Note

Fugue Console is currently available under a limited “soft” release to existing customers. If you are interested in learning more, or participating in a future beta release, contact us at support@fugue.co.

Fugue Console

What is Console?

Fugue Console is a web interface for managing Fugue. Fugue, including Console, enables the provisioning and managing of cloud infrastructure, and detects security and compliance violations in your infrastructure. It also automatically detects and corrects configuration drift by reverting any unauthorized change to what was originally provisioned. Console enables users to view, create, and manage infrastructure with an informative visual interface.

Console includes the following features:

  • Deploy compositions as instances of cloud infrastructure. Each instance is known as a “process,” similar to an operating system process.
  • Take a deep-dive into the health of running processes. Allows users to view the status, created date, process resources, process activity, and more.
  • View the activity of a particular process and export the data as a JSON file.
  • Manage processes by starting, suspending, releasing, killing, updating, and locking them.
  • Deploy policies (validations) to enforce your specific requirements on processes.

How does it work?

Console is accessible through the web for users with a running Conductor. To review details on installing and configuring Fugue you can take a look here. Once your Fugue installation is complete Console is accessible through the configured URL supplied during the installation process, for example https://console.yourdomain.com.

Once a user is logged in they have access to a number of views and functions detailed below under Console Features.

Console Features

Installing Console

Console is currently only available in a limited release. If you are interested in participating in an upcoming beta release contact us at support@fugue.co.

Application Settings

Application Settings for Console are available on the top right of the navigation panel and include configuration settings for the Conductor, User Authentication (SAML), and Email.

Conductor

Conductor credentials are stored and edited through the application settings. The credentials that were created when you installed Fugue will be populated here by default.

User Authentication

User Authentication stores SAML Configuration details and enables administrators to view and modify these settings. SAML configuration is also linked from the Users page (Configuration → Users) through the “Manage SAML” button at the top right of the page.

Email (SMTP Configuration)

SMTP Configuration enables administrators to configure an SMTP server for email communications. Configuring the SMTP settings enables users to reset their passwords through an email.

Infrastructure

The Infrastructure section of Console provides access to Processes and Accounts.

Processes

The Processes page displays a table of currently running processes, labelled Managed Process, and includes the following fields: FID, alias, Fugue account, state, last job, created (date/time), and updated (date/time).

Users can “Create New Process” from one of two options:

  • Composition files stored locally within Console
  • Composition files on a local machine. For files selected/uploaded from a local machine users have the option to save the composition as a template for future use on Console.

Viewing Process Details

Selecting the FID for any managed process provides access to additional details and management capabilities.

By selecting an individual process a user can view:

  • Additional process details (enforcement status, lock status)
  • Detailed resource information (e.g. dhcpOptions)
  • Activity history including the requestor, and an option to export these details

By selecting an individual process a user can manage or make changes including:

  • Locking a process
  • Updating a process
  • Suspending a process
  • Killing a process
  • Releasing a process
  • Configuring a process

Note: Users will only be able to view features and functionality for which they have been granted permission.

Accounts

Accounts displays the active accounts and allows you to:

  • Remove existing accounts (via the ellipsis option for each displayed account)
  • Add accounts through the “Add New Account” button.
    • You will need to provide a name and the associated AWS IAM Policy information for the account
    • Take a look here for more details on adding accounts with Fugue

Templates

Templates enables users to store composition files for reuse within Console. Templates will display details for each item including the composition name, description, filename, created (date/time), and updated (date/time).

Note: Users will only be able to view features and functionality for which they have been granted permission.

Users also have the ability to:

  • Revise the name or description of an existing composition (through the ellipsis menu)
  • Remove a composition (through the ellipsis menu)
  • Add/upload a new composition (via the button on the top right)
  • Create a new process. You can also create a new process from the Processes page.

Configuration

This section of functionality for Console enables users to view, create, and manage validations (policy), users (for access to Console), and RBAC policy (the files governing user permissions for any infrastructure you create using Console).

Note: Users will only be able to view features and functionality for which they have been granted permission.

