def __new__(cls, name, parents, attrs): if 'filter_registry' not in attrs: attrs['filter_registry'] = FilterRegistry( '%s.filters' % name.lower()) if 'action_registry' not in attrs: actions = ActionRegistry( '%s.actions' % name.lower()) # All ARM resources will have tag support; however, classic resources may not have support actions.register('tag', Tag) attrs['action_registry'] = actions return super(QueryMeta, cls).__new__(cls, name, parents, attrs)
# See the License for the specific language governing permissions and # limitations under the License. import logging from botocore.exceptions import ClientError from c7n.actions import ActionRegistry, BaseAction from c7n.filters import FilterRegistry from c7n.manager import resources from c7n.query import QueryResourceManager, TypeInfo from c7n.utils import (type_schema, local_session, chunks) log = logging.getLogger('custodian.rds-param-group') pg_filters = FilterRegistry('rds-param-group.filters') pg_actions = ActionRegistry('rds-param-group.actions') @resources.register('rds-param-group') class RDSParamGroup(QueryResourceManager): """Resource manager for RDS parameter groups. """ class resource_type(TypeInfo): service = 'rds' arn_type = 'pg' enum_spec = ('describe_db_parameter_groups', 'DBParameterGroups', None) name = id = 'DBParameterGroupName' dimension = 'DBParameterGroupName' permissions_enum = ('rds:DescribeDBParameterGroups', ) cfn_type = 'AWS::RDS::DBParameterGroup'
from concurrent.futures import as_completed from c7n.actions import ActionRegistry, BaseAction from c7n.filters import (FilterRegistry, ValueFilter, DefaultVpcBase, AgeFilter, OPERATORS) from c7n.manager import resources from c7n.query import QueryResourceManager from c7n import tags from c7n.utils import (type_schema, local_session, chunks, generate_arn, get_retry, get_account_id, snapshot_identifier) log = logging.getLogger('custodian.redshift') filters = FilterRegistry('redshift.filters') actions = ActionRegistry('redshift.actions') filters.register('marked-for-op', tags.TagActionFilter) @resources.register('redshift') class Redshift(QueryResourceManager): resource_type = "aws.redshift.cluster" filter_registry = filters action_registry = actions retry = staticmethod(get_retry(('Throttling', ))) _generate_arn = _account_id = None @property def account_id(self):
from c7n import executor from c7n.actions import ActionRegistry, BaseAction from c7n.filters import FilterRegistry, Filter from c7n.manager import resources from c7n.query import QueryResourceManager from c7n.utils import chunks, local_session, set_annotation, type_schema """ TODO: - How does replication status effect in place encryption. - Test glacier support """ log = logging.getLogger('custodian.s3') filters = FilterRegistry('s3.filters') actions = ActionRegistry('s3.actions') MAX_COPY_SIZE = 1024 * 1024 * 1024 * 5 @resources.register('s3') class S3(QueryResourceManager): resource_type = "aws.s3.bucket" executor_factory = executor.ThreadPoolExecutor filter_registry = filters action_registry = actions def __init__(self, ctx, data): super(S3, self).__init__(ctx, data)
def test_error_unregistered_action_type(self): self.assertRaises(PolicyValidationError, ActionRegistry("test.actions").factory, "foo", None)
from c7n.filters import ( Filter, FilterRegistry, DefaultVpcBase, MetricsFilter, ValueFilter) import c7n.filters.vpc as net_filters from c7n import tags from c7n.manager import resources from c7n.query import QueryResourceManager, DescribeSource, ConfigSource from c7n.utils import ( local_session, chunks, type_schema, get_retry, set_annotation) from c7n.resources.shield import IsShieldProtected, SetShieldProtection log = logging.getLogger('custodian.app-elb') filters = FilterRegistry('app-elb.filters') actions = ActionRegistry('app-elb.actions') filters.register('tag-count', tags.TagCountFilter) filters.register('marked-for-op', tags.TagActionFilter) @resources.register('app-elb') class AppELB(QueryResourceManager): """Resource manager for v2 ELBs (AKA ALBs). """ class resource_type(object): service = 'elbv2' type = 'loadbalancer/app' enum_spec = ('describe_load_balancers', 'LoadBalancers', None) name = 'LoadBalancerName'
