diff --git a/.azure-pipelines.yml b/.azure-pipelines.yml index 1613a016416..e39f4f26cb6 100644 --- a/.azure-pipelines.yml +++ b/.azure-pipelines.yml @@ -44,9 +44,8 @@ jobs: architecture: 'x64' # bin directory is in .dockerignore - script: | - python -m pip install --upgrade pip - pip install docker click pytest pyyaml + python3 -m pip install --upgrade pip + pip3 install docker click pytest pyyaml six # build a docker image and sanity test - script: | - python tools/dev/dockerpkg.py build -t build --verbose --test -i cli - + python3 tools/dev/dockerpkg.py build -t build --verbose --test -i cli diff --git a/.github/workflows/ci-master.yml b/.github/workflows/ci-master.yml index 9dbaa24c7ad..5ed256a0d31 100644 --- a/.github/workflows/ci-master.yml +++ b/.github/workflows/ci-master.yml @@ -88,6 +88,11 @@ jobs: bash <(curl -s https://codecov.io/bash) -Z \ -v -f coverage.xml + - name: License Check + if: contains(matrix.tox-target, 'py39') + run: | + ./.tox/${{ matrix.tox-target }}/bin/python tools/dev/license-check.py + Test-Windows: # windows can't use the fast cache technique we use in our matrix builds # where we cache the entire tox virtualenv directory, without error. @@ -116,6 +121,23 @@ jobs: run: | tox -e py37 + Analyzer: + runs-on: ubuntu-latest + needs: Lint + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-python@v1 + with: + python-version: 3.9 + - name: Run Bandit + run: | + python -m pip install bandit + make analyzer-bandit + - name: Run Semgrep + run: | + python -m pip install semgrep + make analyzer-semgrep + Docs: # todo, figure out how to fast cache the tox directory here. runs-on: ubuntu-latest diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 537b0496aa0..de8e16c2f3e 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -22,7 +22,7 @@ jobs: # bin directory is in .dockerignore run: | python -m pip install --upgrade pip - pip install docker click pytest pyyaml + pip install docker click pytest pyyaml six mkdir -p bin wget -q -O bin/trivy.tgz https://github.com/aquasecurity/trivy/releases/download/v0.5.4/trivy_0.5.4_Linux-64bit.tar.gz cd bin && tar xzf trivy.tgz diff --git a/.vscode/tasks.json b/.vscode/tasks.json index 79caa33ddd7..a5991b0d60b 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -1,7 +1,7 @@ { // See https://go.microsoft.com/fwlink/?LinkId=733558 // for the documentation about the tasks.json format - "version": "0.1.0", + "version": "2.0.0", "command": "make", "isShellCommand": true, "echoCommand": true, @@ -13,4 +13,4 @@ {"taskName": "coverage", "args": ["coverage"]} ] -} \ No newline at end of file +} diff --git a/Curtis_upload_test b/Curtis_upload_test new file mode 100644 index 00000000000..03902d70d79 --- /dev/null +++ b/Curtis_upload_test @@ -0,0 +1 @@ +make sure this works diff --git a/LICENSE.txt b/LICENSE similarity index 100% rename from LICENSE.txt rename to LICENSE diff --git a/Makefile b/Makefile index 44ef5d63133..1e13761e7e1 100644 --- a/Makefile +++ b/Makefile @@ -107,3 +107,28 @@ lint: clean: rm -rf .tox .Python bin include lib pip-selfcheck.json + +analyzer-bandit: + bandit -i -s B101,B311 \ + -r tools/c7n_azure/c7n_azure \ + tools/c7n_gcp/c7n_gcp \ + tools/c7n_terraform/c7n_terraform \ + tools/c7n_guardian/c7n_guardian \ + tools/c7n_org/c7n_org \ + tools/c7n_mailer/c7n_mailer \ + tools/c7n_policystream/policystream.py \ + tools/c7n_trailcreator/c7n_trailcreator \ + c7n + + +analyzer-semgrep: + semgrep --error --verbose --config p/security-audit \ + tools/c7n_azure/c7n_azure \ + tools/c7n_gcp/c7n_gcp \ + tools/c7n_terraform/c7n_terraform \ + tools/c7n_guardian/c7n_guardian \ + tools/c7n_org/c7n_org \ + tools/c7n_mailer/c7n_mailer \ + tools/c7n_policystream/policystream.py \ + tools/c7n_trailcreator/c7n_trailcreator \ + c7n diff --git a/c7n/cache.py b/c7n/cache.py index acee3967e67..aa75e0a2f51 100644 --- a/c7n/cache.py +++ b/c7n/cache.py @@ -3,7 +3,7 @@ """Provide basic caching services to avoid extraneous queries over multiple policies on the same resource type. """ -import pickle +import pickle # nosec nosemgrep import os import logging @@ -65,10 +65,10 @@ def load(self): return True def get(self, key): - return self.data.get(pickle.dumps(key)) + return self.data.get(pickle.dumps(key)) # nosemgrep def save(self, key, data): - self.data[pickle.dumps(key)] = data + self.data[pickle.dumps(key)] = data # nosemgrep def size(self): return sum(map(len, self.data.values())) @@ -86,7 +86,7 @@ def __init__(self, config): self.data = {} def get(self, key): - k = pickle.dumps(key) + k = pickle.dumps(key) # nosemgrep return self.data.get(k) def load(self): @@ -98,7 +98,7 @@ def load(self): return False with open(self.cache_path, 'rb') as fh: try: - self.data = pickle.load(fh) + self.data = pickle.load(fh) # nosec nosemgrep except EOFError: return False log.debug("Using cache file %s" % self.cache_path) @@ -106,9 +106,9 @@ def load(self): def save(self, key, data): try: - with open(self.cache_path, 'wb') as fh: - self.data[pickle.dumps(key)] = data - pickle.dump(self.data, fh, protocol=2) + with open(self.cache_path, 'wb') as fh: # nosec + self.data[pickle.dumps(key)] = data # nosemgrep + pickle.dump(self.data, fh, protocol=2) # nosemgrep except Exception as e: log.warning("Could not save cache %s err: %s" % ( self.cache_path, e)) diff --git a/c7n/commands.py b/c7n/commands.py index cdbfe76c889..d06e25dabc2 100644 --- a/c7n/commands.py +++ b/c7n/commands.py @@ -205,7 +205,8 @@ def validate(options): with open(config_file) as fh: if fmt in ('yml', 'yaml', 'json'): - data = yaml.load(fh.read(), Loader=DuplicateKeyCheckLoader) + # our loader is safe loader derived. + data = yaml.load(fh.read(), Loader=DuplicateKeyCheckLoader) # nosec nosemgrep else: log.error("The config file must end in .json, .yml or .yaml.") raise ValueError("The config file must end in .json, .yml or .yaml.") diff --git a/c7n/filters/core.py b/c7n/filters/core.py index e97313ee830..01a7194dc70 100644 --- a/c7n/filters/core.py +++ b/c7n/filters/core.py @@ -581,7 +581,7 @@ def match(self, i): return op(r, v) except TypeError: return False - elif r == self.v: + elif r == v: return True return False diff --git a/c7n/filters/kms.py b/c7n/filters/kms.py index 6438f13e997..3e241c6b3cd 100644 --- a/c7n/filters/kms.py +++ b/c7n/filters/kms.py @@ -1,9 +1,8 @@ # Copyright The Cloud Custodian Authors. # SPDX-License-Identifier: Apache-2.0 -from botocore.exceptions import ClientError from .core import ValueFilter from .related import RelatedResourceFilter -from c7n.utils import local_session, type_schema +from c7n.utils import type_schema class KmsRelatedFilter(RelatedResourceFilter): @@ -13,6 +12,8 @@ class KmsRelatedFilter(RelatedResourceFilter): :example: + Match a specific key alias: + .. code-block:: yaml policies: @@ -20,8 +21,22 @@ class KmsRelatedFilter(RelatedResourceFilter): resource: dms-instance filters: - type: kms-key - key: c7n:AliasName + key: "c7n:AliasName" value: alias/aws/dms + + Or match against native key attributes such as ``KeyManager``, which + more explicitly distinguishes between ``AWS`` and ``CUSTOMER``-managed + keys. The above policy can also be written as: + + .. code-block:: yaml + + policies: + - name: dms-aws-managed-key + resource: dms-instance + filters: + - type: kms-key + key: KeyManager + value: AWS """ schema = type_schema( @@ -31,6 +46,24 @@ class KmsRelatedFilter(RelatedResourceFilter): RelatedResource = "c7n.resources.kms.Key" AnnotationKey = "matched-kms-key" + def get_related(self, resources): + resource_manager = self.get_resource_manager() + related_ids = self.get_related_ids(resources) + if len(related_ids) < self.FetchThreshold: + related = resource_manager.get_resources(list(related_ids)) + else: + related = resource_manager.resources() + related_map = {} + + # A resource's key property may point to an explicit ID or a key alias. + # Be sure that a related key lookup covers both cases. + for r in related: + related_map[r['KeyId']] = r + for alias in r.get('AliasNames', []): + related_map[alias] = r + + return related_map + def get_related_ids(self, resources): related_ids = super().get_related_ids(resources) normalized_ids = [] @@ -42,13 +75,10 @@ def get_related_ids(self, resources): return normalized_ids def process(self, resources, event=None): - client = local_session(self.manager.session_factory).client('kms') related = self.get_related(resources) for r in related.values(): - try: - alias_info = self.manager.retry(client.list_aliases, KeyId=r.get('KeyId')) - except ClientError