Fugue 101

Welcome to Fugue! If you’ve just created an environment, you’re in the right place. In this document, we’ll go over some core Fugue concepts and explain how to navigate the product.

Concepts

Before diving into Fugue, it’s helpful to understand some core concepts:

  • An environment represents cloud infrastructure in a provider account and includes resource configuration, compliance state, and more.

  • A baseline represents a “snapshot” of an environment’s resource configuration at a point in time.

  • When you set a baseline, Fugue lets you know of any changes to that configuration, known as drift.

  • With baseline enforcement optionally enabled, Fugue reverts any configuration drift back to the established baseline.

To get the most out of Fugue, a good workflow is to:

Permissions

Fugue requires read-only access to all services you want Fugue to scan for compliance or drift and read and write access to all services you want Fugue to enforce. This access is controlled through your associated AWS IAM role or Azure service principal. You can see the list of AWS and AWS GovCloud IAM permissions here.

AWS IAM role resources:

Azure permissions resources:

If you have further questions, reach out to support@fugue.co.

Compliance

See Compliance Concepts for a primer on rules, controls, and how compliance is evaluated for each. You’ll also find a list of supported compliance families.