) from c7n.filters import ( FilterRegistry, AgeFilter, ValueFilter, Filter, OPERATORS, DefaultVpcBase ) from c7n.filters.offhours import OffHour, OnHour import c7n.filters.vpc as net_filters from c7n.manager import resources from c7n.query import QueryResourceManager from c7n import utils from c7n.utils import type_schema filters = FilterRegistry('ec2.filters') actions = ActionRegistry('ec2.actions') actions.register('auto-tag-user', AutoTagUser) @resources.register('ec2') class EC2(QueryResourceManager): class resource_type(object): service = 'ec2' type = 'instance' enum_spec = ('describe_instances', 'Reservations[].Instances[]', None) detail_spec = None id = 'InstanceId' filter_name = 'InstanceIds' filter_type = 'list'
from c7n.actions import ActionRegistry, BaseAction from c7n.filters import ( CrossAccountAccessFilter, Filter, FilterRegistry, AgeFilter, ValueFilter, ANNOTATION_KEY, FilterValidationError, OPERATORS) from c7n.manager import resources from c7n.resources.kms import ResourceKmsKeyAlias from c7n.query import QueryResourceManager from c7n.utils import ( local_session, set_annotation, chunks, type_schema, worker) from c7n.resources.ami import AMI log = logging.getLogger('custodian.ebs') filters = FilterRegistry('ebs.filters') actions = ActionRegistry('ebs.actions') @resources.register('ebs-snapshot') class Snapshot(QueryResourceManager): class resource_type(object): service = 'ec2' type = 'snapshot' enum_spec = ( 'describe_snapshots', 'Snapshots', {'OwnerIds': ['self']}) detail_spec = None id = 'SnapshotId' filter_name = 'SnapshotIds' filter_type = 'list' name = 'SnapshotId'
import logging from c7n.actions import ActionRegistry, BaseAction from c7n.filters import FilterRegistry, AgeFilter, Filter, OPERATORS from c7n.manager import resources from c7n.query import QueryResourceManager from c7n.utils import local_session, type_schema from c7n.resources.ec2 import EC2 from c7n.resources.asg import ASG, LaunchConfig log = logging.getLogger('custodian.ami') filters = FilterRegistry('ami.filters') actions = ActionRegistry('ami.actions') @resources.register('ami') class AMI(QueryResourceManager): class resource_type(object): service = 'ec2' type = 'image' enum_spec = ('describe_images', 'Images', {'Owners': ['self']}) detail_spec = None id = 'ImageId' filter_name = 'ImageIds' filter_type = 'list' name = 'Name' dimension = None date = 'CreationDate'
import json import six from botocore.exceptions import ClientError from c7n.actions import ActionRegistry, BaseAction, RemovePolicyBase from c7n.filters import CrossAccountAccessFilter, FilterRegistry, ValueFilter import c7n.filters.vpc as net_filters from c7n.manager import resources from c7n import query from c7n.tags import (RemoveTag, Tag, TagActionFilter, TagDelayedAction, universal_augment) from c7n.utils import get_retry, local_session, type_schema, generate_arn filters = FilterRegistry('lambda.filters') actions = ActionRegistry('lambda.actions') filters.register('marked-for-op', TagActionFilter) @resources.register('lambda') class AWSLambda(query.QueryResourceManager): class resource_type(object): service = 'lambda' type = 'function' enum_spec = ('list_functions', 'Functions', None) name = id = 'FunctionName' filter_name = None date = 'LastModified' dimension = 'FunctionName' config_type = "AWS::Lambda::Function"
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. import logging from c7n.actions import ActionRegistry, BaseAction from c7n.filters import FilterRegistry from c7n.manager import resources from c7n.query import QueryResourceManager from c7n.utils import local_session, type_schema log = logging.getLogger('custodian.cfn') filters = FilterRegistry('cfn.filters') actions = ActionRegistry('cfn.actions') @resources.register('cfn') class CloudFormation(QueryResourceManager): resource_type = "aws.cloudformation.stack" action_registry = actions filter_registry = filters @actions.register('delete') class Delete(BaseAction): schema = type_schema('delete')
import itertools from botocore.exceptions import ClientError from concurrent.futures import as_completed from c7n.actions import ActionRegistry, BaseAction from c7n.filters import FilterRegistry, Filter from c7n.manager import ResourceManager, resources from c7n.tags import (TagCountFilter, TagActionFilter, TagDelayedAction as _TagDelayedAction) from c7n.utils import local_session, type_schema, get_account_id log = logging.getLogger('custodian.rds') filters = FilterRegistry('rds.filters') actions = ActionRegistry('rds.actions') filters.register('tag-count', TagCountFilter) filters.register('marked-for-op', TagActionFilter) @resources.register('rds') class RDS(ResourceManager): filter_registry = filters action_registry = actions account_id = None def resources(self): session = local_session(self.session_factory)