as e: - self.log.warning(e) - continue - r['c7n:AliasName'] = alias_info.get('Aliases')[0].get('AliasName', '') + # `AliasNames` is set when we fetch keys, but only for keys + # which have aliases defined. Fall back to an empty string + # to avoid lookup errors in filters. + r['c7n:AliasName'] = r.get('AliasNames', ('',))[0] return [r for r in resources if self.process_resource(r, related)] diff --git a/c7n/filters/offhours.py b/c7n/filters/offhours.py index cd8b02523db..1203ccf8b68 100644 --- a/c7n/filters/offhours.py +++ b/c7n/filters/offhours.py @@ -29,6 +29,9 @@ - **weekends-only**: default false, whether to turn the resource off only on the weekend - **default_tz**: which timezone to utilize when evaluating time **(REQUIRED)** + - **fallback-schedule**: If a resource doesn't support tagging or doesn't provide + a tag you can supply a default schedule that will be used. When the tag is provided + this will be ignored. See :ref:`ScheduleParser Time Specifications `. - **tag**: which resource tag name to use for per-resource configuration (schedule and timezone overrides and opt-in/opt-out); default is ``maid_offhours``. @@ -61,6 +64,7 @@ onhour: 8 offhour: 20 + Tag Based Configuration ======================= @@ -94,6 +98,9 @@ supported by :py:class:`c7n.filters.offhours.ScheduleParser` as described in the next section. + +.. _scheduleparser-time-spec: + ScheduleParser Time Specifications ---------------------------------- @@ -255,6 +262,7 @@ class Time(Filter): 'properties': { 'tag': {'type': 'string'}, 'default_tz': {'type': 'string'}, + 'fallback_schedule': {'type': 'string'}, 'weekends': {'type': 'boolean'}, 'weekends-only': {'type': 'boolean'}, 'opt-out': {'type': 'boolean'}, @@ -315,6 +323,7 @@ def __init__(self, data, manager=None): self.weekends_only = self.data.get('weekends-only', False) self.opt_out = self.data.get('opt-out', False) self.tag_key = self.data.get('tag', self.DEFAULT_TAG).lower() + self.fallback_schedule = self.data.get('fallback-schedule', None) self.default_schedule = self.get_default_schedule() self.parser = ScheduleParser(self.default_schedule) @@ -438,12 +447,12 @@ def match(self, now, schedule): def get_tag_value(self, i): """Get the resource's tag value specifying its schedule.""" # Look for the tag, Normalize tag key and tag value - found = False + found = self.fallback_schedule for t in i.get('Tags', ()): if t['Key'].lower() == self.tag_key: found = t['Value'] break - if found is False: + if found in (False, None): return False # enforce utf8, or do translate tables via unicode ord mapping value = found.lower().encode('utf8').decode('utf8') diff --git a/c7n/handler.py b/c7n/handler.py index b156a335e74..25a4b274964 100644 --- a/c7n/handler.py +++ b/c7n/handler.py @@ -100,7 +100,7 @@ def init_config(policy_config): # a cli local directory doesn't translate to lambda if not exec_options.get('output_dir', '').startswith('s3'): - exec_options['output_dir'] = '/tmp' + exec_options['output_dir'] = '/tmp' # nosec account_id = None # we can source account id from the cli parameters to avoid the sts call diff --git a/c7n/mu.py b/c7n/mu.py index c8d0dff9a8e..51a1130fedc 100644 --- a/c7n/mu.py +++ b/c7n/mu.py @@ -1078,6 +1078,8 @@ def render_event_pattern(self): }) if self.data.get('categories', []): payload['detail']['eventTypeCategory'] = self.data['categories'] + if not payload['detail']: + payload.pop('detail') elif event_type == 'hub-finding': payload['source'] = ['aws.securityhub'] payload['detail-type'] = ['Security Hub Findings - Imported'] @@ -1160,13 +1162,13 @@ def update(self, func): def pause(self, func): try: self.client.disable_rule(Name=func.name) - except Exception: + except ClientError: pass def resume(self, func): try: self.client.enable_rule(Name=func.name) - except Exception: + except ClientError: pass def remove(self, func): @@ -1663,7 +1665,7 @@ def delta(rule, params): if ('MaximumExecutionFrequency' in params and rule['MaximumExecutionFrequency'] != params['MaximumExecutionFrequency']): return True - if rule.get('Description', '') != rule.get('Description', ''): + if rule.get('Description', '') != params.get('Description', ''): return True return False diff --git a/c7n/output.py b/c7n/output.py index 71aef6ce70b..b301af3ce31 100644 --- a/c7n/output.py +++ b/c7n/output.py @@ -330,9 +330,9 @@ def __enter__(self): return self def __exit__(self, exc_type=None, exc_value=None, exc_traceback=None): - self.leave_log() if exc_type is not None: log.exception("Error while executing policy") + self.leave_log() def join_log(self): self.handler = self.get_handler() diff --git a/c7n/query.py b/c7n/query.py index 9f68a26e3b5..ab04f9abbfe 100644 --- a/c7n/query.py +++ b/c7n/query.py @@ -364,7 +364,11 @@ def _load_resource_tags(self, resource, item): if isinstance(stags, str): stags = json.loads(stags) if isinstance(stags, list): - resource['Tags'] = [{u'Key': t['key'], u'Value': t['value']} for t in stags] + resource['Tags'] = [ + {u'Key': t.get('key', t.get('tagKey')), + u'Value': t.get('value', t.get('tagValue'))} + for t in stags + ] elif isinstance(stags, dict): resource['Tags'] = [{u'Key': k, u'Value': v} for k, v in stags.items()] diff --git a/c7n/reports/csvout.py b/c7n/reports/csvout.py index 941704976f9..dce1b7d12f2 100644 --- a/c7n/reports/csvout.py +++ b/c7n/reports/csvout.py @@ -49,6 +49,20 @@ log = logging.getLogger('custodian.reports') +def strip_output_path(path, policy_name): + """Remove the date portion from an object storage output path. + This effectively removes any trailing path segments that follow + the last occurrence of the policy name. + + >>> strip_output_path( + ... '/logs/my-policy-name/2020/01/01/01' + ... 'my-policy-name' + ... ) + logs/my-policy-name + """ + return ''.join(path.strip('/').rpartition(policy_name)[:-1]) + + def report(policies, start_date, options, output_fh, raw_output_fh=None): """Format a policy's extant records into a report.""" regions = {p.options.region for p in policies} @@ -69,7 +83,7 @@ def report(policies, start_date, options, output_fh, raw_output_fh=None): policy_records = record_set( policy.session_factory, policy.ctx.output.config['netloc'], - policy.ctx.output.config['path'].strip('/'), + strip_output_path(policy.ctx.output.config['path'], policy.name), start_date) else: policy_records = fs_record_set(policy.ctx.log_dir, policy.name) @@ -85,7 +99,7 @@ def report(policies, start_date, options, output_fh, raw_output_fh=None): rows = formatter.to_csv(records) if options.format == 'csv': - writer = csv.writer(output_fh, formatter.headers()) + writer = csv.writer(output_fh, formatter.headers(), quoting=csv.QUOTE_ALL) writer.writerow(formatter.headers()) writer.writerows(rows) elif options.format == 'json': diff --git a/c7n/resolver.py b/c7n/resolver.py index 3e827d3170f..57b5435dbdc 100644 --- a/c7n/resolver.py +++ b/c7n/resolver.py @@ -34,10 +34,8 @@ def resolve(self, uri): if uri.startswith('s3://'): contents = self.get_s3_uri(uri) else: - # TODO: in the case of file: content and untrusted - # third parties, uri would need sanitization req = Request(uri, headers={"Accept-Encoding": "gzip"}) - with closing(urlopen(req)) as response: + with closing(urlopen(req)) as response: # nosec nosemgrep contents = self.handle_response_encoding(response) if self.cache: diff --git a/c7n/resources/ami.py b/c7n/resources/ami.py index fe41847a9a7..852d4a8c886 100644 --- a/c7n/resources/ami.py +++ b/c7n/resources/ami.py @@ -48,6 +48,7 @@ class resource_type(TypeInfo): filter_type = 'list' name = 'Name' date = 'CreationDate' + id_prefix = "ami-" source_mapping = { 'describe': DescribeImageSource @@ -124,7 +125,7 @@ def process(self, images): try: self.manager.retry(client.delete_snapshot, SnapshotId=s) except ClientError as e: - if e.error['Code'] == 'InvalidSnapshot.InUse': + if e.response['Error']['Code'] == 'InvalidSnapshot.InUse': continue diff --git a/c7n/resources/asg.py b/c7n/resources/asg.py index 0a9ae376e7c..aa0eb5286f6 100644 --- a/c7n/resources/asg.py +++ b/c7n/resources/asg.py @@ -1659,6 +1659,93 @@ def process_asg(self, client, asg): raise +@ASG.action_registry.register('update') +class Update(Action): + """Action to update ASG configuration settings + + :example: + + .. code-block:: yaml + + policies: + - name: set-asg-instance-lifetime + resource: asg + filters: + - MaxInstanceLifetime: empty + actions: + - type: update + max-instance-lifetime: 604800 # (7 days) + + - name: set-asg-by-policy + resource: asg + actions: + - type: update + default-cooldown: 600 + max-instance-lifetime: 0 # (clear it) + new-instances-protected-from-scale-in: true + capacity-rebalance: true + """ + + schema = type_schema( + 'update', + **{ + 'default-cooldown': {'type': 'integer', 'minimum': 0}, + 'max-instance-lifetime': { + "anyOf": [ + {'enum': [0]}, + {'type': 'integer', 'minimum': 86400} + ] + }, + 'new-instances-protected-from-scale-in': {'type': 'boolean'}, + 'capacity-rebalance': {'type': 'boolean'}, + } + ) + permissions = ("autoscaling:UpdateAutoScalingGroup",) + settings_map = { + "default-cooldown": "DefaultCooldown", + "max-instance-lifetime": "MaxInstanceLifetime", + "new-instances-protected-from-scale-in": "NewInstancesProtectedFromScaleIn", + "capacity-rebalance": "CapacityRebalance" + } + + def validate(self): + if not set(self.settings_map).intersection(set(self.data)): + raise PolicyValidationError( + "At least one setting must be specified from: " + + ", ".join(sorted(self.settings_map)) + ) + return self + + def process(self, asgs): + client = local_session(self.manager.session_factory).client('autoscaling') + + settings = {} + for k, v in self.settings_map.items(): + if k in self.data: + settings[v] = self.data.get(k) + + with self.executor_factory(max_workers=2) as w: + futures = {} + error = None + for a in asgs: + futures[w.submit(self.process_asg, client, a, settings)] = a + for f in as_completed(futures): + if f.exception(): + self.log.error("Error while updating asg:%s error:%s" % ( + futures[f]['AutoScalingGroupName'], + f.exception())) + error = f.exception() + if error: + # make sure we stop policy execution if there were errors + raise error + + def process_asg(self, client, asg, settings): + self.manager.retry( + client.update_auto_scaling_group, + AutoScalingGroupName=asg['AutoScalingGroupName'], + **settings) + + @resources.register('launch-config') class LaunchConfig(query.QueryResourceManager): diff --git a/c7n/resources/aws.py b/c7n/resources/aws.py index 60342165a9e..b91b7253c69 100644 --- a/c7n/resources/aws.py +++ b/c7n/resources/aws.py @@ -651,7 +651,7 @@ def join_output(output_dir, suffix): def fake_session(): - session = boto3.Session( + session = boto3.Session( # nosec nosemgrep region_name='us-east-1', aws_access_key_id='never', aws_secret_access_key='found') diff --git a/c7n/resources/awslambda.py b/c7n/resources/awslambda.py index 2b14e234718..b053ccfb782 100644 --- a/c7n/resources/awslambda.py +++ b/c7n/resources/awslambda.py @@ -251,23 +251,7 @@ def process(self, resources, event=None): @AWSLambda.filter_registry.register('kms-key') class KmsFilter(KmsRelatedFilter): - """ - Filter a resource by its associcated kms key and optionally the aliasname - of the kms key by using 'c7n:AliasName' - - :example: - .. code-block:: yaml - - policies: - - name: lambda-kms-key-filters - resource: aws.lambda - filters: - - type: kms-key - key: c7n:AliasName - value: "^(alias/aws/lambda)" - op: regex - """ RelatedIdsExpression = 'KMSKeyArn' diff --git a/c7n/resources/batch.py b/c7n/resources/batch.py index 3fa89532b2c..931b823933f 100644 --- a/c7n/resources/batch.py +++ b/c7n/resources/batch.py @@ -26,13 +26,13 @@ class resource_type(TypeInfo): @ComputeEnvironment.filter_registry.register('security-group') class ComputeSGFilter(SecurityGroupFilter): - RelatedIdsExpression = "computeResources.securityGroupIds" + RelatedIdsExpression = "computeResources.securityGroupIds[]" @ComputeEnvironment.filter_registry.register('subnet') class ComputeSubnetFilter(SubnetFilter): - RelatedIdsExpression = "computeResources.subnets" + RelatedIdsExpression = "computeResources.subnets[]" @resources.register('batch-definition') diff --git a/c7n/resources/cw.py b/c7n/resources/cw.py index 119f2de43e2..d39eb420eb6 100644 --- a/c7n/resources/cw.py +++ b/c7n/resources/cw.py @@ -12,7 +12,8 @@ from c7n.filters.iamaccess import CrossAccountAccessFilter from c7n.filters.related import ChildResourceFilter from c7n.filters.kms import KmsRelatedFilter -from c7n.query import QueryResourceManager, ChildResourceManager, TypeInfo +from c7n.query import ( + QueryResourceManager, ChildResourceManager, TypeInfo, DescribeSource, ConfigSource) from c7n.manager import resources from c7n.resolver import ValuesFrom from c7n.resources import load_resources @@ -21,6 +22,11 @@ from c7n.utils import type_schema, local_session, chunks, get_retry +class DescribeAlarm(DescribeSource): + def augment(self, resources): + return universal_augment(self.manager, super().augment(resources)) + + @resources.register('alarm') class Alarm(QueryResourceManager): @@ -35,6 +41,12 @@ class resource_type(TypeInfo): name = 'AlarmName' date = 'AlarmConfigurationUpdatedTimestamp' cfn_type = config_type = 'AWS::CloudWatch::Alarm' + universal_taggable = object() + + source_mapping = { + 'describe': DescribeAlarm, + 'config': ConfigSource + } retry = staticmethod(get_retry(('Throttled',))) @@ -612,23 +624,6 @@ def process_resource_set(self, client, accounts, resources): @LogGroup.filter_registry.register('kms-key') class KmsFilter(KmsRelatedFilter): - """ - Filter a resource by its associcated kms key and optionally the aliasname - of the kms key by using 'c7n:AliasName' - - :example: - - .. code-block:: yaml - - policies: - - name: cw-log-group-kms-key-filter - resource: log-group - filters: - - type: kms-key - key: c7n:AliasName - value: "^(alias/cw)" - op: regex - """ RelatedIdsExpression = 'kmsKeyId' diff --git a/c7n/resources/datapipeline.py b/c7n/resources/datapipeline.py index 7bd2dd43283..16deff665be 100644 --- a/c7n/resources/datapipeline.py +++ b/c7n/resources/datapipeline.py @@ -26,7 +26,7 @@ class DataPipeline(QueryResourceManager): class resource_type(TypeInfo): service = 'datapipeline' arn_type = 'dataPipeline' - id = 'id' + id = 'pipelineId' name = 'name' dimension = 'name' batch_detail_spec = ( diff --git a/c7n/resources/dynamodb.py b/c7n/resources/dynamodb.py index 236bfc87121..79dab1c17b9 100644 --- a/c7n/resources/dynamodb.py +++ b/c7n/resources/dynamodb.py @@ -61,23 +61,7 @@ class resource_type(query.TypeInfo): @Table.filter_registry.register('kms-key') class KmsFilter(KmsRelatedFilter): - """ - Filter a resource by its associcated kms key and optionally the aliasname - of the kms key by using 'c7n:AliasName' - - :example: - - .. code-block:: yaml - policies: - - name: dynamodb-kms-key-filters - resource: dynamodb-table - filters: - - type: kms-key - key: c7n:AliasName - value: "^(alias/aws/dynamodb)" - op: regex - """ RelatedIdsExpression = 'SSEDescription.KMSMasterKeyArn' @@ -499,10 +483,9 @@ class DaxTagging(Tag): permissions = ('dax:TagResource',) def process_resource_set(self, client, resources, tags): - mid = self.manager.resource_type.id for r in resources: try: - client.tag_resource(ResourceName=r[mid], Tags=tags) + client.tag_resource(ResourceName=r['ClusterArn'], Tags=tags) except (client.exceptions.ClusterNotFoundFault, client.exceptions.InvalidARNFault, client.exceptions.InvalidClusterStateFault) as e: diff --git a/c7n/resources/ebs.py b/c7n/resources/ebs.py index 35cc5a33328..b816a28af60 100644 --- a/c7n/resources/ebs.py +++ b/c7n/resources/ebs.py @@ -47,6 +47,7 @@ class resource_type(TypeInfo): enum_spec = ( 'describe_snapshots', 'Snapshots', None) id = 'SnapshotId' + id_prefix = 'snap-' filter_name = 'SnapshotIds' filter_type = 'list' name = 'SnapshotId' @@ -642,6 +643,7 @@ class resource_type(TypeInfo): arn_type = 'volume' enum_spec = ('describe_volumes', 'Volumes', None) name = id = 'VolumeId' + id_prefix = 'vol-' filter_name = 'VolumeIds' filter_type = 'list' date = 'createTime' @@ -1596,7 +1598,7 @@ class ModifyVolume(BaseAction): schema = type_schema( 'modify', - **{'volume-type': {'enum': ['io1', 'gp2', 'st1', 'sc1']}, + **{'volume-type': {'enum': ['io1', 'gp2', 'gp3', 'st1', 'sc1']}, 'shrink': False, 'size-percent': {'type': 'number'}, 'iops-percent': {'type': 'number'}}) diff --git a/c7n/resources/ec2.py b/c7n/resources/ec2.py index a25c13f77a0..4c573d45fae 100644 --- a/c7n/resources/ec2.py +++ b/c7n/resources/ec2.py @@ -106,6 +106,7 @@ class resource_type(query.TypeInfo): date = 'LaunchTime' dimension = 'InstanceId' cfn_type = config_type = "AWS::EC2::Instance" + id_prefix = 'i-' default_report_fields = ( 'CustodianDate', @@ -2082,6 +2083,7 @@ class LaunchTemplate(query.QueryResourceManager): class resource_type(query.TypeInfo): id = 'LaunchTemplateId' + id_prefix = 'lt-' name = 'LaunchTemplateName' service = 'ec2' date = 'CreateTime' @@ -2176,6 +2178,7 @@ class