list

The fugue list command returns a list of environment details, events, rules, or scans.

list

List a collection of resources

Usage:
  fugue list [command]

Available Commands:
  environments Lists details for multiple environments
  events       List environment events
  rules        List rules in the organization
  scans        List scans belonging to an environment

Flags:
  -h, --help   help for list

Use "fugue list [command] --help" for more information about a command.

list environments

Lists details for multiple environments

Usage:
  fugue list environments [flags]

Aliases:
  environments, envs, env

Flags:
      --columns strings          columns to show (default [ID,Name,Provider,Region,HasBaseline,ScanInterval,ScanStatus])
  -h, --help                     help for environments
      --name string              Name filter (substring match, case insensitive)
      --provider string          Provider filter

Note

For detailed information about a single environment, see fugue get environment.

list events

List environment events

Usage:
  fugue list events [environment_id] [flags]

Flags:
      --change strings          Change
      --columns strings         columns to show (default [EventType,CreatedAt,ResourceID,ResourceType,Change,OldState,NewState])
      --event-type strings      Event types
  -h, --help                    help for events
      --max-items int           Max items (default 20)
      --offset int              Offset
      --range-from int          Range from
      --range-to int            Range to
      --remediated strings      Auto-remediated
      --resource-type strings   Resource types

list rules

List rules in the organization

Usage:
  fugue list rules [flags]

Flags:
      --columns strings   Columns to show (default [ID,Name,Provider,ResourceType,Status,Description])
  -h, --help              help for rules

Note

For detailed information about a single rule, see fugue get rule.

list scans

List scans belonging to an environment

Usage:
  fugue list scans [environment_id] [flags]

Aliases:
  scans, scan

Flags:
  -h, --help                     help for scans
      --max-items int            max items to return (default 20)
      --offset int               offset into results
      --order-by string          order by attribute
      --order-direction string   order by direction [asc | desc]
      --range-from int           Range from time filter
      --range-to int             Range to time filter
      --status strings           Scan status filter [IN-PROGRESS | SUCCESS | ERROR]

Note

For detailed information about a single scan, see fugue get scan.

Output Attributes

Environment Details Output

The fugue list environments output includes the following attributes:

ID

ID of the environment.

NAME

Name of the environment.

PROVIDER

Name of the cloud service provider for the environment. Values - aws, aws_govcloud, azure

REGION

The AWS or AWS GovCloud region to scan and auto-remediate infrastructure in. Values - see FAQ

HAS_BASELINE

Whether a baseline is enabled.

SCAN_INTERVAL

Time in seconds between the end of one scan to the start of the next.

SCAN_STATUS

Status of the current or most recently completed scan for the environment. Values - CREATED, QUEUED, IN_PROGRESS, ERROR, SUCCESS, CANCELED

Environment Events Output

The fugue list events output includes the following attributes:

EVENT_TYPE

Type of event. DRIFT, REMEDIATION, COMPLIANCE

CREATED_AT

When the event occurred, Unix time.

RESOURCE_ID

ID of the resource given by the provider.

RESOURCE_TYPE

Resource type.

CHANGE

Type of change which occurred. Values - ADDED, MODIFIED, REMOVED

OLD_STATE

Value of the attribute before the event.

NEW_STATE

Value of the attribute as a result of the event.

Organization Rule Output

The fugue list rules output includes the following attributes:

ID

ID of the custom rule.

NAME

Human readable name of the custom rule.

PROVIDER

Provider of the custom rule. Values - AWS, AWS_GOVCLOUD, AZURE

RESOURCE_TYPE

Resource type to which the custom rule applies.

STATUS

The current status of the rule. Values - ENABLED, DISABLED, INVALID

DESCRIPTION

Description of the custom rule.

Environment Scan Output

The fugue list scans output includes the following attributes:

SCAN_ID

ID of the scan.

CREATED_AT

When the scan was created, Unix time.

FINISHED_AT

When the scan was last updated, Unix time.

STATUS

Status of the scan. Values - CREATED, QUEUED, IN_PROGRESS, ERROR, SUCCESS, CANCELED

Examples

Listing all environments

Note

For detailed information about a single environment, see fugue get environment.

