account

Definition

The account command has three of its own commands: add, list, and remove. These commands allow you to manage the cloud provider accounts used with Fugue. Free Fugue is limited to two AWS accounts, including the account in which the Conductor is running (known as the default account). The paid version of Fugue allows access to additional accounts, refer to details here.

Usage

fugue [global options] account [options] <add|list|remove> [command arguments]

Subcommands

add
Add an existing account to the list of accounts known by Fugue.
list
List cloud provider accounts managed by Fugue.
remove
Removes an account with the corresponding <account_id> from the Conductor.

Options

Global options are detailed here.

-h | --help
Show help text. The help flag is available throughout the CLI in both an application-level and command-level context. It enables a user to view help text for any command within the Fugue CLI.

Account Subcommands

add

Definition

Adds an existing account to the list of accounts known by Fugue by specifying <account_name> and <aws_iam_arn>.

Usage

fugue account add [options] <arguments>

Options

--json
Emit output as JSON.
-h | --help
Show help text.

Arguments

--name <account_name>
User-supplied name; must be unique. Required.
--credential <aws_iam_arn>
The ARN of an IAM role. Required.

list

Definition

List cloud provider accounts managed by Fugue.

Usage

fugue account list [options]

Options

--json
Present account list in JSON format.
-h | --help
Show help text.

remove

Definition

Removes an account with the corresponding <account_id> from the Conductor.

Usage

fugue account remove [options] <arguments>

Options

--json
Emit output as JSON.
-y | --yes
Suppress confirmation dialogs.
-h | --help
Show help text.

Arguments

<account_id>
The account to be removed.

Examples

Adding a new account to be managed by Fugue

The account in which the Conductor is running is the default account. If you want to be able to run a process in a different AWS account, you must first add it to Fugue’s list of accounts. You can do this with the account add command.

First, you need to create an IAM role in the desired account and configure it for cross-account access. You can do this by logging in to the AWS Management Console for the account you want to add, then navigating to the Roles section of the IAM Dashboard.

  1. Click “Create New Role.”
  2. Enter a role name.
  3. Select “Role for Cross-Account Access” and select the first option, “Provide access between AWS accounts you own.”
  4. Enter the 12-digit account ID of the AWS account in which the Conductor is running.
  5. Select the IAM policy you want to attach to the new role. (For example, you can select AdministratorAccess for all privileges, or use one or both of the policies we offer.)
  6. On the “Review” page, copy the role ARN and click “Create Role.”

Return to the Fugue CLI and run this command, using the desired name and the role ARN you copied instead of web and arn:aws:iam::xxxxxxxxxxxx:role/web-account:

fugue account add --name web --credential arn:aws:iam::xxxxxxxxxxxx:role/web-account

You’ll see output like this:

[ fugue account ] Adding account "web"

Verifying account ...
[ DONE ] Account "web" with account-id "web-1483061704854" successfully added.

[ HELP ] Please use the account-id, not the name, when specifying an account.

To run a process in that account, see Running a Process in a Specific Account.

Listing all accounts managed by Fugue

To see a list of all accounts associated with Fugue, use the list command:

fugue account list

You’ll see a table like this one:

Name             Account Id                    Provider    Provider Id    Credential
---------------  ----------------------------  ----------  -------------  ----------------------------------------------------------
fugue (default)  fugue-1483046897738           aws         xxxxxxxxxxxx   arn:aws:iam::xxxxxxxxxxxx:role/fugue-FugueIam-V5XZ0XMS1X4C
Name
User-supplied name of the account. (default) indicates the account in which the Conductor is running.
Account ID
The Fugue-generated unique ID for the account in <name>-<Unix timestamp> format.
Provider
Currently, aws (Amazon Web Services) is the only supported cloud provider.
Provider ID
The AWS account ID.
Credential
The AWS Amazon Resource Name (ARN) of the IAM role associated with the account.

Removing an account managed by Fugue

To remove an account managed by Fugue, use the following command:

fugue account remove <account_id>

You’ll be prompted to confirm, and you’ll see output like this:

[ fugue account ] Removing account "web"

[ WARN ] Are you sure you want to remove "web" ? [y/N]: y

Removing account...
[ DONE ] Account "web" successfully removed.

Warning

If you try to remove an account while there are processes running inside of it, you’ll see an error:

[ ERROR ] Could not remove account.
 Reason: 400, AccountDeleteError: Cannot delete accounts with running processes

So, before you remove an account, release the process if you want to preserve the infrastructure, or kill the process if you want to terminate the infrastructure.