ReservedInstance(query.QueryResourceManager): class resource_type(query.TypeInfo): service = 'ec2' name = id = 'ReservedInstancesId' + id_prefix = "" date = 'Start' enum_spec = ( 'describe_reserved_instances', 'ReservedInstances', None) @@ -2192,6 +2195,7 @@ class DedicatedHost(query.QueryResourceManager): class resource_type(query.TypeInfo): service = 'ec2' name = id = 'HostId' + id_prefix = 'h-' enum_spec = ('describe_hosts', 'Hosts', None) arn_type = "dedicated-host" filter_name = 'HostIds' diff --git a/c7n/resources/ecs.py b/c7n/resources/ecs.py index 8b86c752614..6e1d7dda0e3 100644 --- a/c7n/resources/ecs.py +++ b/c7n/resources/ecs.py @@ -8,6 +8,7 @@ from c7n.manager import resources from c7n.utils import local_session, chunks, get_retry, type_schema, group_by from c7n import query +from c7n.query import DescribeSource, ConfigSource import jmespath from c7n.tags import Tag, TagDelayedAction, RemoveTag, TagActionFilter from c7n.actions import AutoTagUser @@ -38,6 +39,46 @@ def ecs_taggable(model, r): return len(path_parts) > 2 +class ContainerConfigSource(ConfigSource): + + preserve_empty = () + preserve_case = {'Tags'} + mapped_keys = {} + + @classmethod + def remap_keys(cls, resource): + for k, v in cls.mapped_keys.items(): + if v in resource: + continue + if k not in resource: + continue + resource[v] = resource.pop(k) + return resource + + @classmethod + def lower_keys(cls, data): + if isinstance(data, dict): + for k, v in list(data.items()): + if k in cls.preserve_case: + continue + lk = k[0].lower() + k[1:] + data[lk] = data.pop(k) + # describe doesn't return empty list/dict by default + if isinstance(v, (list, dict)) and not v and lk not in cls.preserve_empty: + data.pop(lk) + elif isinstance(v, (dict, list)): + data[lk] = cls.lower_keys(v) + elif isinstance(data, list): + return list(map(cls.lower_keys, data)) + return data + + def load_resource(self, item): + resource = self.lower_keys(super().load_resource(item)) + if self.mapped_keys: + return self.remap_keys(resource) + return resource + + @resources.register('ecs') class ECSCluster(query.QueryResourceManager): @@ -144,6 +185,15 @@ def process_cluster_resources(self, client, cluster_id, services): return results +class ECSServiceConfigSource(ContainerConfigSource): + perserve_empty = { + 'placementConstraints', 'placementStrategy', + 'serviceRegistries', 'Tags', 'loadBalancers'} + + mapped_keys = { + 'role': 'roleArn', 'cluster': 'clusterArn'} + + @resources.register('ecs-service') class Service(query.ChildResourceManager): @@ -156,14 +206,13 @@ class resource_type(query.TypeInfo): enum_spec = ('list_services', 'serviceArns', None) parent_spec = ('ecs', 'cluster', None) supports_trailevents = True - cfn_type = 'AWS::ECS::Service' + config_type = cfn_type = 'AWS::ECS::Service' - @property - def source_type(self): - source = self.data.get('source', 'describe') - if source in ('describe', 'describe-child'): - source = 'describe-ecs-service' - return source + source_mapping = { + 'config': ECSServiceConfigSource, + 'describe-child': ECSServiceDescribeSource, + 'describe': ECSServiceDescribeSource, + } def get_resources(self, ids, cache=True, augment=True): return super(Service, self).get_resources(ids, cache, augment=False) @@ -476,33 +525,25 @@ def process(self, resources): raise -@resources.register('ecs-task-definition') -class TaskDefinition(query.QueryResourceManager): - - class resource_type(query.TypeInfo): - service = 'ecs' - arn = id = name = 'taskDefinitionArn' - enum_spec = ('list_task_definitions', 'taskDefinitionArns', None) - cfn_type = 'AWS::ECS::TaskDefinition' - arn_type = 'task-definition' +class DescribeTaskDefinition(DescribeSource): def get_resources(self, ids, cache=True): if cache: - resources = self._get_cached_resources(ids) + resources = self.manager._get_cached_resources(ids) if resources is not None: return resources try: resources = self.augment(ids) return resources except ClientError as e: - self.log.warning("event ids not resolved: %s error:%s" % (ids, e)) + self.manager.log.warning("event ids not resolved: %s error:%s" % (ids, e)) return [] def augment(self, resources): results = [] - client = local_session(self.session_factory).client('ecs') + client = local_session(self.manager.session_factory).client('ecs') for task_def_set in resources: - response = self.retry( + response = self.manager.retry( client.describe_task_definition, taskDefinition=task_def_set, include=['TAGS']) @@ -513,6 +554,30 @@ def augment(self, resources): return results +class ConfigECSTaskDefinition(ContainerConfigSource): + + preserve_empty = {'mountPoints', 'portMappings', 'volumesFrom'} + + +@resources.register('ecs-task-definition') +class TaskDefinition(query.QueryResourceManager): + + class resource_type(query.TypeInfo): + service = 'ecs' + arn = id = name = 'taskDefinitionArn' + enum_spec = ('list_task_definitions', 'taskDefinitionArns', None) + cfn_type = config_type = 'AWS::ECS::TaskDefinition' + arn_type = 'task-definition' + + source_mapping = { + 'config': ConfigECSTaskDefinition, + 'describe': DescribeTaskDefinition + } + + def get_resources(self, ids, cache=True, augment=True): + return super(TaskDefinition, self).get_resources(ids, cache, augment=False) + + @TaskDefinition.action_registry.register('delete') class DeleteTaskDefinition(BaseAction): """Delete/DeRegister a task definition. diff --git a/c7n/resources/efs.py b/c7n/resources/efs.py index 1a117a51315..9bb391ce2df 100644 --- a/c7n/resources/efs.py +++ b/c7n/resources/efs.py @@ -86,23 +86,7 @@ def get_related_ids(self, resources): @ElasticFileSystem.filter_registry.register('kms-key') class KmsFilter(KmsRelatedFilter): - """ - Filter a resource by its associcated kms key and optionally the aliasname - of the kms key by using 'c7n:AliasName' - - :example: - .. code-block:: yaml - - policies: - - name: efs-kms-key-filters - resource: efs - filters: - - type: kms-key - key: c7n:AliasName - value: "^(alias/aws/)" - op: regex - """ RelatedIdsExpression = 'KmsKeyId' diff --git a/c7n/resources/eks.py b/c7n/resources/eks.py index e19e7fc5a6f..8c8ae9d21ec 100644 --- a/c7n/resources/eks.py +++ b/c7n/resources/eks.py @@ -4,10 +4,26 @@ from c7n.filters.vpc import SecurityGroupFilter, SubnetFilter, VpcFilter from c7n.manager import resources from c7n import tags -from c7n.query import QueryResourceManager, TypeInfo +from c7n.query import QueryResourceManager, TypeInfo, DescribeSource from c7n.utils import local_session, type_schema from botocore.waiter import WaiterModel, create_waiter_with_client from .aws import shape_validate +from .ecs import ContainerConfigSource + + +class EKSDescribeSource(DescribeSource): + + def augment(self, resources): + resources = super().augment(resources) + for r in resources: + if 'tags' not in r: + continue + r['Tags'] = [{'Key': k, 'Value': v} for k, v in r['tags'].items()] + return resources + + +class EKSConfigSource(ContainerConfigSource): + mapped_keys = {'certificateAuthorityData': 'certificateAuthority'} @resources.register('eks') @@ -21,15 +37,12 @@ class resource_type(TypeInfo): detail_spec = ('describe_cluster', 'name', None, 'cluster') id = name = 'name' date = 'createdAt' - cfn_type = 'AWS::EKS::Cluster' + config_type = cfn_type = 'AWS::EKS::Cluster' - def augment(self, resources): - resources = super(EKS, self).augment(resources) - for r in resources: - if 'tags' not in r: - continue - r['Tags'] = [{'Key': k, 'Value': v} for k, v in r['tags'].items()] - return resources + source_mapping = { + 'config': EKSConfigSource, + 'describe': EKSDescribeSource + } @EKS.filter_registry.register('subnet') diff --git a/c7n/resources/elasticsearch.py b/c7n/resources/elasticsearch.py index 3feaf377afa..499d3967ce0 100644 --- a/c7n/resources/elasticsearch.py +++ b/c7n/resources/elasticsearch.py @@ -96,23 +96,7 @@ def get_dimensions(self, resource): @ElasticSearchDomain.filter_registry.register('kms-key') class KmsFilter(KmsRelatedFilter): - """ - Filter a resource by its associcated kms key and optionally the aliasname - of the kms key by using 'c7n:AliasName' - - :example: - - .. code-block:: yaml - policies: - - name: elasticsearch-kms-key - resource: aws.elasticsearch - filters: - - type: kms-key - key: c7n:AliasName - value: "^(alias/aws/es)" - op: regex - """ RelatedIdsExpression = 'EncryptionAtRestOptions.KmsKeyId' diff --git a/c7n/resources/emr.py b/c7n/resources/emr.py index 700328c2b0d..061cd1421ce 100644 --- a/c7n/resources/emr.py +++ b/c7n/resources/emr.py @@ -32,8 +32,8 @@ class resource_type(TypeInfo): service = 'emr' arn_type = 'emr' permission_prefix = 'elasticmapreduce' - cluster_states = ['WAITING', 'BOOTSTRAPPING', 'RUNNING', 'STARTING'] - enum_spec = ('list_clusters', 'Clusters', {'ClusterStates': cluster_states}) + default_cluster_states = ['WAITING', 'BOOTSTRAPPING', 'RUNNING', 'STARTING'] + enum_spec = ('list_clusters', 'Clusters', None) name = 'Name' id = 'Id' date = "Status.Timeline.CreationDateTime" @@ -46,9 +46,7 @@ class resource_type(TypeInfo): def __init__(self, ctx, data): super(EMRCluster, self).