Fugue 101¶
Welcome to Fugue! If you’ve just created an environment, you’re in the right place. In this document, we’ll go over some core Fugue concepts and explain how to navigate the product.
Note
Want to jump right in and create your first environment? You can get started in 5 minutes.
Concepts¶
Before diving into Fugue, it’s helpful to understand some core concepts:
An environment contains resources from a single AWS account, Azure subscription, Google project, or code repository. AWS, Azure, and Google environments contain runtime resources and configurations, and repository environments contain infrastructure as code resources from code files for cloud configurations.
A baseline represents a “snapshot” of an environment’s resource configuration at a point in time.
When you set a baseline, Fugue lets you know of any changes to that configuration, known as drift.
With baseline enforcement optionally enabled, Fugue reverts any configuration drift back to the established baseline.
To get the most out of Fugue, a good workflow is to:
Scan an environment to refresh your resources’ compliance state
Set a baseline and configure notifications to be alerted to drift events
Optionally enable enforcement so drifted resources may be corrected back to the state in the baseline
Permissions¶
For runtime cloud environments, Fugue requires read-only access to all services you want Fugue to scan for compliance or drift and read and write access to all services you want Fugue to enforce. This access is controlled through your associated AWS Identity & Access Management (IAM) role, Azure service principal, or Google service account. You can see the list of AWS and AWS GovCloud IAM permissions here.
AWS IAM role resources:
Azure permissions resources:
Google permissions resources:
For repository environments, Fugue does not currently require any external permissions. Executing a regula scan
with Regula requires Fugue API client credentials. Learn more here:
If you have further questions, reach out to support@fugue.co.
Compliance¶
See Compliance Concepts for a primer on rules, families, controls, and how they relate to each other.