def __new__(cls, name, parents, attrs):
if 'filter_registry' not in attrs:
attrs['filter_registry'] = FilterRegistry(
'%s.filters' % name.lower())
if 'action_registry' not in attrs:
actions = ActionRegistry(
'%s.actions' % name.lower())
# All ARM resources will have tag support; however, classic resources may not have support
actions.register('tag', Tag)
attrs['action_registry'] = actions
return super(QueryMeta, cls).__new__(cls, name, parents, attrs)
# See the License for the specific language governing permissions and
# limitations under the License.
import logging
from botocore.exceptions import ClientError
from c7n.actions import ActionRegistry, BaseAction
from c7n.filters import FilterRegistry
from c7n.manager import resources
from c7n.query import QueryResourceManager, TypeInfo
from c7n.utils import (type_schema, local_session, chunks)
log = logging.getLogger('custodian.rds-param-group')
pg_filters = FilterRegistry('rds-param-group.filters')
pg_actions = ActionRegistry('rds-param-group.actions')
@resources.register('rds-param-group')
class RDSParamGroup(QueryResourceManager):
"""Resource manager for RDS parameter groups.
"""
class resource_type(TypeInfo):
service = 'rds'
arn_type = 'pg'
enum_spec = ('describe_db_parameter_groups', 'DBParameterGroups', None)
name = id = 'DBParameterGroupName'
dimension = 'DBParameterGroupName'
permissions_enum = ('rds:DescribeDBParameterGroups', )
cfn_type = 'AWS::RDS::DBParameterGroup'
from concurrent.futures import as_completed
from c7n.actions import ActionRegistry, BaseAction
from c7n.filters import (FilterRegistry, ValueFilter, DefaultVpcBase,
AgeFilter, OPERATORS)
from c7n.manager import resources
from c7n.query import QueryResourceManager
from c7n import tags
from c7n.utils import (type_schema, local_session, chunks, generate_arn,
get_retry, get_account_id, snapshot_identifier)
log = logging.getLogger('custodian.redshift')
filters = FilterRegistry('redshift.filters')
actions = ActionRegistry('redshift.actions')
filters.register('marked-for-op', tags.TagActionFilter)
@resources.register('redshift')
class Redshift(QueryResourceManager):
resource_type = "aws.redshift.cluster"
filter_registry = filters
action_registry = actions
retry = staticmethod(get_retry(('Throttling', )))
_generate_arn = _account_id = None
@property
def account_id(self):
from c7n import executor
from c7n.actions import ActionRegistry, BaseAction
from c7n.filters import FilterRegistry, Filter
from c7n.manager import resources
from c7n.query import QueryResourceManager
from c7n.utils import chunks, local_session, set_annotation, type_schema
"""
TODO:
- How does replication status effect in place encryption.
- Test glacier support
"""
log = logging.getLogger('custodian.s3')
filters = FilterRegistry('s3.filters')
actions = ActionRegistry('s3.actions')
MAX_COPY_SIZE = 1024 * 1024 * 1024 * 5
@resources.register('s3')
class S3(QueryResourceManager):
resource_type = "aws.s3.bucket"
executor_factory = executor.ThreadPoolExecutor
filter_registry = filters
action_registry = actions
def __init__(self, ctx, data):
super(S3, self).__init__(ctx, data)
def test_error_unregistered_action_type(self):
self.assertRaises(PolicyValidationError,
ActionRegistry("test.actions").factory, "foo", None)
from c7n.filters import (
Filter, FilterRegistry, DefaultVpcBase, MetricsFilter, ValueFilter)
import c7n.filters.vpc as net_filters
from c7n import tags
from c7n.manager import resources
from c7n.query import QueryResourceManager, DescribeSource, ConfigSource
from c7n.utils import (
local_session, chunks, type_schema, get_retry, set_annotation)
from c7n.resources.shield import IsShieldProtected, SetShieldProtection
log = logging.getLogger('custodian.app-elb')
filters = FilterRegistry('app-elb.filters')
actions = ActionRegistry('app-elb.actions')
filters.register('tag-count', tags.TagCountFilter)
filters.register('marked-for-op', tags.TagActionFilter)
@resources.register('app-elb')
class AppELB(QueryResourceManager):
"""Resource manager for v2 ELBs (AKA ALBs).