__init__(ctx, data) self.queries = QueryFilter.parse( - self.data.get('query', [ - {'ClusterStates': [ - 'running', 'bootstrapping', 'waiting']}])) + self.data.get('query', [])) @classmethod def get_permissions(cls): @@ -91,7 +89,7 @@ def consolidate_query_filter(self): result.append( { 'Name': 'ClusterStates', - 'Values': ['WAITING', 'RUNNING', 'BOOTSTRAPPING'], + 'Values': self.resource_type.default_cluster_states } ) return result diff --git a/c7n/resources/firewall.py b/c7n/resources/firewall.py new file mode 100644 index 00000000000..8764dbea79a --- /dev/null +++ b/c7n/resources/firewall.py @@ -0,0 +1,63 @@ +# Copyright The Cloud Custodian Authors. +# SPDX-License-Identifier: Apache-2.0 + +from .aws import AWS +from c7n.query import ( + QueryResourceManager, TypeInfo, DescribeSource, ConfigSource) +from c7n.filters.vpc import VpcFilter, SubnetFilter + + +class FirewallDescribe(DescribeSource): + + def augment(self, resources): + resources = super().augment(resources) + for r in resources: + status = r.pop('FirewallStatus', {}) + r['Firewall']['UpdateToken'] = r['UpdateToken'] + r = r.pop('Firewall') + r['FirewallStatus'] = status + return resources + + +class FirewallConfig(ConfigSource): + + def load_resource(self, item): + resource = super().load_resource(item) + resource.update(resource.pop('Firewall')) + return resource + + +@AWS.resources.register('firewall') +class NetworkFirewall(QueryResourceManager): + """AWS Network Firewall + + https://docs.aws.amazon.com/network-firewall/latest/developerguide/what-is-aws-network-firewall.html + """ + source_mapping = { + 'describe': FirewallDescribe, + 'config': FirewallConfig + } + + class resource_type(TypeInfo): + + service = 'network-firewall' + enum_spec = ('list_firewalls', 'Firewalls', None) + arn = 'FirewallArn' + arn_type = 'firewall' + detail_spec = ('describe_firewall', 'FirewallArn', 'FirewallArn', '') + id = name = 'FirewallName' + cfn_type = config_type = 'AWS::NetworkFirewall::Firewall' + metrics_namespace = 'AWS/NetworkFirewall' + universal_taggable = object() + + +@NetworkFirewall.filter_registry.register('vpc') +class FirewallVpcFilter(VpcFilter): + + RelatedIdsExpression = 'VpcId' + + +@NetworkFirewall.filter_registry.register('subnet') +class FirewallSubnetFilter(SubnetFilter): + + RelatedIdsExpression = 'SubnetMappings[].SubnetId' diff --git a/c7n/resources/fsx.py b/c7n/resources/fsx.py index 7f59336d952..c428b5d4037 100644 --- a/c7n/resources/fsx.py +++ b/c7n/resources/fsx.py @@ -305,43 +305,11 @@ def process(self, resources): @FSx.filter_registry.register('kms-key') class KmsFilter(KmsRelatedFilter): - """ - Filter a resource by its associcated kms key and optionally the aliasname - of the kms key by using 'c7n:AliasName' - - :example: - .. code-block:: yaml - - policies: - - name: fsx-kms-key-filters - resource: fsx - filters: - - type: kms-key - key: c7n:AliasName - value: "^(alias/aws/fsx)" - op: regex - """ RelatedIdsExpression = 'KmsKeyId' @FSxBackup.filter_registry.register('kms-key') class KmsFilterFsxBackup(KmsRelatedFilter): - """ - Filter a resource by its associcated kms key and optionally the aliasname - of the kms key by using 'c7n:AliasName' - - :example: - .. code-block:: yaml - - policies: - - name: fsx-backup-kms-key-filters - resource: fsx-backup - filters: - - type: kms-key - key: c7n:AliasName - value: "^(alias/aws/fsx)" - op: regex - """ RelatedIdsExpression = 'KmsKeyId' diff --git a/c7n/resources/glue.py b/c7n/resources/glue.py index 5216badea91..836302f7595 100644 --- a/c7n/resources/glue.py +++ b/c7n/resources/glue.py @@ -22,7 +22,7 @@ class GlueConnection(QueryResourceManager): class resource_type(TypeInfo): service = 'glue' - enum_spec = ('get_connections', 'ConnectionList', None) + enum_spec = ('get_connections', 'ConnectionList', {'HidePassword': True}) id = name = 'Name' date = 'CreationTime' arn_type = "connection" @@ -405,23 +405,7 @@ class resource_type(TypeInfo): @GlueSecurityConfiguration.filter_registry.register('kms-key') class KmsFilter(KmsRelatedFilter): - """ - Filter a resource by its associcated kms key and optionally the alias name - of the kms key by using 'c7n:AliasName' - - :example: - - .. code-block:: yaml - policies: - - name: glue-security-configuration-kms-key - resource: glue-security-configuration - filters: - - type: kms-key - key: c7n:AliasName - value: "^(alias/aws/)" - op: regex - """ schema = type_schema( 'kms-key', rinherit=ValueFilter.schema, diff --git a/c7n/resources/health.py b/c7n/resources/health.py index 699f19dbe3c..fb9e497593c 100644 --- a/c7n/resources/health.py +++ b/c7n/resources/health.py @@ -15,9 +15,11 @@ class HealthEvents(QueryResourceManager): class resource_type(TypeInfo): service = 'health' + arn = 'arn' arn_type = 'event' enum_spec = ('describe_events', 'events', None) name = 'eventTypeCode' + global_resource = True id = 'arn' date = 'startTime' diff --git a/c7n/resources/hsm.py b/c7n/resources/hsm.py index 737b750b015..fa7dfbc77ff 100644 --- a/c7n/resources/hsm.py +++ b/c7n/resources/hsm.py @@ -1,5 +1,6 @@ # Copyright The Cloud Custodian Authors. # SPDX-License-Identifier: Apache-2.0 +from c7n.exceptions import ClientError from c7n.manager import resources from c7n.query import QueryResourceManager, TypeInfo from c7n.tags import universal_augment @@ -63,6 +64,15 @@ class resource_type(TypeInfo): name = 'Name' detail_spec = ("describe_hsm", "HsmArn", None, None) + def resources(self, query=None, augment=True): + try: + return super().resources(query, augment) + except ClientError as e: + # cloudhsm is not available for new accounts, use cloudhsmV2 + if 'service is unavailable' in str(e): + return [] + raise + @resources.register('hsm-hapg') class PartitionGroup(QueryResourceManager): diff --git a/c7n/resources/iam.py b/c7n/resources/iam.py index b45216ec304..dbc4c41f810 100644 --- a/c7n/resources/iam.py +++ b/c7n/resources/iam.py @@ -9,7 +9,9 @@ from datetime import timedelta import itertools import time -from xml.etree import ElementTree + +# Used to parse saml provider metadata configuration. +from xml.etree import ElementTree # nosec nosemgrep from concurrent.futures import as_completed from dateutil.tz import tzutc diff --git a/c7n/resources/kinesis.py b/c7n/resources/kinesis.py index c897a75c861..cdaf8e0b4e7 100644 --- a/c7n/resources/kinesis.py +++ b/c7n/resources/kinesis.py @@ -7,6 +7,7 @@ from c7n.filters.kms import KmsRelatedFilter from c7n.query import ConfigSource, DescribeSource, QueryResourceManager, TypeInfo from c7n.tags import universal_augment +from c7n.filters.vpc import SubnetFilter from c7n.utils import local_session, type_schema, get_retry @@ -278,6 +279,49 @@ def augment(self, resources): return universal_augment(self.manager, super().augment(resources)) +@resources.register('kinesis-analyticsv2') +class KinesisAnalyticsAppV2(QueryResourceManager): + + class resource_type(TypeInfo): + service = "kinesisanalyticsv2" + enum_spec = ('list_applications', 'ApplicationSummaries', None) + detail_spec = ('describe_application', 'ApplicationName', + 'ApplicationName', 'ApplicationDetail') + name = "ApplicationName" + arn = id = "ApplicationARN" + arn_type = 'application' + universal_taggable = object() + cfn_type = 'AWS::KinesisAnalyticsV2::Application' + permission_prefix = "kinesisanalytics" + + permissions = ("kinesisanalytics:DescribeApplication",) + + def augment(self, resources): + return universal_augment(self, super().augment(resources)) + + +@KinesisAnalyticsAppV2.action_registry.register('delete') +class KinesisAnalyticsAppV2Delete(Action): + + schema = type_schema('delete') + permissions = ("kinesisanalytics:DeleteApplication",) + + def process(self, resources): + client = local_session( + self.manager.session_factory).client('kinesisanalyticsv2') + for r in resources: + client.delete_application( + ApplicationName=r['ApplicationName'], + CreateTimestamp=r['CreateTimestamp']) + + +@KinesisAnalyticsAppV2.filter_registry.register('subnet') +class