Esempi in Python per policy_load

Esempio n. 1

File: policylambda.py Progetto: capitalone/cloud-custodian

def main():
    parser = setup_parser()
    options = parser.parse_args()
    config = Config.empty()
    resources.load_resources()

    collection = policy_load(
        config, options.config_file).filter(options.policy_filter)

    sam = {
        'AWSTemplateFormatVersion': '2010-09-09',
        'Transform': 'AWS::Serverless-2016-10-31',
        'Resources': {}}

    for p in collection:
        if p.provider_name != 'aws':
            continue
        exec_mode_type = p.data.get('mode', {'type': 'pull'}).get('type')
        if exec_mode_type == 'pull':
            continue

        sam_func = render(p)
        if sam_func:
            sam['Resources'][resource_name(p.name)] = sam_func
            sam_func['Properties']['CodeUri'] = './%s.zip' % p.name
        else:
            print("unable to render sam for policy:%s" % p.name)
            continue

        archive = mu.PolicyLambda(p).get_archive()
        with open(os.path.join(options.output_dir, "%s.zip" % p.name), 'wb') as fh:
            fh.write(archive.get_bytes())

    with open(os.path.join(options.output_dir, 'deploy.yml'), 'w') as fh:
        fh.write(yaml.safe_dump(sam, default_flow_style=False))

Esempio n. 2

def main():
    parser = setup_parser()
    options = parser.parse_args()
    config = Config.empty()
    resources.load_resources()

    collection = policy_load(
        config, options.config_file).filter(options.policy_filter)

    sam = {
        'AWSTemplateFormatVersion': '2010-09-09',
        'Transform': 'AWS::Serverless-2016-10-31',
        'Resources': {}}

    for p in collection:
        if p.provider_name != 'aws':
            continue
        exec_mode_type = p.data.get('mode', {'type': 'pull'}).get('type')
        if exec_mode_type == 'pull':
            continue

        sam_func = render(p)
        if sam_func:
            sam['Resources'][resource_name(p.name)] = sam_func
            sam_func['Properties']['CodeUri'] = './%s.zip' % p.name
        else:
            print("unable to render sam for policy:%s" % p.name)
            continue

        archive = mu.PolicyLambda(p).get_archive()
        with open(os.path.join(options.output_dir, "%s.zip" % p.name), 'wb') as fh:
            fh.write(archive.get_bytes())

    with open(os.path.join(options.output_dir, 'deploy.yml'), 'w') as fh:
        fh.write(yaml.safe_dump(sam, default_flow_style=False))

Esempio n. 3

File: commands.py Progetto: naveenb29/cloud-custodian

    def _load_policies(options):
        load_resources()

        policies = []
        all_policies = []
        errors = 0
        for file in options.configs:
            try:
                collection = policy_load(options, file)
            except IOError:
                eprint('Error: policy file does not exist ({})'.format(file))
                errors += 1
                continue
            except ValueError as e:
                eprint('Error: problem loading policy file ({})'.format(e.message))
                errors += 1
                continue

            if collection is None:
                log.debug('Loaded file {}. Contained no policies.'.format(file))
            else:
                log.debug(
                    'Loaded file {}. Contains {} policies (after filtering)'.format(
                        file, len(collection)))
                policies.extend(collection.policies)
                all_policies.extend(collection.unfiltered_policies)

        if errors > 0:
            eprint('Found {} errors.  Exiting.'.format(errors))
            sys.exit(1)

        if len(policies) == 0:
            _print_no_policies_warning(options, all_policies)
            # If we filtered out all the policies we want to exit with a
            # non-zero status. But if the policy file is empty then continue
            # on to the specific command to determine the exit status.
            if len(all_policies) > 0:
                sys.exit(1)

        # Do not allow multiple policies in a region with the same name,
        # even across files
        policies_by_region = defaultdict(list)
        for p in policies:
            policies_by_region[p.options.region].append(p)
        for region in policies_by_region.keys():
            counts = Counter([p.name for p in policies_by_region[region]])
            for policy, count in counts.iteritems():
                if count > 1:
                    eprint("Error: duplicate policy name '{}'".format(policy))
                    sys.exit(1)

        return f(options, policies)

Esempio n. 4

    def _load_policies(options):
        load_resources()

        policies = []
        all_policies = []
        errors = 0
        for file in options.configs:
            try:
                collection = policy_load(options, file)
            except IOError:
                eprint('Error: policy file does not exist ({})'.format(file))
                errors += 1
                continue
            except ValueError as e:
                eprint('Error: problem loading policy file ({})'.format(e.message))
                errors += 1
                continue

            if collection is None:
                log.debug('Loaded file {}. Contained no policies.'.format(file))
            else:
                log.debug('Loaded file {}. Contains {} policies (after filtering)'.format(file, len(collection)))
                policies.extend(collection.policies)
                all_policies.extend(collection.unfiltered_policies)

        if errors > 0:
            eprint('Found {} errors.  Exiting.'.format(errors))
            sys.exit(1)

        if len(policies) == 0:
            _print_no_policies_warning(options, all_policies)
            # If we filtered out all the policies we want to exit with a
            # non-zero status. But if the policy file is empty then continue
            # on to the specific command to determine the exit status.
            if len(all_policies) > 0:
                sys.exit(1)

        # Do not allow multiple policies with the same name, even across files
        counts = Counter([p.name for p in policies])
        for policy, count in counts.iteritems():
            if count > 1:
                eprint("Error: duplicate policy name '{}'".format(policy))
                sys.exit(1)

        return f(options, policies)

Esempio n. 5

    def _load_policies(options):
        load_resources()
        collection = policy_load(options, options.config)

        if collection is None:
            eprint('Error: empty policy file.  Nothing to do.')
            sys.exit(1)

        policies = collection.filter(options.policy_filter)

        if options.policy_filter and len(
                policies) == 0 and len(collection) > 0:
            eprint("Warning: no policies matched the filter ({})".format(
                options.policy_filter))
            eprint("  Policies:")
            for policy in collection.policies():
                eprint("    - ", policy.name)
            eprint()

        return f(options, policies)

Esempio n. 6

    def _load_policies(options):
        load_resources()
        policies = policy_load(options, options.config)
        
        if policies is None:
            eprint('Error: empty policy file.  Nothing to do.')
            sys.exit(1)

        if len(policies) == 0:
            eprint("Warning: no policies matched the filters provided.")
            
            eprint("\nFilters:")
            if options.policy_filter:
                eprint("    Policy name filter (-p):", options.policy_filter)
            if options.resource_type:
                eprint("    Resource type filter (-t):", options.resource_type)

            eprint("\nAvailable policies:")
            for policy in policies.unfiltered_policies:
                eprint("    - {} ({})".format(policy.name, policy.resource_type))
            eprint()

        return f(options, policies.policies)

Esempio n. 7

    def _load_policies(options):
        load_resources()
        vars = _load_vars(options)

        errors = 0
        all_policies = PolicyCollection.from_data({}, options)

        # for a default region for policy loading, we'll expand regions later.
        options.region = options.regions[0]

        for fp in options.configs:
            try:
                collection = policy_load(options, fp, vars=vars)
            except IOError:
                log.error('policy file does not exist ({})'.format(fp))
                errors += 1
                continue
            except ValueError as e:
                log.error('problem loading policy file ({})'.format(e.message))
                errors += 1
                continue

            if collection is None:
                log.debug('Loaded file {}. Contained no policies.'.format(fp))
            else:
                log.debug('Loaded file {}. Contains {} policies'.format(
                    fp, len(collection)))
                all_policies = all_policies + collection

        if errors > 0:
            log.error('Found {} errors.  Exiting.'.format(errors))
            sys.exit(1)

        # filter by name and resource type
        policies = all_policies.filter(getattr(options, 'policy_filter', None),
                                       getattr(options, 'resource_type', None))

        # expand by region, this results in a separate policy instance per region of execution.
        policies = policies.expand_regions(options.regions)

        if len(policies) == 0:
            _print_no_policies_warning(options, all_policies)
            # If we filtered out all the policies we want to exit with a
            # non-zero status. But if the policy file is empty then continue
            # on to the specific command to determine the exit status.
            if len(all_policies) > 0:
                sys.exit(1)

        # Do not allow multiple policies in a region with the same name,
        # even across files
        policies_by_region = defaultdict(list)
        for p in policies:
            policies_by_region[p.options.region].append(p)
        for region in policies_by_region.keys():
            counts = Counter([p.name for p in policies_by_region[region]])
            for policy, count in six.iteritems(counts):
                if count > 1:
                    log.error("duplicate policy name '{}'".format(policy))
                    sys.exit(1)

        return f(options, list(policies))

Esempio n. 8

def load_policies(options, config):
    policies = PolicyCollection([], config)
    for f in options.config_files:
        policies += policy_load(config, f).filter(options.policy_filter)
    return policies

Esempio n. 9

 def _load_policies(options):
     collection = policy_load(options, options.config)
     policies = collection.filter(options.policy_filter)
     return f(options, policies)

Esempio n. 10

File: functionslc.py Progetto: xxyjoel/cloud-custodian

def load_policies(config_files, config):
    policies = PolicyCollection([], config)
    for f in config_files:
        policies += policy_load(config, f)
    return policies

Esempio n. 11

File: commands.py Progetto: tim-elliott/cloud-custodian

    def _load_policies(options):

        validate = True
        if 'skip_validation' in options:
            validate = not options.skip_validation

        if not validate:
            log.debug('Policy validation disabled')

        load_resources()
        vars = _load_vars(options)

        errors = 0
        all_policies = PolicyCollection.from_data({}, options)

        # for a default region for policy loading, we'll expand regions later.
        options.region = ""

        for fp in options.configs:
            try:
                collection = policy_load(options, fp, validate=validate, vars=vars)
            except IOError:
                log.error('policy file does not exist ({})'.format(fp))
                errors += 1
                continue
            except ValueError as e:
                log.error('problem loading policy file ({})'.format(e.message))
                errors += 1
                continue

            if collection is None:
                log.debug('Loaded file {}. Contained no policies.'.format(fp))
            else:
                log.debug(
                    'Loaded file {}. Contains {} policies'.format(
                        fp, len(collection)))
                all_policies = all_policies + collection

        if errors > 0:
            log.error('Found {} errors.  Exiting.'.format(errors))
            sys.exit(1)

        # filter by name and resource type
        policies = all_policies.filter(
            getattr(options, 'policy_filter', None),
            getattr(options, 'resource_type', None))

        # provider initialization
        provider_policies = {}
        for p in policies:
            provider_policies.setdefault(p.provider_name, []).append(p)

        policies = PolicyCollection.from_data({}, options)
        for provider_name in provider_policies:
            provider = clouds[provider_name]()
            p_options = provider.initialize(options)
            policies += provider.initialize_policies(
                PolicyCollection(provider_policies[provider_name], p_options),
                p_options)

        if len(policies) == 0:
            _print_no_policies_warning(options, all_policies)
            # If we filtered out all the policies we want to exit with a
            # non-zero status. But if the policy file is empty then continue
            # on to the specific command to determine the exit status.
            if len(all_policies) > 0:
                sys.exit(1)

        # Do not allow multiple policies in a region with the same name,
        # even across files
        policies_by_region = defaultdict(list)
        for p in policies:
            policies_by_region[p.options.region].append(p)
        for region in policies_by_region.keys():
            counts = Counter([p.name for p in policies_by_region[region]])
            for policy, count in six.iteritems(counts):
                if count > 1:
                    log.error("duplicate policy name '{}'".format(policy))
                    sys.exit(1)

        # Variable expansion and non schema validation (not optional)
        for p in policies:
            p.expand_variables(p.get_variables())
            p.validate()

        return f(options, list(policies))

Esempio n. 12

File: commands.py Progetto: jeffastorey/cloud-custodian

 def _load_policies(options):
     collection = policy_load(options, options.config)
     policies = collection.filter(options.policy_filter)
     return f(options, policies)

Esempio n. 13

File: mugc.py Progetto: jpoley/cloud-custodian

def load_policies(options, config):
    policies = PolicyCollection([], config)
    for f in options.config_files:
        policies += policy_load(config, f).filter(options.policy_filter)
    return policies

Esempio n. 14

File: commands.py Progetto: JJediny/cloud-custodian

    def _load_policies(options):
        load_resources()
        vars = _load_vars(options)

        errors = 0
        all_policies = PolicyCollection.from_data({}, options)

        # for a default region for policy loading, we'll expand regions later.
        options.region = options.regions[0]

        for fp in options.configs:
            try:
                collection = policy_load(options, fp, vars=vars)
            except IOError:
                log.error('policy file does not exist ({})'.format(fp))
                errors += 1
                continue
            except ValueError as e:
                log.error('problem loading policy file ({})'.format(e.message))
                errors += 1
                continue

            if collection is None:
                log.debug('Loaded file {}. Contained no policies.'.format(fp))
            else:
                log.debug(
                    'Loaded file {}. Contains {} policies'.format(
                        fp, len(collection)))
                all_policies = all_policies + collection

        if errors > 0:
            log.error('Found {} errors.  Exiting.'.format(errors))
            sys.exit(1)

        # filter by name and resource type
        policies = all_policies.filter(
            getattr(options, 'policy_filter', None),
            getattr(options, 'resource_type', None))

        # expand by region, this results in a separate policy instance per region of execution.
        policies = policies.expand_regions(options.regions)

        if len(policies) == 0:
            _print_no_policies_warning(options, all_policies)
            # If we filtered out all the policies we want to exit with a
            # non-zero status. But if the policy file is empty then continue
            # on to the specific command to determine the exit status.
            if len(all_policies) > 0:
                sys.exit(1)

        # Do not allow multiple policies in a region with the same name,
        # even across files
        policies_by_region = defaultdict(list)
        for p in policies:
            policies_by_region[p.options.region].append(p)
        for region in policies_by_region.keys():
            counts = Counter([p.name for p in policies_by_region[region]])
            for policy, count in counts.iteritems():
                if count > 1:
                    log.error("duplicate policy name '{}'".format(policy))
                    sys.exit(1)

        return f(options, list(policies))

Esempio n. 15

File: commands.py Progetto: ryanobcog/cloud-custodian

    def _load_policies(options):

        validate = True
        if 'skip_validation' in options:
            validate = not options.skip_validation

        if not validate:
            log.debug('Policy validation disabled')

        vars = _load_vars(options)

        errors = 0
        all_policies = PolicyCollection.from_data({}, options)

        # for a default region for policy loading, we'll expand regions later.
        options.region = ""
        for fp in options.configs:
            try:
                collection = policy_load(options, fp, validate=validate, vars=vars)
            except IOError:
                log.error('policy file does not exist ({})'.format(fp))
                errors += 1
                continue
            except yaml.YAMLError as e:
                log.error(
                    "yaml syntax error loading policy file ({}) error:\n {}".format(
                        fp, e))
                errors += 1
                continue
            except ValueError as e:
                log.error('problem loading policy file ({}) error: {}'.format(
                    fp, str(e)))
                errors += 1
                continue
            except PolicyValidationError as e:
                log.error('invalid policy file: {} error: {}'.format(
                    fp, str(e)))
                errors += 1
                continue
            if collection is None:
                log.debug('Loaded file {}. Contained no policies.'.format(fp))
            else:
                log.debug(
                    'Loaded file {}. Contains {} policies'.format(
                        fp, len(collection)))
                all_policies = all_policies + collection

        if errors > 0:
            log.error('Found {} errors.  Exiting.'.format(errors))
            sys.exit(1)

        # filter by name and resource type
        policies = all_policies.filter(
            getattr(options, 'policy_filters', []),
            getattr(options, 'resource_types', []))

        # provider initialization
        provider_policies = {}
        for p in policies:
            provider_policies.setdefault(p.provider_name, []).append(p)

        policies = PolicyCollection.from_data({}, options)
        for provider_name in provider_policies:
            provider = clouds[provider_name]()
            p_options = provider.initialize(options)
            policies += provider.initialize_policies(
                PolicyCollection(provider_policies[provider_name], p_options),
                p_options)

        if len(policies) == 0:
            _print_no_policies_warning(options, all_policies)
            # If we filtered out all the policies we want to exit with a
            # non-zero status. But if the policy file is empty then continue
            # on to the specific command to determine the exit status.
            if len(all_policies) > 0:
                sys.exit(1)

        # Do not allow multiple policies in a region with the same name,
        # even across files
        policies_by_region = defaultdict(list)
        for p in policies:
            policies_by_region[p.options.region].append(p)
        for region in policies_by_region.keys():
            counts = Counter([p.name for p in policies_by_region[region]])
            for policy, count in six.iteritems(counts):
                if count > 1:
                    log.error("duplicate policy name '{}'".format(policy))
                    sys.exit(1)

        # Variable expansion and non schema validation (not optional)
        for p in policies:
            p.expand_variables(p.get_variables())
            p.validate()

        return f(options, list(policies))

Esempio n. 16

File: policylambda.py Progetto: dewitt4/Cloud-Custodain

def load_policies(options):
    policies = []
    for f in options.config_files:
        collection = policy_load(options, f)
        policies.extend(collection.filter(options.policy_filter))
    return policies

Esempio n. 17

File: mugc.py Progetto: aol/cloud-custodian

def load_policies(options):
    policies = []
    for f in options.config_files:
        collection = policy_load(options, f)
        policies.extend(collection.filter(options.policy_filter))
    return policies