To list all of your environments, use the fugue list environments command:

fugue list environments

You’ll see output like this:

====================================================================================================================================
ID                                   | NAME              | PROVIDER     | REGION        | HAS_BASELINE | SCAN_INTERVAL | SCAN_STATUS
====================================================================================================================================
f078721c-f859-4abf-8589-123456789012 | AWS API           | aws          | us-east-1     | true         | 86400         | SUCCESS
2d19968b-e527-4672-8c01-111111111111 | AWS GovCloud Dev  | aws_govcloud | us-gov-west-1 | false        | 86400         | SUCCESS
fb578bdf-ed81-4782-a615-222222222222 | Azure Dev         | azure        | -             | true         | 86400         | SUCCESS

See Output Attributes for details.

Filtering environment list by name

You can filter the list of environments by name using the --name flag. The flag filters on substring match and is case insensitive:

fugue list environments --name api

You’ll see output like this:

===================================================================================================================
ID                                   | NAME     | PROVIDER | REGION    | HAS_BASELINE | SCAN_INTERVAL | SCAN_STATUS
===================================================================================================================
f078721c-f859-4abf-8589-123456789012 | AWS API  | aws      | us-east-1 | true         | 86400         | SUCCESS
3b43213d-dd37-4c42-a184-098765432109 | test api | aws      | us-west-2 | true         | 172800        | SUCCESS

For a list of other flags you can filter on, see usage.

Listing environment events

To list drift, auto-remediation, and compliance events for an environment, use the fugue list events command. The [environment_id] argument is required:

fugue list events ffc3aac1-9338-4965-ae30-333333333333

You’ll see output like this:

===============================================================================================================================
EVENT_TYPE | CREATED_AT                | RESOURCE_ID      | RESOURCE_TYPE                    | CHANGE   | OLD_STATE | NEW_STATE
===============================================================================================================================
DRIFT      | 2019-06-05T17:00:04-04:00 | fugue-sphinx-poc | AWS.S3.Bucket                    | ADDED    | -         | -
DRIFT      | 2019-06-05T17:00:04-04:00 | redis-no-cluster | AWS.ElastiCache.ReplicationGroup | MODIFIED | -         | -
DRIFT      | 2019-06-05T17:00:04-04:00 | fugue-sphinx-poc | AWS.S3.BucketPolicy              | ADDED    | -         | -

See Output Attributes for details.

To learn how to find your environment ID, see Environment and Scan IDs as Parameters.

Filtering event list by date

You can filter the list of events by date by using the --range-from and/or --range-to flags. You must specify the date using Unix time. Learn how to convert to or from Unix time in the API User Guide.

The command below shows a maximum of 5 events between 09/03/2019 noon UTC and 09/12/2019 midnight UTC:

fugue list events adeeeb2b-12a6-4120-80e6-112233445566 --max-items 5 --range-from 1567468800 --range-to 1567987200

You’ll see output like this:

===================================================================================================================================================
EVENT_TYPE | CREATED_AT                | RESOURCE_ID                         | RESOURCE_TYPE                  | CHANGE   | OLD_STATE | NEW_STATE
===================================================================================================================================================
DRIFT      | 2019-09-11T16:33:08-04:00 | vpc-03945f71432586f9e               | AWS.EC2.Vpc                    | MODIFIED | -         | -
DRIFT      | 2019-09-11T16:33:08-04:00 | sg-0dda8f22f5e76a65c                | AWS.EC2.SecurityGroup          | ADDED    | -         | -
COMPLIANCE | 2019-09-11T16:33:08-04:00 | vpc-03ac7259e8650bb0f               | AWS.EC2.Vpc                    | -        |           | NONCOMPLIANT
COMPLIANCE | 2019-09-04T19:48:33-04:00 | fugue-installer-us-east-1           | AWS.IAM.Role                   | -        | COMPLIANT |
DRIFT      | 2019-09-04T19:48:33-04:00 | rtb-024e84c4f5623164f               | AWS.EC2.RouteTable             | REMOVED  | -         | -

Filtering event list by resource type

You can filter the list of environments by resource type using the --resource-type flag.