import logging from collections import defaultdict from c7n.actions import ActionRegistry, BaseAction from c7n.filters import ( Filter, FilterRegistry, FilterValidationError, DefaultVpcBase, ValueFilter) import c7n.filters.vpc as net_filters from c7n import tags from c7n.manager import resources from c7n.query import QueryResourceManager from c7n.utils import local_session, chunks, type_schema, get_retry log = logging.getLogger('custodian.app-elb') filters = FilterRegistry('app-elb.filters') actions = ActionRegistry('app-elb.actions') filters.register('tag-count', tags.TagCountFilter) filters.register('marked-for-op', tags.TagActionFilter) @resources.register('app-elb') class AppELB(QueryResourceManager): """Resource manager for v2 ELBs (AKA ALBs). """ class resource_type(object): service = 'elbv2' type = 'app-elb' enum_spec = ('describe_load_balancers', 'LoadBalancers', None)
from concurrent.futures import as_completed import logging from botocore.exceptions import ClientError from c7n.actions import ActionRegistry, BaseAction from c7n.filters import Filter, FilterRegistry, FilterValidationError from c7n import tags from c7n.manager import resources from c7n.query import QueryResourceManager from c7n.utils import local_session, chunks, type_schema log = logging.getLogger('custodian.elb') filters = FilterRegistry('elb.filters') actions = ActionRegistry('elb.actions') filters.register('tag-count', tags.TagCountFilter) filters.register('marked-for-op', tags.TagActionFilter) @resources.register('elb') class ELB(QueryResourceManager): resource_type = "aws.elb.loadbalancer" filter_registry = filters action_registry = actions def augment(self, resources): return _elb_tags(resources, self.session_factory, self.executor_factory)
from __future__ import absolute_import, division, print_function, unicode_literals import logging import time import six from c7n.manager import resources from c7n.actions import ActionRegistry, BaseAction from c7n.filters import FilterRegistry from c7n.query import QueryResourceManager from c7n.utils import (local_session, type_schema, get_retry) from c7n.tags import (TagDelayedAction, RemoveTag, TagActionFilter, Tag) filters = FilterRegistry('emr.filters') actions = ActionRegistry('emr.actions') log = logging.getLogger('custodian.emr') filters.register('marked-for-op', TagActionFilter) @resources.register('emr') class EMRCluster(QueryResourceManager): """Resource manager for Elastic MapReduce clusters """ class resource_type(object): service = 'emr' type = 'emr' cluster_states = ['WAITING', 'BOOTSTRAPPING', 'RUNNING', 'STARTING'] enum_spec = ('list_clusters', 'Clusters', { 'ClusterStates': cluster_states
class Snapshot(QueryResourceManager): resource_type = "aws.ec2.snapshot" filter_registry = FilterRegistry('ebs-snapshot.filters') action_registry = ActionRegistry('ebs-snapshot.actions')
from botocore.exceptions import ClientError from concurrent.futures import as_completed from c7n.actions import ActionRegistry, BaseAction from c7n.filters import FilterRegistry, AgeFilter, OPERATORS import c7n.filters.vpc as net_filters from c7n.manager import resources from c7n.query import QueryResourceManager from c7n import tags from c7n.utils import (type_schema, local_session, snapshot_identifier, chunks, get_retry) log = logging.getLogger('custodian.rds-cluster') filters = FilterRegistry('rds-cluster.filters') actions = ActionRegistry('rds-cluster.actions') filters.register('tag-count', tags.TagCountFilter) filters.register('marked-for-op', tags.TagActionFilter) @resources.register('rds-cluster') class RDSCluster(QueryResourceManager): """Resource manager for RDS clusters. """ class resource_type(object): service = 'rds' type = 'cluster' enum_spec = ('describe_db_clusters', 'DBClusters', None) name = id = 'DBClusterIdentifier'
