Frequently Asked Questions
How is Fugue deployed?
Fugue is a security platform with a SaaSweb UI and API, and developer/CLI tools including Regula, an open source project for infrastructure as code security. Fugue’s IaC security and code repository features utilize Regula, which can be run locally or deployed as a Docker container. More information can be found here.
How does Fugue access customer cloud accounts?
To scan AWS accounts, Fugue uses a tightly-scoped read-only IAM role to execute calls against AWS APIs. Fugue can auto-generate this IAM role for users. For Azure subscriptions, Fugue utilizes a Reader role. For Google projects, Fugue impersonates a properly permissioned service account and generates short-lived credentials. Optional auto-remediation with Fugue requires additional write privileges for the AWS IAM role.
Where can I find more information on Fugue features?
Please visit our website and documentation for detailed information on Fugue features.
How does Fugue define a resource?
A resource is any configuration item that is tracked, analyzed, and enforced from a policy or drift perspective - either at runtime in the cloud, or as configured in an infrastructure as code file. Examples include AWS EC2 instances, Azure virtual machines, and Google Cloud Storage buckets. A full list of resource types is here.
How does Fugue assess resources for billing purposes?
Fugue assesses resources for billing purposes by calculating a resource under management (RUM) metric that is the median of trailing 90-day resource counts, sampled daily.
How does Fugue define an environment?
A Fugue environment is a user-defined collection of resources within a given AWS account, Azure subscription, Google Cloud project, or local code repository. An AWS environment can be scoped to specific regions or resource types. An Azure environment can be scoped to a set of resource groups. A Google Cloud environment is scoped to a project. A repository environment’s resources are determined by IaC files in the repository Regula scans.
Is Fugue Developer only for individuals, or can organizations and companies be on the plan?
Individual engineers are welcome to use Fugue Developer for free to manage the security of cloud infrastructure and infrastructure as code for their employer or their own projects. Please note that a Fugue Developer account only supports one user. Fugue’s paid offeringsmay be more appropriate for multiple users or organizations that need visibility and security for at scale cloud environments.
Do I need a Fugue account to use Regula?
Regula is open source, doesn’t require a Fugue account, and by default does not communicate with Fugue. However, a Fugue account can provide your team with the ability to centrally configure which rules and compliance families to run across multiple repositories, as well as visualization, reporting, and notification capabilities for faster detection, remediation, and review.