Firefly, an innovator that is forging new ground for managing multi-cloud infrastructure, today announced it has created the first AI-driven policy-as-code (PAC) generator, PaCAI, that is implemented within a cloud asset management platform. This new capability empowers cloud engineers to control their cloud resources without requiring knowledge of unique policy automation syntax, bringing a new level of simplicity and efficiency to multi-cloud governance.
TEL AVIV, Israel, Feb. 27, 2023 /PRNewswire-PRWeb/ -- Firefly, an innovator that is forging new ground for managing multi-cloud infrastructure, today announced it has created the first AI-driven policy-as-code (PAC) generator that is implemented within a cloud asset management platform. This new capability empowers cloud engineers to control their cloud resources without requiring knowledge of unique policy automation syntax, bringing a new level of simplicity and efficiency to multi-cloud governance.
Introducing PaCAI, the groundbreaking Policy-as-Code generator within the Firefly Cloud Asset Management solution, that utilizes the latest advancements in AI technology to offer users an effortless and intuitive way to create customized policies for multi-cloud. With PaCAI, users can simply provide a natural language prompt describing their desired policy, and using the OpenAI GPT Model model, PACAI will seamlessly and automatically generate the corresponding code for the desired policy.
Policy-as-Code is critical to preventing misconfigurations
For companies that are cloud-forward, with multiple cloud service providers and usually multiple cloud accounts, achieving governance for their cloud infrastructure is very difficult. The 2023 State of IaC Report found that reliability and governance are chief concerns of managing cloud infrastructures. Empowering developers to self-serve their infrastructure can be a double-edged sword. While it can speed the velocity of DevOps development, it can compound an already challenging cloud platform management challenge when many people have the ability to change the cloud configurations used.
At a presentation during Kubernetes Day in Amsterdam last week, Hashicorp shared that 9% of cloud costs can be attributed to cloud misconfigurations. Similarly, Trend Micro's report reveals that infrastructure misconfigurations or failures are responsible for up to 70 percent of security events. According to a Gartner report, up to 99% of cloud environment failures will be attributed to human errors. Having the ability to automatically apply guardrails that prevent misconfigurations can save not only cloud costs, but improve reliability and security as well.
By applying automated policies, users can ensure, for instance, that the less expensive EC3 is used instead of EC2. (Firefly users have saved tens of thousands through this insight alone.) It can also ensure that S3 buckets are not open to public access, and identify other very detailed misconfigurations like these. Firefly has been including OPA guardrails in its Cloud Asset Management solution, along with custom rules that enable bespoke policies. (A favorite use for custom rules is ensuring consistent labeling of cloud assets to simplify management and reporting.) This blog article explains the integration in more detail.
Avoiding the need to know yet another language
Open Policy Agent uses Rego, a purpose-built declarative policy language. While not too difficult to learn, it is yet another skill needed by already-stretched DevOps and platform engineers.
Firefly's new PaCAI capability within its Cloud Asset Management solution, abstracts away that concern. By using AI technology, Firefly helps users craft their own unique policies by stating the requirement in natural English language. The user enters their query just as they would ask a person to apply the rule, then PaCAI turns it into policy language that can be applied to cloud infrastructure directly through Firefly. An evaluation button shows what the policy violations would be. If the user doesn't like the anticipated results, they can ask for a new iteration of the code to produce the desired result. This new policy engine works on cloud, Kubernetes, and SaaS applications, applying consistent policies across multi-cloud architectures and all of an organization's cloud assets.
End-to-end cloud change management
Policy automation can help DevOps teams and platform engineers alike by providing consistent environments for cloud-native applications, save time in both coding and troubleshooting, and can improve an organization's adherence to industry regulations and security requirements.
While policy automation can prevent misconfigurations, it is not enough on its own. Cloud native organizations also need the ability to detect configuration changes (aka 'drift') not covered by policies and have visibility into how those changes came about. The Firefly Cloud Asset Management solution combines the new PaCIA with Drift Detection and another recently released feature, Asset History for comprehensive cloud control.
- PaCAI proactively prevents errors and misconfigurations,
- Drift detection and remediation identifies changes to configurations and provides precise remediation,
- Asset History provides a powerful audit tool showing who changed what, when and how for changes not governed by policies.
Together these capabilities help organizations achieve a fully automated and governed multi-cloud infrastructure.
Firefly is accepting early access to PaCAI. Register at http://www.gofirefly.io/pacai-beta.
About Firefly
Firefly is a privately held company with customers globally from start-ups to Fortune100's. Firefly offers a Cloud Asset Management solution that enables DevOps and platform engineers to rediscover their entire cloud footprint, understand which parts of it are codified as infrastructure-as-code versus unmanaged, detect configuration drifts, and manage a single inventory of all their cloud resources across Multi-cloud, multi-accounts and Kubernetes deployments. Firefly provides peace of mind by avoiding costly downtime, minimizing risk of failure by mitigating drifts, and replacing manual effort with automated processes that enable faster feature release with less effort and more consistent results.
This is not Firefly's first foray into AI. The open source AIaC infrastructure as code (IaC) generator, also powered by OpenAI tecnology and launched December 2022, has quickly achieved more than 1700 stars from the open source community.
For more information on Firefly, visit http://www.gofirefly.io.
Investor Relations
Ido Neeman, [email protected]
Media & Analyst Contact
Cindy Blake, [email protected]
Media Contact
Cindy Blake, Firefly, 1 2813007569, [email protected]
SOURCE Firefly
Share this article