Fugue updated its cloud infrastructure management platform, adding features the company said make it easier to scale out enterprise Amazon Web Services (AWS) cloud operations.

The company’s software runs inside the customer’s AWS environment and provides a foundational layer for AWS applications and services. Customers include enterprises and managed service providers (MSPs), but Fugue isn’t naming any publicly.

The company’s original cloud infrastructure automation product, which launched last year, consisted of two main components: Fugue Compositions, which the company created using Ludwig, a modular, compiled language designed for declaring cloud infrastructure and policies as code; and also the Fugue Conductor, an orchestration engine that continuously automates and enforces infrastructure and policies.

Today the company added the Fugue Team Conductor, which provides centralized control of a customer’s many AWS accounts.

Fugue currently only supports AWS but will add more cloud providers in the future, said Fugue CEO and Founder Josh Stella.

“Over the weekend, I was working with a customer that has about 20 each development, QA, and production environments. Each has about 20 different AWS accounts,” explained Stella, a former principal solutions architect at AWS. "With the Fugue Team Conductor, you can have a Conductor set up to oversee all of the development accounts, one for QA and one for production. With the Team Conductor you can manage many accounts.”

Other new capabilities added with the Fugue Team Conductor include role-based access control and improved continuous policy enforcement.

Role-based access control restricts system access to authorized users.

“For example, your developers have rewrite access to only developer accounts,” Stella explained. “You can create these roles and assign permissions throughout the entire organization. It also keeps track of who ran what — a very common problem on the cloud. With Fugue, there is a user associated with everything that is run, you can see every single cloud resource being run, who ran it, and what the status is.”

The software allows compliance and security rules to be implemented as code, also called policy-as-code. This ensures infrastructure changes comply with organizational policies and practices before changes are applied.

Change plans can be included in approval processes, and all changes are logged for auditing purposes.

Essentially, Fugue simplifies AWS cloud management, as well as compliance and security policy enforcement, Stella said. Go fast and break stuff is a misguided model, at least when it comes to infrastructure.

“The very attributes that make cloud very compelling for digital transformation — the ability to go fast, to experiment, to try things — as you scale can produce a lot of chaos,” Stella said. “Unlike in the data center days, as you scale on cloud, things are in constant motion if you are doing it well. So how do you get your hands around that in a way that preserves the velocity that cloud brings? That’s really what Fugue is about: going really fast on cloud and getting it right.”