KinesisAnalyticsSubnetFilter(SubnetFilter): + + RelatedIdsExpression = 'ApplicationConfigurationDescription.' \ + 'VpcConfigurationDescriptions[].SubnetIds[]' + + @resources.register('kinesis-video') class KinesisVideoStream(QueryResourceManager): retry = staticmethod( @@ -329,22 +373,5 @@ def process(self, resources): @KinesisVideoStream.filter_registry.register('kms-key') class KmsFilterVideoStream(KmsRelatedFilter): - """ - Filter a resource by its associcated kms key and optionally the alias name - of the kms key by using 'c7n:AliasName' - - :example: - - .. code-block:: yaml - - policies: - - name: kinesis-video-stream-kms-key - resource: aws.kinesis-video - filters: - - type: kms-key - key: c7n:AliasName - value: "^(alias/aws/)" - op: regex - """ RelatedIdsExpression = 'KmsKeyId' diff --git a/c7n/resources/kms.py b/c7n/resources/kms.py index 38d52d89b85..f6101cd3500 100644 --- a/c7n/resources/kms.py +++ b/c7n/resources/kms.py @@ -3,6 +3,8 @@ from botocore.exceptions import ClientError import json +from collections import defaultdict +from functools import lru_cache from c7n.actions import RemovePolicyBase, BaseAction from c7n.filters import Filter, CrossAccountAccessFilter, ValueFilter @@ -52,32 +54,46 @@ def get_resources(self, ids, cache=True): return super().get_resources(ids, cache) def augment(self, resources): - aliases = KeyAlias(self.manager.ctx, {}).resources() - alias_map = {} - for a in aliases: - key_id = a['TargetKeyId'] - alias_map[key_id] = alias_map.get(key_id, []) + [a['AliasName']] - client = local_session(self.manager.session_factory).client('kms') for r in resources: - try: - key_id = r.get('KeyId') - key_arn = r.get('KeyArn', key_id) - info = client.describe_key(KeyId=key_arn)['KeyMetadata'] - if key_id in alias_map: - info['AliasNames'] = alias_map[key_id] - r.update(info) - except ClientError as e: - if e.response['Error']['Code'] == 'AccessDeniedException': - self.manager.log.warning( - "Access denied when describing key:%s", - key_id) - else: - raise + key_id = r.get('KeyId') + + # We get `KeyArn` from list_keys and `Arn` from describe_key. + # If we already have describe_key details we don't need to fetch + # it again. + if 'Arn' not in r: + try: + key_arn = r.get('KeyArn', key_id) + key_detail = client.describe_key(KeyId=key_arn)['KeyMetadata'] + r.update(key_detail) + except ClientError as e: + if e.response['Error']['Code'] == 'AccessDeniedException': + self.manager.log.warning( + "Access denied when describing key:%s", + key_id) + # If a describe fails, we still want the `Arn` key + # available since it is a core attribute + r['Arn'] = r['KeyArn'] + else: + raise + + alias_names = self.manager.alias_map.get(key_id) + if alias_names: + r['AliasNames'] = alias_names return universal_augment(self.manager, resources) +class ConfigKey(ConfigSource): + + def load_resource(self, item): + resource = super().load_resource(item) + alias_names = self.manager.alias_map.get(resource[self.manager.resource_type.id]) + if alias_names: + resource['AliasNames'] = alias_names + return resource + + @resources.register('kms-key') class Key(QueryResourceManager): @@ -92,10 +108,25 @@ class resource_type(TypeInfo): cfn_type = config_type = 'AWS::KMS::Key' source_mapping = { - 'config': ConfigSource, + 'config': ConfigKey, 'describe': DescribeKey } + @property + @lru_cache() + def alias_map(self): + """A dict mapping key IDs to aliases + + Fetch key aliases as a flat list, and convert it to a map of + key ID -> aliases. We can build this once and use it to + augment key resources. + """ + aliases = KeyAlias(self.ctx, {}).resources() + alias_map = defaultdict(list) + for a in aliases: + alias_map[a['TargetKeyId']].append(a['AliasName']) + return alias_map + @Key.filter_registry.register('key-rotation-status') class KeyRotationStatus(ValueFilter): diff --git a/c7n/resources/ml.py b/c7n/resources/ml.py index 58afa6acedf..a0c3c8663f3 100644 --- a/c7n/resources/ml.py +++ b/c7n/resources/ml.py @@ -22,6 +22,15 @@ class resource_type(TypeInfo): arn_type = "mlmodel" permissions_enum = ('machinelearning:DescribeMLModels',) + def resources(self, query=None, augment=True): + try: + return super().resources(query, augment) + except ClientError as e: + # ml not available to new accounts, use sagemaker. + if 'no longer available' in str(e): + return [] + raise + @MLModel.action_registry.register('delete') class DeleteMLModel(BaseAction): diff --git a/c7n/resources/mq.py b/c7n/resources/mq.py index 08099ffbf12..40780694d48 100644 --- a/c7n/resources/mq.py +++ b/c7n/resources/mq.py @@ -36,23 +36,7 @@ def augment(self, resources): @MessageBroker.filter_registry.register('kms-key') class KmsFilter(KmsRelatedFilter): - """ - Filter a resource by its associcated kms key and optionally the aliasname - of the kms key by using 'c7n:AliasName' - - :example: - .. code-block:: yaml - - policies: - - name: message-broker-kms-key-filter - resource: message-broker - filters: - - type: kms-key - key: c7n:AliasName - value: "^(alias/aws/mq)" - op: regex - """ RelatedIdsExpression = 'EncryptionOptions.KmsKeyId' diff --git a/c7n/resources/rdscluster.py b/c7n/resources/rdscluster.py index 12113b25a22..c48b0956c86 100644 --- a/c7n/resources/rdscluster.py +++ b/c7n/resources/rdscluster.py @@ -113,23 +113,7 @@ def process(self, resources, event=None): @RDSCluster.filter_registry.register('kms-key') class KmsFilter(KmsRelatedFilter): - """ - Filter a resource by its associcated kms key and optionally the aliasname - of the kms key by using 'c7n:AliasName' - - :example: - .. code-block:: yaml - - policies: - - name: rdscluster-kms-key-filter - resource: aws.rds-cluster - filters: - - type: kms-key - key: c7n:AliasName - value: "^(alias/aws/rds)" - op: regex - """ RelatedIdsExpression = 'KmsKeyId' diff --git a/c7n/resources/redshift.py b/c7n/resources/redshift.py index 145ba767dfc..38fb50b0d6c 100644 --- a/c7n/resources/redshift.py +++ b/c7n/resources/redshift.py @@ -302,23 +302,7 @@ def __call__(self, db): @Redshift.filter_registry.register('kms-key') class KmsFilter(KmsRelatedFilter): - """ - Filter a resource by its associcated kms key and optionally the aliasname - of the kms key by using 'c7n:AliasName' - - :example: - - .. code-block:: yaml - policies: - - name: redshift-kms-key-filters - resource: redshift - filters: - - type: kms-key - key: c7n:AliasName - value: "^(alias/aws/)" - op: regex - """ RelatedIdsExpression = 'KmsKeyId' diff --git a/c7n/resources/resource_map.py b/c7n/resources/resource_map.py index 8c898c55741..445f2ca9e17 100644 --- a/c7n/resources/resource_map.py +++ b/c7n/resources/resource_map.py @@ -69,6 +69,7 @@ "aws.event-bus": "c7n.resources.cw.EventBus", "aws.event-rule": "c7n.resources.cw.EventRule", "aws.event-rule-target": "c7n.resources.cw.EventRuleTarget", + "aws.firewall": "c7n.resources.firewall.NetworkFirewall", "aws.firehose": "c7n.resources.kinesis.DeliveryStream", "aws.fsx": "c7n.resources.fsx.FSx", "aws.fsx-backup": "c7n.resources.fsx.FSxBackup", @@ -109,6 +110,7 @@ "aws.key-pair": "c7n.resources.vpc.KeyPair", "aws.kinesis": "c7n.resources.kinesis.KinesisStream", "aws.kinesis-analytics": "c7n.resources.kinesis.AnalyticsApp", + "aws.kinesis-analyticsv2": "c7n.resources.kinesis.KinesisAnalyticsAppV2", "aws.kinesis-video": "c7n.resources.kinesis.KinesisVideoStream", "aws.kms": "c7n.resources.kms.KeyAlias", "aws.kms-key": "c7n.resources.kms.Key", diff --git a/c7n/resources/route53.py b/c7n/resources/route53.py index 42846635673..33ae1338b17 100644 --- a/c7n/resources/route53.py +++ b/c7n/resources/route53.py @@ -113,7 +113,7 @@ class ResourceRecordSet(ChildResourceManager): class resource_type(TypeInfo): service = 'route53' arn_type = 'rrset' - parent_spec = ('hostedzone', 'HostedZoneId', None) + parent_spec = ('hostedzone', 'HostedZoneId', True) enum_spec = ('list_resource_record_sets', 'ResourceRecordSets', None) name = id = 'Name' cfn_type = 'AWS::Route53::RecordSet' @@ -127,6 +127,7 @@ class resource_type(TypeInfo): arn_type = 'r53domain' enum_spec = ('list_domains', 'Domains', None) name = id = 'DomainName' + global_resource = True permissions = ('route53domains:ListTagsForDomain',) diff --git a/c7n/resources/sagemaker.py b/c7n/resources/sagemaker.py index 5b077b7db5c..e438f9f64d6 100644 --- a/c7n/resources/sagemaker.py +++ b/c7n/resources/sagemaker.py @@ -565,30 +565,7 @@ class NotebookSubnetFilter(SubnetFilter): @NotebookInstance.filter_registry.register('kms-key') @SagemakerEndpointConfig.filter_registry.register('kms-key') class