Validations

Validations allow users to create a function that tests a property of your code, and if any portion of the code fails that test, it will not compile locally (design-time validations), or on the Conductor (runtime validations). A composition that fails validation cannot be executed. Check out this page for an example on writing your own runtime validation.

Within Console users have the ability to view, remove, and add new validations.

Users

The Users portion of Console enables administrators to view, create, and manage users. The table displays the email for each user, their admin status, and the created/updated dates and times.

  • Each user can be edited and removed
  • Users can be added via the “Add New User” button

SAML Configuration

SAML Configuration is accessible through the Configuration Feature, under Users. Look for the Manage SAML button to access this feature. SAML integration is supported through Okta, Google, and Ping Identity. Note: You must have admin access to create a new SAML app.

Warning

It is a best practice to have at least one non-SAML administrative user configured in Console. Failure to maintain this admin user, in the event of SAML configuration issues, will require you to uninstall and reinstall Console.

Before you begin, complete the following steps:

  1. Locate the administrative credentials you used to set up Console (for example “bob”).
  2. Create a new administrator with a non-SAML email address.
  3. Delete the original administrative credentials for “bob” from step 1.
  4. Invite the previous administrator “bob” via the SAML app.

Important Items to Note:

  • Users can log into Console using SAML or an email address and password, but they cannot have access to both.
  • Currently, only email addresses are supported with SAML. If you attempt to configure SAML with a username that is not an email address it will fail to authorize.

SAML General Setup:

  1. Create your application in Okta, Google, or Ping Identity.
  2. Use https://console-api.[yourdomain.name]/saml/callback and replace [yourdomain.name] with your domain. (For example, if your domain is fugue.co, enter https://console-api.fugue.co/saml/callback in the Single sign on URL field.)
  3. Use https://console.[yourdomain.name] and replace [yourdomain.name] with your domain.
  4. Make sure to select an email address for the user login information.
  5. Open Console and navigate to the Application Settings page.
  6. Select the User Authentication Tab and click the Edit SAML Configuration button.
  7. Paste the URL from step 2 into the IDP Entry Point field.
  8. Paste the URL from step 3 into the Identity Provider Cert (PEM) field.
  9. Click Save.

RBAC Policy (Under Development)

The RBAC Policy feature is still actively under development. Contact support@fugue.co with questions or concerns.

Console supports RBAC policy and allows administrators to view current policy, policy status, source details (e.g. the full policy file/configurations), and a table of RBAC users with the name and created/updated dates and times.

Administrators can also attach and detach any RBAC policy they would like to apply to Console. Note: Console only supports attaching a single RBAC policy file at a time.

FAQ

What is Console?

Console is a web interface for managing Fugue. It enables users to interact with Fugue’s capabilities, including the provisioning and managing of cloud infrastructure, through a visual web based tool.

How do I install Console?

Installation details for Console are available through support@fugue.co. Remember that you will need to have a Fugue Conductor installed for Console to run. If you need information on installing the Conductor refer to the Fugue Quick Setup.

How do I uninstall Console?

To remove Console and the associated external resources run the fugue console uninstall command.

Note: At the time of this release you will need to enable the FUGUE_BETA_CONSOLE feature flag to access this command.

How do I upgrade Console?

The upgrade process is still under development so any upgrade will have to be performed manually. Users will be required to uninstall and reinstall Console to upgrade to a new version.

What platforms support Console?

Console is currently supported on the same platforms as the Fugue Client Tools and includes:

  • macOS El Capitan (10.11.*), macOS Sierra (10.12.*), macOS High Sierra (10.13.*)
  • Ubuntu (14.04 LTS, 16.04 LTS)
  • Amazon Linux (2016.03.3)
  • RHEL 6 & 7.2 (Yum/RPM)
  • Microsoft Windows (Windows 7, 10) /Note:/For Windows users we recommend using PowerShell 5 and $env:var syntax. To determine your version of PowerShell you can use echo$PSVersionTable.PSVersion.

If you have additional questions reach out to support@fugue.co.

Do I need to have Fugue installed before I can use Console?

Yes, you will need to have a Fugue Conductor up and running.

What services/functionality does Console support?

Refer to the details on this page under Console Features.

What if I have comments or questions?

You can reach out to us at support@fugue.co.