Firefly Announces Release of ValidIaC Open Source Solution

March 17, 2022

2 Min Read


TEL AVIV, Israel, March 16, 2022 /PRNewswire/ -- Today, Cloud Asset Management solution Firefly announces the release of a new open-source solution called ValidIaC, which enables DevOps and Cloud Teams to validate, secure, and map Infrastructure-as-Code (IaC) with an all-in-one browser-based tool.

Inspired by Komodor's open-source project ValidKube that combines the best open-source tools to help ensure Kubernetes YAML best practices, Firefly built a sister project for the purpose of Infrastructure-as-Code.

ValidIaC is a new open-source tool that combines several open-source projects and tools to allow developers to check their Terraform HCL (stay tuned for more IaC tools in the near future) code without changing context and from within the same workflow. ValidIaC integrates four popular tools for Terraform to bring the combined value of each tool:

  1. Lint -  tflint, A Pluggable Terraform Linter that finds possible errors (like illegal instance types) and warns about deprecated syntax and unused declarations

  2. Security -  tfsec uses static analysis of your Terraform templates to spot potential security issues.

  3. Cost -  infracost, shows cloud cost estimates for Terraform, before making changes to the cloud.

  4. Mapping -  inframap reads your tfstate or HCL to generate a graph specific for each provider, showing only the resources that are most important/relevant.

"Infrastructure-as-Code is changing the way modern organizations are managing their infrastructure. With ValidIaC, developers can move faster but still have confidence when it comes to security, compliance, cost, and reliability," said, Ido Neeman, CEO at Firefly.

ValidIaC makes it possible to leverage the power of four tools in a single place, at any time,  directly from your browser to provide DevOps, SRE, and Cloud teams with peace of mind when deploying and managing Terraform blueprints.

"I've seen firsthand the challenges developers have with making sure that their Terraform HCL is aligned with best practices. ValidIaC will make this a simple task that anyone on the team can do, directly from their browser," said, Eran Bibi, Chief Product Officer at Firefly.

ValidIaC is an open-source tool, so community contributors can add more tools or capabilities that will help them and the community. Moreover, Firefly announced that it'll soon introduce support to more Infrastructure-as-Code tools, such as Pulumi, Cloudformation, etc.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights