We use Vanta as a security vendor to simplify the maintenance of policies, procedures, and observability of cloud resources across our company.
As Fly users, it would be fantastic if our Fly apps and databases were inventoried in Vanta, in the same way that we automatically inventory AWS cloud resources (S3 buckets, VPCs, instances, + more).
- Vanta has an API for integration partners - they currently support cloud resources from AWS, Azure, DigitalOcean, GCP, Heroku
- The most obviously useful resources to sync would be Fly Apps, Machines, and Postgres databases
- We would actually do this ourselves but the integrations API seems to be half-private (there is some public documentation available, but it does not cover cloud resources)
- There is evidence of other Vanta usage in the Fly userbase
I submitted a request on Vanta’s side as well - but I think some amount of co-ordination would be necessary. We are so interested in this that if given confirmation by Vanta that it’s possible, we’d be happy to write the v1 using Fly’s public GraphQL API ourselves.
Obviously, this would be a Scale+ plan feature.