scan

The fugue scan command triggers an environment scan.

scan

Trigger a scan

Usage:
  fugue scan [environment_id] [flags]

Flags:
  -h, --help   help for scan
      --wait   Wait for scan to complete
      --scan-failure-exit-code Sets the exit code to raise when a scan fails. Default is 0. Used with the wait flag

Global Flags:
      --output string   The formatting style for command output [table | json] (default "table")

Output Attributes

SCAN_ID

ID of the scan.

CREATED_AT

When the scan was created, Unix time.

FINISHED_AT

When the scan was last updated, Unix time.

STATUS

Status of the scan. Values - CREATED, QUEUED, IN_PROGRESS, ERROR, SUCCESS, CANCELED

MESSAGE

Message related to the scan.

RESOURCE_COUNT

Total number of resources scanned.

RESOURCE_TYPES

Number of resource types scanned.

COMPLIANT

Number of compliant resources.

NONCOMPLIANT

Number of noncompliant resources.

RULES_PASSED

Number of compliance controls passed.

RULES_FAILED

Number of compliance controls failed.

Examples

Triggering a scan

To trigger an environment scan, use the fugue scan command. The [environment_id] argument is required:

fugue scan b381d7e5-4795-4cbc-0000-123456789012

To learn how to find your environment ID, see fugue list environments.

You’ll see output like this:

=================================================
ATTRIBUTE  | VALUE
=================================================
SCAN_ID    | 529f3dd8-6378-4f7b-0000-123456789012
CREATED_AT | 2019-09-10T14:59:03-04:00
STATUS     | IN_PROGRESS

Triggering a scan and returning the results

To trigger an environment scan and return the scan details after it has completed, use the fugue scan command with the --wait flag. The [environment_id] argument is required:

fugue scan b381d7e5-4795-4cbc-0000-123456789012 --wait

To learn how to find your environment ID, see fugue list environments.

The command pauses while the scan is in progress. After the scan has completed, you’ll see output like this:

=====================================================
ATTRIBUTE      | VALUE
=====================================================
SCAN_ID        | 6d32ae41-ca3d-4b83-0000-123456789012
CREATED_AT     | 2019-09-10T23:43:00-04:00
FINISHED_AT    | 2019-09-10T23:44:07-04:00
STATUS         | SUCCESS
MESSAGE        | -
RESOURCE_COUNT | 29
RESOURCE_TYPES | 12
COMPLIANT      | 22
NONCOMPLIANT   | 7
RULES_PASSED   | 2
RULES_FAILED   | 5

See Output Attributes for details.

Exiting a Scan that is Failing

To trigger an environment scan and exit the scan if it results in a scan error, use the fugue scan command with the --wait flag and the --scan-failure-exit-code=1 flag. The [environment_id] argument is required:

fugue scan 4037e702-3583-47eb-b52a-6eef439a0000 --wait --scan-failure-exit-code=1

To learn how to find your environment ID, see fugue list environments.

You’ll see output like this:

=====================================================
ATTRIBUTE      | VALUE
=====================================================
SCAN_ID        | 28b43614-6396-44b9-83c1-0fc961c00000
CREATED_AT     | 2021-05-17T15:56:52-05:00
FINISHED_AT    | 2021-05-17T15:58:28-05:00
STATUS         | SUCCESS
MESSAGE        | -
RESOURCE_COUNT | 38
RESOURCE_TYPES | 10
COMPLIANT      | 38
NONCOMPLIANT   | 0
RULES_PASSED   | 51
RULES_FAILED   | 1