scan¶
The fugue scan
command triggers an environment scan.
scan¶
Arguments:
[environment_id]
Trigger a scan
Usage:
fugue scan [environment_id] [flags]
Flags:
-h, --help help for scan
--wait Wait for scan to complete
--scan-failure-exit-code Sets the exit code to raise when a scan fails. Default is 0. Used with the wait flag
Global Flags:
--output string The formatting style for command output [table | json] (default "table")
Output Attributes¶
SCAN_ID
ID of the scan.
CREATED_AT
When the scan was created, Unix time.
FINISHED_AT
When the scan was last updated, Unix time.
STATUS
Status of the scan. Values - CREATED, QUEUED, IN_PROGRESS, ERROR, SUCCESS, CANCELED
MESSAGE
Message related to the scan.
RESOURCE_COUNT
Total number of resources scanned.
RESOURCE_TYPES
Number of resource types scanned.
COMPLIANT
Number of compliant resources.
NONCOMPLIANT
Number of noncompliant resources.
RULES_PASSED
Number of compliance controls passed.
RULES_FAILED
Number of compliance controls failed.
Examples¶
Triggering a scan¶
To trigger an environment scan, use the fugue scan command. The [environment_id]
argument is required:
fugue scan b381d7e5-4795-4cbc-0000-123456789012
To learn how to find your environment ID, see fugue list environments.
You’ll see output like this:
=================================================
ATTRIBUTE | VALUE
=================================================
SCAN_ID | 529f3dd8-6378-4f7b-0000-123456789012
CREATED_AT | 2019-09-10T14:59:03-04:00
STATUS | IN_PROGRESS
Triggering a scan and returning the results¶
To trigger an environment scan and return the scan details after it has completed, use the fugue scan command with the --wait
flag. The [environment_id]
argument is required:
fugue scan b381d7e5-4795-4cbc-0000-123456789012 --wait
To learn how to find your environment ID, see fugue list environments.
The command pauses while the scan is in progress. After the scan has completed, you’ll see output like this:
=====================================================
ATTRIBUTE | VALUE
=====================================================
SCAN_ID | 6d32ae41-ca3d-4b83-0000-123456789012
CREATED_AT | 2019-09-10T23:43:00-04:00
FINISHED_AT | 2019-09-10T23:44:07-04:00
STATUS | SUCCESS
MESSAGE | -
RESOURCE_COUNT | 29
RESOURCE_TYPES | 12
COMPLIANT | 22
NONCOMPLIANT | 7
RULES_PASSED | 2
RULES_FAILED | 5
See Output Attributes for details.
Exiting a Scan that is Failing¶
To trigger an environment scan and exit the scan if it results in a scan error, use the fugue scan command with the --wait
flag and the --scan-failure-exit-code=1
flag. The [environment_id]
argument is required:
fugue scan 4037e702-3583-47eb-b52a-6eef439a0000 --wait --scan-failure-exit-code=1
To learn how to find your environment ID, see fugue list environments.
You’ll see output like this:
=====================================================
ATTRIBUTE | VALUE
=====================================================
SCAN_ID | 28b43614-6396-44b9-83c1-0fc961c00000
CREATED_AT | 2021-05-17T15:56:52-05:00
FINISHED_AT | 2021-05-17T15:58:28-05:00
STATUS | SUCCESS
MESSAGE | -
RESOURCE_COUNT | 38
RESOURCE_TYPES | 10
COMPLIANT | 38
NONCOMPLIANT | 0
RULES_PASSED | 51
RULES_FAILED | 1