GitHub. Without proper RBAC management, this can lead to security issues.

Firefly

Firefly is a Cloud Asset Management solution that enables DevOps and Cloud teams to control their entire cloud footprint, turn unmanaged resources into codified IaC assets, detect misconfigurations to prevent service failures, and manage a single inventory of all their cloud resources across Multi-cloud, multi-accounts and Kubernetes deployments.

It solves the challenges of cloud asset management, not only in the perspective of cost, security, and governance but the overall management of the entire cloud, whether it's an infrastructure / SaaS application or something else.

How it helps solve Infrastructure problems

Firefly scans your entire cloud footprint and IaC states to find out which parts of your infrastructure are codified, or unmanaged. Once it finds the unmanaged resources, it automatically converts them into managed assets as code in your repository that match the desired state of your cloud. Firefly continuously scans your cloud for pre-made or custom policy violations to make sure your cloud is in its desired state.

image.png

All of these assets can be managed from your Firefly Dashboard which is clean, and intuitive to use.

What's unique about Firefly?

Unlike other companies that are focused on the general discovery of the cloud, Firefly provides the users with the unique metric of their IaC status and specifically knowing what is the IaC posture of each asset.

With Firefly, users not only see what cloud assets they have but also know if this asset is managed in code, created manually, drifted, or doesn't exist in the actual state of the cloud.

image.png

Conclusion

To sum it all up, for teams working with Infrastructure as Code, Firefly is a must-have tool to detect and fix drifts, and ghost assets, manage all their infrastructure assets, codify unmanaged resources, and more!