The command below filters events for environment adeeeb2b-12a6-4120-80e6-112233445566 by the resource types "AWS.EC2.Vpc", "AWS.EC2.SecurityGroup", and "AWS.S3.Bucket":

fugue list events adeeeb2b-12a6-4120-80e6-112233445566 --resource-type "AWS.EC2.Vpc","AWS.EC2.SecurityGroup","AWS.S3.Bucket"

Multiple resource types are separated by a comma, as above. For a list of supported resource types formatted for the CLI, see Service Coverage.

For a list of other flags you can filter on, see usage.

Listing organization rules

Note

For detailed information about a single rule, see fugue get rule.

To list custom rules for an organization, use the fugue list rules command:

fugue list rules

You’ll see output like this:

====================================================================================================================================================================================
ID                                   | NAME                                               | PROVIDER     | RESOURCE_TYPE                | STATUS  | DESCRIPTION
====================================================================================================================================================================================
3d22f710-e67e-4d45-bbc0-123456789012 | AWS.RDS.Instance_RequireMultiAZ                    | AWS          | AWS.RDS.Instance             | ENABLED | RDS instance multi-AZ should ...
db62a7f8-1929-4d38-ae06-987654321098 | Azure VMs should be in availability sets           | AZURE        | Azure.Compute.VirtualMachine | INVALID | Azure VMs should be in availa...
b663b6a4-f8ac-46ae-9bda-121212121212 | GovCloud - Deny ingress from internet to port 9200 | AWS_GOVCLOUD | AWS.EC2.SecurityGroup        | ENABLED | VPC security groups should no...
f7ac1203-0469-430d-89f3-444444444444 | Multi-resource example - VPC SG prod tags          | AWS          | MULTIPLE                     | ENABLED | The following multi-resource ...

See Output Attributes for details.

Listing environment scans

Note

For detailed information about a single scan, see fugue get scan.

To list all scans for an environment, use the list scans command. The [environment_id] argument is required:

fugue list scans ffc3aac1-9338-4965-ae30-333333333333

You’ll see output like this:

======================================================================================================
SCAN_ID                              | CREATED_AT                | FINISHED_AT               | STATUS
======================================================================================================
f5972ea2-adae-4cd5-9e52-fc36a041234 | 2019-09-11T14:31:45-04:00 | 2019-09-11T14:34:02-04:00 | SUCCESS
23574d04-cf1f-48d9-a485-205b46682345 | 2019-09-10T14:28:44-04:00 | 2019-09-10T14:30:59-04:00 | SUCCESS
a109499e-a425-4625-b27c-6cf6a6f33456 | 2019-09-09T14:25:45-04:00 | 2019-09-09T14:28:11-04:00 | SUCCESS
0c4b8d22-0eac-443f-88a9-2ca8cc5a4567 | 2019-09-08T14:22:45-04:00 | 2019-09-08T14:24:59-04:00 | SUCCESS
d20ff3e1-a1d7-4a8e-83e5-15168d7d5678 | 2019-09-07T14:19:44-04:00 | 2019-09-07T14:22:04-04:00 | SUCCESS

See Output Attributes for details.

To learn how to find your environment ID, see Environment and Scan IDs as Parameters.

Filtering scan list by status

You can filter the list of scans by status by using the --status flag and specifying either SUCCESS, IN_PROGRESS, or ERROR.

The command below returns only scans resulting in an ERROR for environment ffc3aac1-9338-4965-ae30-333333333333:

fugue list scans ffc3aac1-9338-4965-ae30-333333333333 --status ERROR

You’ll see output like this:

=====================================================================================================
SCAN_ID                              | CREATED_AT                | FINISHED_AT               | STATUS
=====================================================================================================
6709a903-e7e1-4e66-894d-6a58dab11234 | 2019-09-11T11:28:45-04:00 | 2019-09-11T11:29:22-04:00 | ERROR
1dbf0050-8945-4292-8eb3-70f489225678 | 2019-09-10T11:27:59-04:00 | 2019-09-10T11:28:35-04:00 | ERROR

For a list of other flags you can filter on, see usage.