"""
class resource_type(object):
service = 'elbv2'
type = 'loadbalancer/app'
enum_spec = ('describe_load_balancers', 'LoadBalancers', None)
name = 'LoadBalancerName'
)
from c7n.filters import (
FilterRegistry, AgeFilter, ValueFilter, Filter, OPERATORS, DefaultVpcBase
)
from c7n.filters.offhours import OffHour, OnHour
import c7n.filters.vpc as net_filters
from c7n.manager import resources
from c7n.query import QueryResourceManager
from c7n import utils
from c7n.utils import type_schema
filters = FilterRegistry('ec2.filters')
actions = ActionRegistry('ec2.actions')
actions.register('auto-tag-user', AutoTagUser)
@resources.register('ec2')
class EC2(QueryResourceManager):
class resource_type(object):
service = 'ec2'
type = 'instance'
enum_spec = ('describe_instances', 'Reservations[].Instances[]', None)
detail_spec = None
id = 'InstanceId'
filter_name = 'InstanceIds'
filter_type = 'list'
from c7n.actions import ActionRegistry, BaseAction
from c7n.filters import (
CrossAccountAccessFilter, Filter, FilterRegistry, AgeFilter, ValueFilter,
ANNOTATION_KEY, FilterValidationError, OPERATORS)
from c7n.manager import resources
from c7n.resources.kms import ResourceKmsKeyAlias
from c7n.query import QueryResourceManager
from c7n.utils import (
local_session, set_annotation, chunks, type_schema, worker)
from c7n.resources.ami import AMI
log = logging.getLogger('custodian.ebs')
filters = FilterRegistry('ebs.filters')
actions = ActionRegistry('ebs.actions')
@resources.register('ebs-snapshot')
class Snapshot(QueryResourceManager):
class resource_type(object):
service = 'ec2'
type = 'snapshot'
enum_spec = (
'describe_snapshots', 'Snapshots', {'OwnerIds': ['self']})
detail_spec = None
id = 'SnapshotId'
filter_name = 'SnapshotIds'
filter_type = 'list'
name = 'SnapshotId'
import logging
from c7n.actions import ActionRegistry, BaseAction
from c7n.filters import FilterRegistry, AgeFilter, Filter, OPERATORS
from c7n.manager import resources
from c7n.query import QueryResourceManager
from c7n.utils import local_session, type_schema
from c7n.resources.ec2 import EC2
from c7n.resources.asg import ASG, LaunchConfig
log = logging.getLogger('custodian.ami')
filters = FilterRegistry('ami.filters')
actions = ActionRegistry('ami.actions')
@resources.register('ami')
class AMI(QueryResourceManager):
class resource_type(object):
service = 'ec2'
type = 'image'
enum_spec = ('describe_images', 'Images', {'Owners': ['self']})
detail_spec = None
id = 'ImageId'
filter_name = 'ImageIds'
filter_type = 'list'
name = 'Name'
dimension = None
date = 'CreationDate'
import json
import six
from botocore.exceptions import ClientError
from c7n.actions import ActionRegistry, BaseAction, RemovePolicyBase
from c7n.filters import CrossAccountAccessFilter, FilterRegistry, ValueFilter
import c7n.filters.vpc as net_filters
from c7n.manager import resources
from c7n import query
from c7n.tags import (RemoveTag, Tag, TagActionFilter, TagDelayedAction,
universal_augment)
from c7n.utils import get_retry, local_session, type_schema, generate_arn
filters = FilterRegistry('lambda.filters')
actions = ActionRegistry('lambda.actions')
filters.register('marked-for-op', TagActionFilter)
@resources.register('lambda')
class AWSLambda(query.QueryResourceManager):
class resource_type(object):
service = 'lambda'
type = 'function'
enum_spec = ('list_functions', 'Functions', None)
name = id = 'FunctionName'
filter_name = None
date = 'LastModified'
dimension = 'FunctionName'
config_type = "AWS::Lambda::Function"
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import logging
from c7n.actions import ActionRegistry, BaseAction
from c7n.filters import FilterRegistry
from c7n.manager import resources
from c7n.query import QueryResourceManager
from c7n.utils import local_session, type_schema
log = logging.getLogger('custodian.cfn')
filters = FilterRegistry('cfn.filters')
actions = ActionRegistry('cfn.actions')
@resources.register('cfn')
class CloudFormation(QueryResourceManager):
resource_type = "aws.cloudformation.stack"
action_registry = actions
filter_registry = filters
@actions.register('delete')
class Delete(BaseAction):
schema = type_schema('delete')
import itertools
from botocore.exceptions import ClientError
from concurrent.futures import as_completed
from c7n.actions import ActionRegistry, BaseAction
from c7n.filters import FilterRegistry, Filter
from c7n.manager import ResourceManager, resources
from c7n.tags import (TagCountFilter, TagActionFilter, TagDelayedAction as
_TagDelayedAction)
from c7n.utils import local_session, type_schema, get_account_id
log = logging.getLogger('custodian.rds')
filters = FilterRegistry('rds.filters')
actions = ActionRegistry('rds.actions')
filters.register('tag-count', TagCountFilter)
filters.register('marked-for-op', TagActionFilter)
@resources.register('rds')
class RDS(ResourceManager):
filter_registry = filters
action_registry = actions
account_id = None
def resources(self):
session = local_session(self.session_factory)
import logging
from collections import defaultdict
from c7n.actions import ActionRegistry, BaseAction
from c7n.filters import (
Filter, FilterRegistry, FilterValidationError, DefaultVpcBase, ValueFilter)
import c7n.filters.vpc as net_filters
from c7n import tags
from c7n.manager import resources
from c7n.query import QueryResourceManager
from c7n.utils import local_session, chunks, type_schema, get_retry
log = logging.getLogger('custodian.app-elb')
filters = FilterRegistry('app-elb.filters')
actions = ActionRegistry('app-elb.actions')
filters.register('tag-count', tags.TagCountFilter)
filters.register('marked-for-op', tags.TagActionFilter)
@resources.register('app-elb')
class AppELB(QueryResourceManager):
"""Resource manager for v2 ELBs (AKA ALBs).