from c7n.filters import (Filter, FilterRegistry, DefaultVpcBase, MetricsFilter, ValueFilter) import c7n.filters.vpc as net_filters from c7n import tags from c7n.manager import resources from c7n.query import QueryResourceManager, DescribeSource, ConfigSource from c7n.utils import (local_session, chunks, type_schema, get_retry, set_annotation) from c7n.resources.shield import IsShieldProtected, SetShieldProtection log = logging.getLogger('custodian.app-elb') filters = FilterRegistry('app-elb.filters') actions = ActionRegistry('app-elb.actions') filters.register('tag-count', tags.TagCountFilter) filters.register('marked-for-op', tags.TagActionFilter) @resources.register('app-elb') class AppELB(QueryResourceManager): """Resource manager for v2 ELBs (AKA ALBs). """ class resource_type(object): service = 'elbv2' type = 'loadbalancer/app' enum_spec = ('describe_load_balancers', 'LoadBalancers', None) name = 'LoadBalancerName' id = 'LoadBalancerArn'
# limitations under the License. """AWS Account as a custodian resource. """ from datetime import datetime, timedelta from dateutil.parser import parse as parse_date from dateutil.tz import tzutc from c7n.actions import ActionRegistry from c7n.filters import Filter, FilterRegistry, ValueFilter from c7n.manager import ResourceManager, resources from c7n.utils import local_session, get_account_id, type_schema filters = FilterRegistry('aws.account.actions') actions = ActionRegistry('aws.account.filters') def get_account(session_factory): session = local_session(session_factory) client = session.client('iam') aliases = client.list_account_aliases().get('AccountAliases', ('', )) name = aliases and aliases[0] or "" return {'account_id': get_account_id(session), 'account_name': name} @resources.register('account') class Account(ResourceManager): filter_registry = filters action_registry = actions
from c7n.filters import ( FilterRegistry, AgeFilter, ValueFilter, Filter, OPERATORS, DefaultVpcBase ) from c7n.filters.offhours import OffHour, OnHour from c7n.filters.health import HealthEventFilter import c7n.filters.vpc as net_filters from c7n.manager import resources from c7n import query from c7n import utils from c7n.utils import type_schema filters = FilterRegistry('ec2.filters') actions = ActionRegistry('ec2.actions') filters.register('health-event', HealthEventFilter) @resources.register('ec2') class EC2(query.QueryResourceManager): class resource_type(object): service = 'ec2' type = 'instance' enum_spec = ('describe_instances', 'Reservations[].Instances[]', None) detail_spec = None id = 'InstanceId' filter_name = 'InstanceIds' filter_type = 'list'
from concurrent.futures import as_completed from dateutil.tz import tzutc from dateutil.parser import parse from c7n.actions import ActionRegistry, BaseAction from c7n.filters import FilterRegistry, AgeFilter, OPERATORS from c7n.manager import resources from c7n.query import QueryResourceManager from c7n import tags from c7n.utils import (local_session, get_account_id, generate_arn, get_retry, chunks, snapshot_identifier, type_schema) log = logging.getLogger('custodian.elasticache') filters = FilterRegistry('elasticache.filters') actions = ActionRegistry('elasticache.actions') #registered marked-for-op filter filters.register('marked-for-op', tags.TagActionFilter) TTYPE = re.compile('cache.t') @resources.register('cache-cluster') class ElastiCacheCluster(QueryResourceManager): resource_type = 'aws.elasticache.cluster' filter_registry = filters action_registry = actions _generate_arn = _account_id = None retry = staticmethod(get_retry(('Throttled', )))
from c7n.manager import resources from c7n.query import QueryResourceManager, ResourceQuery from c7n.tags import RemoveTag, Tag, TagActionFilter, TagDelayedAction from c7n.utils import ( chunks, local_session, set_annotation, type_schema, dumps, get_account_id) """ TODO: - How does replication status effect in place encryption. - Test glacier support """ log = logging.getLogger('custodian.s3') filters = FilterRegistry('s3.filters') actions = ActionRegistry('s3.actions') filters.register('marked-for-op', TagActionFilter) actions.register('auto-tag-user', AutoTagUser) MAX_COPY_SIZE = 1024 * 1024 * 1024 * 2 @resources.register('s3') class S3(QueryResourceManager): #resource_type = "aws.s3.bucket" class resource_type(ResourceQuery.resolve("aws.s3.bucket")): dimension = 'BucketName' executor_factory = executor.ThreadPoolExecutor
def test_error_bad_action_type(self): self.assertRaises(PolicyValidationError, ActionRegistry("test.actions").factory, {}, None)