def resources(self):
session = local_session(self.session_factory)
client = session.client('iam')
return self.filter_resources(
[{'account_id': get_account_id(session),
'account_name': client.list_account_aliases(
).get('AccountAliases', ('',))[0]}])
def resources(self):
session = local_session(self.session_factory)
c = session.client('rds')
query = self.resource_query()
if self._cache.load():
dbs = self._cache.get({
'region': self.config.region,
'resource': 'rds',
'q': query
})
if dbs is not None:
self.log.debug("Using cached rds: %d" % (len(dbs)))
return self.filter_resources(dbs)
self.log.info("Querying rds instances")
p = c.get_paginator('describe_db_instances')
results = p.paginate(Filters=query)
dbs = list(itertools.chain(*[rp['DBInstances'] for rp in results]))
if self.account_id is None:
self.account_id = get_account_id(session)
_rds_tags(dbs,
self.session_factory,
self.executor_factory,
self.account_id,
region=self.config.region)
self._cache.save(
{
'region': self.config.region,
'resource': 'rds',
'q': query
}, dbs)
return self.filter_resources(dbs)
def get_accounts(self):
owner_id = get_account_id(local_session(self.manager.session_factory))
accounts = set(self.data.get('whitelist', ()))
if 'whitelist_from' in self.data:
values = ValuesFrom(self.data['whitelist_from'], self.manager)
accounts = accounts.union(values.get_values())
accounts.add(owner_id)
return accounts
def get_account(session_factory):
session = local_session(session_factory)
client = session.client('iam')
aliases = client.list_account_aliases().get(
'AccountAliases', ('',))
name = aliases and aliases[0] or ""
return {'account_id': get_account_id(session),
'account_name': name}
def augment(self, resources):
session = local_session(self.session_factory)
if self.account_id is None:
self.account_id = get_account_id(session)
_rds_tags(
self.query.resolve(self.resource_type),
resources, self.session_factory, self.executor_factory,
self.account_id, region=self.config.region)
def get_resources(self, resource_ids):
session = local_session(self.session_factory)
client = session.client('iam')
return [{
'account_id':
get_account_id(session),
'account_name':
client.list_account_aliases().get('AccountAliases', ('', ))[0]
}]
def augment(self, resources):
session = local_session(self.session_factory)
if self.account_id is None:
self.account_id = get_account_id(session)
_rds_tags(
self.query.resolve(self.resource_type),
resources, self.session_factory, self.executor_factory,
self.account_id, region=self.config.region)
return resources
def process(self, buckets):
from c7n.mu import LambdaManager
from c7n.ufuncs.s3crypt import get_function
session = local_session(self.manager.session_factory)
account_id = get_account_id(session)
func = get_function(
None, self.data.get('role', self.manager.config.assume_role),
account_id=account_id)
regions = set([
b.get('Location', {
'LocationConstraint': 'us-east-1'})['LocationConstraint']
for b in buckets])
# session managers by region
region_sessions = {}
for r in regions:
region_sessions[r] = functools.partial(
self.manager.session_factory, region=r)
# Publish function to all of our buckets regions
region_funcs = {}
for r in regions:
lambda_mgr = LambdaManager(region_sessions[r])
lambda_mgr.publish(func)
region_funcs[r] = func
with self.executor_factory(max_workers=3) as w:
results = []
futures = []
for b in buckets:
region = b.get('Location', {
'LocationConstraint': 'us-east-1'}).get(
'LocationConstraint')
futures.append(
w.submit(
self.process_bucket,
region_funcs[region],
b,
account_id,
region_sessions[region]
))
for f in as_completed(futures):
if f.exception():
log.exception(
"Error attaching lambda-encrypt %s" % (f.exception()))
results.append(f.result())
return filter(None, results)
def process(self, buckets):
from c7n.mu import LambdaManager
from c7n.ufuncs.s3crypt import get_function
session = local_session(self.manager.session_factory)
account_id = get_account_id(session)
func = get_function(
None, self.data.get('role', self.manager.config.assume_role),
account_id=account_id)
regions = set([
b.get('Location', {
'LocationConstraint': 'us-east-1'})['LocationConstraint']
for b in buckets])
# session managers by region
region_sessions = {}
for r in regions:
region_sessions[r] = functools.partial(
self.manager.session_factory, region=r)
# Publish function to all of our buckets regions
region_funcs = {}
for r in regions:
lambda_mgr = LambdaManager(region_sessions[r])
lambda_mgr.publish(func)
region_funcs[r] = func
with self.executor_factory(max_workers=3) as w:
results = []
futures = []
for b in buckets:
region = b.get('Location', {
'LocationConstraint': 'us-east-1'}).get(
'LocationConstraint')
futures.append(
w.submit(
self.process_bucket,
region_funcs[region],
b,
account_id,
region_sessions[region]
))
for f in as_completed(futures):
if f.exception():
log.exception(
"Error attaching lambda-encrypt %s" % (f.exception()))
results.append(f.result())
return filter(None, results)
def resources(self):
session = local_session(self.session_factory)
c = session.client('rds')
query = self.resource_query()
if self._cache.load():
dbs = self._cache.get(
{'resource': 'rds', 'region': self.config.region, 'q': query})
if dbs is not None:
self.log.debug("Using cached rds: %d" % (
len(dbs)))
return self.filter_resources(dbs)
self.log.info("Querying rds instances")
p = c.get_paginator('describe_db_instances')
results = p.paginate(Filters=query)
dbs = list(itertools.chain(*[rp['DBInstances'] for rp in results]))
_rds_tags(dbs, self.session_factory, self.executor_factory,
get_account_id(session), region=self.config.region)
self._cache.save(
{'region': self.config.region, 'resource': 'rds', 'q': query}, dbs)
return self.filter_resources(dbs)
def account_id(self):
if self._account_id is None:
session = local_session(self.session_factory)
self._account_id = get_account_id(session)
return self._account_id
def account_id(self):
if self._account_id is None:
session = local_session(self.session_factory)
self._account_id = get_account_id(session)
return self._account_id
def get_account(session_factory):
session = local_session(session_factory)
client = session.client('iam')
aliases = client.list_account_aliases().get('AccountAliases', ('', ))
name = aliases and aliases[0] or ""
return {'account_id': get_account_id(session), 'account_name': name}
def get_accounts(self):
owner_id = get_account_id(local_session(self.manager.session_factory))
accounts = set(self.data.get('whitelist', ()))
accounts.add(owner_id)
return accounts