"""
class resource_type(object):
service = 'elbv2'
type = 'app-elb'
enum_spec = ('describe_load_balancers', 'LoadBalancers', None)
from concurrent.futures import as_completed
import logging
from botocore.exceptions import ClientError
from c7n.actions import ActionRegistry, BaseAction
from c7n.filters import Filter, FilterRegistry, FilterValidationError
from c7n import tags
from c7n.manager import resources
from c7n.query import QueryResourceManager
from c7n.utils import local_session, chunks, type_schema
log = logging.getLogger('custodian.elb')
filters = FilterRegistry('elb.filters')
actions = ActionRegistry('elb.actions')
filters.register('tag-count', tags.TagCountFilter)
filters.register('marked-for-op', tags.TagActionFilter)
@resources.register('elb')
class ELB(QueryResourceManager):
resource_type = "aws.elb.loadbalancer"
filter_registry = filters
action_registry = actions
def augment(self, resources):
return _elb_tags(resources, self.session_factory,
self.executor_factory)
from __future__ import absolute_import, division, print_function, unicode_literals
import logging
import time
import six
from c7n.manager import resources
from c7n.actions import ActionRegistry, BaseAction
from c7n.filters import FilterRegistry
from c7n.query import QueryResourceManager
from c7n.utils import (local_session, type_schema, get_retry)
from c7n.tags import (TagDelayedAction, RemoveTag, TagActionFilter, Tag)
filters = FilterRegistry('emr.filters')
actions = ActionRegistry('emr.actions')
log = logging.getLogger('custodian.emr')
filters.register('marked-for-op', TagActionFilter)
@resources.register('emr')
class EMRCluster(QueryResourceManager):
"""Resource manager for Elastic MapReduce clusters
"""
class resource_type(object):
service = 'emr'
type = 'emr'
cluster_states = ['WAITING', 'BOOTSTRAPPING', 'RUNNING', 'STARTING']
enum_spec = ('list_clusters', 'Clusters', {
'ClusterStates': cluster_states
class Snapshot(QueryResourceManager):
resource_type = "aws.ec2.snapshot"
filter_registry = FilterRegistry('ebs-snapshot.filters')
action_registry = ActionRegistry('ebs-snapshot.actions')
from botocore.exceptions import ClientError
from concurrent.futures import as_completed
from c7n.actions import ActionRegistry, BaseAction
from c7n.filters import FilterRegistry, AgeFilter, OPERATORS
import c7n.filters.vpc as net_filters
from c7n.manager import resources
from c7n.query import QueryResourceManager
from c7n import tags
from c7n.utils import (type_schema, local_session, snapshot_identifier, chunks,
get_retry)
log = logging.getLogger('custodian.rds-cluster')
filters = FilterRegistry('rds-cluster.filters')
actions = ActionRegistry('rds-cluster.actions')
filters.register('tag-count', tags.TagCountFilter)
filters.register('marked-for-op', tags.TagActionFilter)
@resources.register('rds-cluster')
class RDSCluster(QueryResourceManager):
"""Resource manager for RDS clusters.
"""
class resource_type(object):
service = 'rds'
type = 'cluster'
enum_spec = ('describe_db_clusters', 'DBClusters', None)
name = id = 'DBClusterIdentifier'
from c7n.filters import (Filter, FilterRegistry, DefaultVpcBase, MetricsFilter,
ValueFilter)
import c7n.filters.vpc as net_filters
from c7n import tags
from c7n.manager import resources
from c7n.query import QueryResourceManager, DescribeSource, ConfigSource
from c7n.utils import (local_session, chunks, type_schema, get_retry,
set_annotation)
from c7n.resources.shield import IsShieldProtected, SetShieldProtection
log = logging.getLogger('custodian.app-elb')
filters = FilterRegistry('app-elb.filters')
actions = ActionRegistry('app-elb.actions')
filters.register('tag-count', tags.TagCountFilter)
filters.register('marked-for-op', tags.TagActionFilter)
@resources.register('app-elb')
class AppELB(QueryResourceManager):
"""Resource manager for v2 ELBs (AKA ALBs).
"""
class resource_type(object):
service = 'elbv2'
type = 'loadbalancer/app'
enum_spec = ('describe_load_balancers', 'LoadBalancers', None)
name = 'LoadBalancerName'
id = 'LoadBalancerArn'
# limitations under the License.
"""AWS Account as a custodian resource.
"""
from datetime import datetime, timedelta
from dateutil.parser import parse as parse_date
from dateutil.tz import tzutc
from c7n.actions import ActionRegistry
from c7n.filters import Filter, FilterRegistry, ValueFilter
from c7n.manager import ResourceManager, resources
from c7n.utils import local_session, get_account_id, type_schema
filters = FilterRegistry('aws.account.actions')
actions = ActionRegistry('aws.account.filters')
def get_account(session_factory):
session = local_session(session_factory)
client = session.client('iam')
aliases = client.list_account_aliases().get('AccountAliases', ('', ))
name = aliases and aliases[0] or ""
return {'account_id': get_account_id(session), 'account_name': name}
@resources.register('account')
class Account(ResourceManager):
filter_registry = filters
action_registry = actions
from c7n.filters import (
FilterRegistry, AgeFilter, ValueFilter, Filter, OPERATORS, DefaultVpcBase
)
from c7n.filters.offhours import OffHour, OnHour
from c7n.filters.health import HealthEventFilter
import c7n.filters.vpc as net_filters
from c7n.manager import resources
from c7n import query
from c7n import utils
from c7n.utils import type_schema
filters = FilterRegistry('ec2.filters')
actions = ActionRegistry('ec2.actions')
filters.register('health-event', HealthEventFilter)
@resources.register('ec2')
class EC2(query.QueryResourceManager):
class resource_type(object):
service = 'ec2'
type = 'instance'
enum_spec = ('describe_instances', 'Reservations[].Instances[]', None)
detail_spec = None
id = 'InstanceId'
filter_name = 'InstanceIds'
filter_type = 'list'
from concurrent.futures import as_completed
from dateutil.tz import tzutc
from dateutil.parser import parse
from c7n.actions import ActionRegistry, BaseAction
from c7n.filters import FilterRegistry, AgeFilter, OPERATORS
from c7n.manager import resources
from c7n.query import QueryResourceManager
from c7n import tags
from c7n.utils import (local_session, get_account_id, generate_arn, get_retry,
chunks, snapshot_identifier, type_schema)
log = logging.getLogger('custodian.elasticache')
filters = FilterRegistry('elasticache.filters')
actions = ActionRegistry('elasticache.actions')
#registered marked-for-op filter
filters.register('marked-for-op', tags.TagActionFilter)
TTYPE = re.compile('cache.t')
@resources.register('cache-cluster')
class ElastiCacheCluster(QueryResourceManager):
resource_type = 'aws.elasticache.cluster'
filter_registry = filters
action_registry = actions
_generate_arn = _account_id = None
retry = staticmethod(get_retry(('Throttled', )))
from c7n.manager import resources
from c7n.query import QueryResourceManager, ResourceQuery
from c7n.tags import RemoveTag, Tag, TagActionFilter, TagDelayedAction
from c7n.utils import (
chunks, local_session, set_annotation, type_schema, dumps, get_account_id)
"""
TODO:
- How does replication status effect in place encryption.
- Test glacier support
"""
log = logging.getLogger('custodian.s3')
filters = FilterRegistry('s3.filters')
actions = ActionRegistry('s3.actions')
filters.register('marked-for-op', TagActionFilter)
actions.register('auto-tag-user', AutoTagUser)
MAX_COPY_SIZE = 1024 * 1024 * 1024 * 2
@resources.register('s3')
class S3(QueryResourceManager):
#resource_type = "aws.s3.bucket"
class resource_type(ResourceQuery.resolve("aws.s3.bucket")):
dimension = 'BucketName'
executor_factory = executor.ThreadPoolExecutor
def test_error_bad_action_type(self):
self.assertRaises(PolicyValidationError,
ActionRegistry("test.actions").factory, {}, None)