NotebookKmsFilter(KmsRelatedFilter): - """ - Filter a resource by its associcated kms key and optionally the aliasname - of the kms key by using 'c7n:AliasName' - - :example: - - .. code-block:: yaml - policies: - - name: sagemaker-kms-key-filters - resource: aws.sagemaker-notebook - filters: - - type: kms-key - key: c7n:AliasName - value: "^(alias/aws/sagemaker)" - op: regex - - - name: sagemaker-endpoint-kms-key-filters - resource: aws.sagemaker-endpoint-config - filters: - - type: kms-key - key: c7n:AliasName - value: "alias/aws/sagemaker" - """ RelatedIdsExpression = "KmsKeyId" diff --git a/c7n/resources/secretsmanager.py b/c7n/resources/secretsmanager.py index 8a6c368339b..33dcb3b7834 100644 --- a/c7n/resources/secretsmanager.py +++ b/c7n/resources/secretsmanager.py @@ -63,7 +63,7 @@ class TagSecretsManagerResource(Tag): def process_resource_set(self, client, resources, new_tags): for r in resources: - tags = {t['Key']: t['Value'] for t in r['Tags']} + tags = {t['Key']: t['Value'] for t in r.get('Tags', ())} for t in new_tags: tags[t['Key']] = t['Value'] formatted_tags = [{'Key': k, 'Value': v} for k, v in tags.items()] diff --git a/c7n/resources/securityhub.py b/c7n/resources/securityhub.py index 5412bbecefd..0910c3ccbb9 100644 --- a/c7n/resources/securityhub.py +++ b/c7n/resources/securityhub.py @@ -446,12 +446,12 @@ def get_finding(self, resources, existing_finding_id, created_at, updated_at): if existing_finding_id: finding_id = existing_finding_id else: - finding_id = '{}/{}/{}/{}'.format( + finding_id = '{}/{}/{}/{}'.format( # nosec self.manager.config.region, self.manager.config.account_id, - hashlib.md5(json.dumps( + hashlib.md5(json.dumps( # nosemgrep policy.data).encode('utf8')).hexdigest(), - hashlib.md5(json.dumps(list(sorted( + hashlib.md5(json.dumps(list(sorted( # nosemgrep [r[model.id] for r in resources]))).encode( 'utf8')).hexdigest()) finding = { diff --git a/c7n/resources/sns.py b/c7n/resources/sns.py index 817a46ad123..09a4891593a 100644 --- a/c7n/resources/sns.py +++ b/c7n/resources/sns.py @@ -348,22 +348,6 @@ def process(self, resources): @SNS.filter_registry.register('kms-key') class KmsFilter(KmsRelatedFilter): - """ - Filters SNS topic by kms key and optionally the aliasname - of the kms key by using 'c7n:AliasName' - - :example: - - .. code-block:: yaml - - policies: - - name: sns-encrypt-key-check - resource: sns - filters: - - type: kms-key - key: c7n:AliasName - value: alias/aws/sns - """ RelatedIdsExpression = 'KmsMasterKeyId' diff --git a/c7n/resources/sqs.py b/c7n/resources/sqs.py index 261c374b636..606d1e0905f 100644 --- a/c7n/resources/sqs.py +++ b/c7n/resources/sqs.py @@ -124,29 +124,7 @@ class SQSCrossAccount(CrossAccountAccessFilter): @SQS.filter_registry.register('kms-key') class KmsFilter(KmsRelatedFilter): - """ - Filter a resource by its associcated kms key and optionally the aliasname - of the kms key by using 'c7n:AliasName' - The KmsMasterId returned for SQS sometimes has the alias name directly in the value. - - :example: - .. code-block:: yaml - - policies: - - name: sqs-kms-key-filters - resource: aws.sqs - filters: - - or: - - type: value - key: KmsMasterKeyId - value: "^(alias/aws/)" - op: regex - - type: kms-key - key: c7n:AliasName - value: "^(alias/aws/)" - op: regex - """ RelatedIdsExpression = 'KmsMasterKeyId' diff --git a/c7n/resources/ssm.py b/c7n/resources/ssm.py index a994b220023..baaa0d4b698 100644 --- a/c7n/resources/ssm.py +++ b/c7n/resources/ssm.py @@ -548,7 +548,7 @@ def get_item_template(self): self.manager.config.region, self.manager.config.account_id)).encode('utf8') # size restrictions on this value is 4-20, digest is 32 - dedup = hashlib.md5(dedup).hexdigest()[:20] + dedup = hashlib.md5(dedup).hexdigest()[:20] # nosec nosemgrep i = dict( Title=title, diff --git a/c7n/resources/support.py b/c7n/resources/support.py index ac18ad62310..75d19b8873c 100644 --- a/c7n/resources/support.py +++ b/c7n/resources/support.py @@ -10,6 +10,7 @@ class SupportCase(QueryResourceManager): class resource_type(TypeInfo): service = 'support' enum_spec = ('describe_cases', 'cases', None) + global_resource = True filter_name = 'caseIdList' filter_type = 'list' id = 'caseId' diff --git a/c7n/resources/vpc.py b/c7n/resources/vpc.py index bca94dc9143..5a2f032b423 100644 --- a/c7n/resources/vpc.py +++ b/c7n/resources/vpc.py @@ -1781,6 +1781,7 @@ class resource_type(query.TypeInfo): enum_spec = ('describe_transit_gateways', 'TransitGateways', None) name = id = 'TransitGatewayId' arn = "TransitGatewayArn" + id_prefix = "tgw-" filter_name = 'TransitGatewayIds' filter_type = 'list' cfn_type = 'AWS::EC2::TransitGateway' @@ -1810,6 +1811,7 @@ class resource_type(query.TypeInfo): service = 'ec2' enum_spec = ('describe_transit_gateway_attachments', 'TransitGatewayAttachments', None) parent_spec = ('transit-gateway', 'transit-gateway-id', None) + id_prefix = 'tgw-attach-' name = id = 'TransitGatewayAttachmentId' arn = False cfn_type = 'AWS::EC2::TransitGatewayAttachment' @@ -2003,6 +2005,7 @@ class resource_type(query.TypeInfo): enum_spec = ('describe_addresses', 'Addresses', None) name = 'PublicIp' id = 'AllocationId' + id_prefix = 'eipalloc-' filter_name = 'AllocationIds' filter_type = 'list' config_type = "AWS::EC2::EIP" @@ -2295,6 +2298,7 @@ class resource_type(query.TypeInfo): enum_spec = ('describe_key_pairs', 'KeyPairs', None) name = 'KeyName' id = 'KeyPairId' + id_prefix = 'key-' filter_name = 'KeyNames' diff --git a/c7n/resources/workspaces.py b/c7n/resources/workspaces.py index fd857f163c4..b897d06472b 100644 --- a/c7n/resources/workspaces.py +++ b/c7n/resources/workspaces.py @@ -89,21 +89,5 @@ def get_resource_value(self, k, i): @Workspace.filter_registry.register('kms-key') class KmsFilter(KmsRelatedFilter): - """ - Filter a resource by its associcated kms key and optionally the aliasname - of the kms key by using 'c7n:AliasName' - - :example: - .. code-block:: yaml - - policies: - - name: workspace-kms-key-filter - resource: workspaces - filters: - - type: kms-key - key: c7n:AliasName - value: "^(alias/aws/workspaces)" - op: regex - """ RelatedIdsExpression = 'VolumeEncryptionKey' diff --git a/c7n/tags.py b/c7n/tags.py index 745fd356178..2e817cdc915 100644 --- a/c7n/tags.py +++ b/c7n/tags.py @@ -810,6 +810,25 @@ def process(self, resources): class UniversalTag(Tag): """Applies one or more tags to the specified resources. + + :example: + + .. code-block :: yaml + + policies: + - name: multiple-tags-example + comment: | + Tags any secrets missing either the Environment or ResourceOwner tag + resource: aws.secrets-manager + filters: + - or: + - "tag:Environment": absent + - "tag:ResourceOwner": absent + actions: + - type: tag + tags: + Environment: Staging + ResourceOwner: Avengers """ batch_size = 20 diff --git a/c7n/version.py b/c7n/version.py index 812e52aff37..fbea9c94274 100644 --- a/c7n/version.py +++ b/c7n/version.py @@ -1,2 +1,2 @@ # Generated via tools/dev/poetrypkg.py -version = "0.9.11" +version = "0.9.12" diff --git a/poetry.lock b/poetry.lock index f5af51a509a..3773fb6258a 100644 --- a/poetry.lock +++ b/poetry.lock @@ -8,14 +8,14 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" [[package]] name = "argcomplete" -version = "1.12.2" +version = "1.12.3" description = "Bash tab completion for argparse" category = "main" optional = false python-versions = "*" [package.dependencies] -importlib-metadata = {version = ">=0.23,<4", markers = "python_version == \"3.6\" or python_version == \"3.7\""} +importlib-metadata = {version = ">=0.23,<5", markers = "python_version == \"3.6\" or python_version == \"3.7\""} [package.extras] test = ["coverage", "flake8", "pexpect", "wheel"] @@ -44,7 +44,7 @@ tests_no_zope = ["coverage[toml] (>=5.0.2)", "hypothesis", "pympler", "pytest (> [[package]] name = "aws-xray-sdk" -version = "2.6.0" +version = "2.7.0" description = "The AWS X-Ray SDK for Python (the SDK) enables Python developers to record and emit information from within their applications to the AWS X-Ray service." category = "dev" optional = false @@ -53,7 +53,6 @@ python-versions = "*" [package.dependencies] botocore = ">=1.11.3" future = "*" -jsonpickle = "*" wrapt = "*" [[package]] @@ -71,20 +70,20 @@ webencodings = "*" [[package]] name = "boto3" -version = "1.17.33" +version = "1.17.57" description = "The AWS SDK for Python" category = "main" optional = false python-versions = ">= 2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" [package.dependencies] -botocore = ">=1.20.33,<1.21.0" +botocore = ">=1.20.57,<1.21.0" jmespath = ">=0.7.1,<1.0.0" -s3transfer = ">=0.3.0,<0.4.0" +s3transfer = ">=0.4.0,<0.5.0" [[package]] name = "botocore" -version = "1.20.33" +version = "1.20.57" description = "Low-level, data-driven core of boto 3." category = "main" optional = false @@ -96,7 +95,7 @@ python-dateutil = ">=2.1,<3.0.0" urllib3 = ">=1.25.4,<1.27" [package.extras] -crt = ["awscrt (==0.10.8)"] +crt = ["awscrt (==0.11.11)"] [[package]] name = "certifi" @@ -154,7 +153,7 @@ toml = ["toml"] [[package]] name = "cryptography" -version = "3.4.6" +version = "3.4.7" description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers." category = "dev" optional = false @@ -173,7 +172,7 @@ test = ["pytest (>=6.0)", "pytest-cov", "pytest-subtests", "pytest-xdist", "pret [[package]] name = "docutils" -version = "0.16" +version = "0.17.1" description = "Docutils -- Python Documentation Utilities" category = "dev" optional = false @@ -195,7 +194,7 @@ testing = ["pre-commit"] [[package]] name = "flake8" -version = "3.9.0" +version = "3.9.1" description = "the modular source code checker: pep8 pyflakes and co" category = "dev" optional = false @@ -225,7 +224,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" [[package]] name = "importlib-metadata" -version = "3.7.3" +version = "4.0.1" description = "Read metadata from Python packages" category = "main" optional = false @@ -237,7 +236,7 @@ zipp = ">=0.5" [package.extras] docs = ["sphinx", "jaraco.packaging (>=8.2)", "rst.linker (>=1.9)"] -testing = ["pytest (>=3.5,!=3.7.3)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pytest-cov", "pytest-enabler", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] +testing = ["pytest (>=4.6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-cov", "pytest-enabler (>=1.0.1)", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] [[package]] name = "iniconfig" @@ -277,14 +276,6 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" [package.dependencies] jsonpointer = ">=1.9" -[[package]] -name = "jsonpickle" -version = "1.3" -description = "Python library for serializing any arbitrary object graph into JSON" -category = "main" -optional = false -python-versions = "*" - [[package]] name = "jsonpointer" version = "2.1" @@ -313,7 +304,7 @@ format_nongpl = ["idna", "jsonpointer (>1.13)", "webcolors", "rfc3986-validator [[package]] name = "keyring" -version = "23.0.0" +version = "23.0.1" description = "Store and access your passwords safely." category = "dev" optional = false @@ -327,7 +318,7 @@ SecretStorage = {version = ">=3.2", markers = "sys_platform == \"linux\""} [package.extras] docs = ["sphinx", "jaraco.packaging (>=8.2)", "rst.linker (>=1.9)"] -testing = ["pytest (>=4.6)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pytest-cov", "pytest-enabler", "pytest-black (>=0.3.7)", "pytest-mypy"] +testing = ["pytest (>=4.6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-cov", "pytest-enabler (>=1.0.1)", "pytest-black (>=0.3.7)", "pytest-mypy"] [[package]] name = "mccabe" @@ -350,14 +341,6 @@ build = ["twine", "wheel", "blurb"] docs = ["sphinx"] test = ["pytest (<5.4)", "pytest-cov"] -[[package]] -name = "more-itertools" -version = "8.7.0" -description = "More routines for operating on iterables, beyond itertools" -category = "dev" -optional = false -python-versions = ">=3.5" - [[package]] name = "multidict" version = "5.1.0" @@ -462,7 +445,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" [[package]] name = "pyflakes" -version = "2.3.0" +version = "2.3.1" description = "passive checker of Python programs" category = "dev" optional = false @@ -494,26 +477,24 @@ python-versions = ">=3.5" [[package]] name = "pytest" -version = "6.0.2" +version = "6.2.3" description = "pytest: simple powerful testing with Python" category = "dev" optional = false -python-versions = ">=3.5" +python-versions = ">=3.6" [package.dependencies] atomicwrites = {version = ">=1.0", markers = "sys_platform == \"win32\""} -attrs = ">=17.4.0" +attrs = ">=19.2.0" colorama = {version = "*", markers = "sys_platform == \"win32\""} importlib-metadata = {version = ">=0.12", markers = "python_version < \"3.8\""} iniconfig = "*" -more-itertools = ">=4.0.0" packaging = "*" -pluggy = ">=0.12,<1.0" +pluggy = ">=0.12,<1.0.0a1" py = ">=1.8.2" toml = "*" [package.extras] -checkqa_mypy = ["mypy (==0.780)"] testing = ["argcomplete", "hypothesis (>=3.56)", "mock", "nose", "requests", "xmlschema"] [[package]] @@ -558,7 +539,7 @@ termcolor = ">=1.1.0" [[package]] name = "pytest-terraform" -version = "0.5.2" +version = "0.5.3" description = "A pytest plugin for using terraform fixtures" category = "dev" optional = false @@ -567,7 +548,7 @@ python-versions = ">=3.6,<4.0" [package.dependencies] jmespath = ">=0.10.0,<0.11.0" portalocker = ">=1.7.0,<2.0.0" -pytest = ">=6.0.0,<6.1.0" +pytest = ">=6.0,<7.0" pytest-xdist = ">=1.31.0" [[package]] @@ -681,7 +662,7 @@ idna2008 = ["idna"] [[package]] name = "s3transfer" -version = "0.3.6" +version = "0.4.2" description = "An Amazon S3 Transfer Manager" category = "main" optional = false @@ -690,6 +671,9 @@ python-versions = "*" [package.dependencies] botocore = ">=1.12.36,<2.0a.0" +[package.extras] +crt = ["botocore[crt] (>=1.20.29,<2.0a.0)"] + [[package]] name = "secretstorage" version = "3.3.1" @@ -739,7 +723,7 @@ python-versions = ">=2.6, !=3.0.*, !=3.1.*, !=3.2.*" [[package]] name = "tqdm" -version = "4.59.0" +version = "4.60.0" description = "Fast, Extensible Progress Meter" category = "dev" optional = false @@ -848,7 +832,7 @@ testing = ["pytest (>=4.6)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pyt [metadata] lock-version = "1.1" python-versions = "^3.6" -content-hash = "d87a9fe5b8beb289f57bbdf82cdba7c5cedaf8745732b73994ac95cb52084efc" +content-hash = "aaee5dea3803fff02da6646517366d2ac0913548f09e464020b68aefb5d19de1" [metadata.files] apipkg = [ @@ -856,8 +840,8 @@ apipkg = [ {file = "apipkg-1.5.tar.gz", hash = "sha256:37228cda29411948b422fae072f57e31d3396d2ee1c9783775980ee9c9990af6"}, ] argcomplete = [ - {file = "argcomplete-1.12.2-py2.py3-none-any.whl", hash = "sha256:17f01a9b9b9ece3e6b07058eae737ad6e10de8b4e149105f84614783913aba71"}, - {file = "argcomplete-1.12.2.tar.gz", hash = "sha256:de0e1282330940d52ea92a80fea2e4b9e0da1932aaa570f84d268939d1897b04"}, + {file = "argcomplete-1.12.3-py2.py3-none-any.whl", hash = "sha256:291f0beca7fd49ce285d2f10e4c1c77e9460cf823eef2de54df0c0fec88b0d81"}, + {file = "argcomplete-1.12.3.tar.gz", hash = "sha256:2c7dbffd8c045ea534921e63b0be6fe65e88599990d8dc408ac8c542b72a5445"}, ] atomicwrites = [ {file = "atomicwrites-1.4.0-py2.py3-none-any.whl", hash = "sha256:6d1784dea7c0c8d4a5172b6c620f40b6e4cbfdf96d783691f2e1302a7b88e197"}, @@ -868,20 +852,20 @@ attrs = [ {file = "attrs-20.3.0.tar.gz", hash = "sha256:832aa3cde19744e49938b91fea06d69ecb9e649c93ba974535d08ad92164f700"}, ] aws-xray-sdk = [ - {file = "aws-xray-sdk-2.6.0.tar.gz", hash = "sha256:abf5b90f740e1f402e23414c9670e59cb9772e235e271fef2bce62b9100cbc77"}, - {file = "aws_xray_sdk-2.6.0-py2.py3-none-any.whl", hash = "sha256:076f7c610cd3564bbba3507d43e328fb6ff4a2e841d3590f39b2c3ce99d41e1d"}, + {file = "aws-xray-sdk-2.7.0.tar.gz", hash = "sha256:697c9068e84dd5d2c1456def3fd0865f226046b5db4db56d738050e425960adf"}, + {file = "aws_xray_sdk-2.7.0-py2.py3-none-any.whl", hash = "sha256:e7b72959436471f0eb7b6757ffef289ecf16409954f1be7be7f49d57070e5994"}, ] bleach = [ {file = "bleach-3.3.0-py2.py3-none-any.whl", hash = "sha256:6123ddc1052673e52bab52cdc955bcb57a015264a1c57d37bea2f6b817af0125"}, {file = "bleach-3.3.0.tar.gz", hash = "sha256:98b3170739e5e83dd9dc19633f074727ad848cbedb6026708c8ac2d3b697a433"}, ] boto3 = [ - {file = "boto3-1.17.33-py2.py3-none-any.whl", hash = "sha256:3306dad87f993703b102a0a70ca19c549b7f41e7f70fa7b4c579735c9f79351d"}, - {file = "boto3-1.17.33.tar.gz", hash = "sha256:0cac2fffc1ba915f7bb5ecee539318532db51f218c928a228fafe3e501e9472e"}, + {file = "boto3-1.17.57-py2.py3-none-any.whl", hash = "sha256:2783947ec34dd84fc36093e8fc8a9a24679cf912a97bc9a0c47f4966ed059a29"}, + {file = "boto3-1.17.57.tar.gz", hash = "sha256:6b4a79691a48740816f03c4cb1e8ef46f8335ad2019d9c4a95da73eb5cb98f05"}, ] botocore = [ - {file = "botocore-1.20.33-py2.py3-none-any.whl", hash = "sha256:a33e862685259fe22d9790d9c9f3567feda8b824d44d3c62a3617af1133543a4"}, - {file = "botocore-1.20.33.tar.gz", hash = "sha256:e355305309699d3aca1e0050fc21d48595b40db046cb0d2491cd57ff5b26920b"}, + {file = "botocore-1.20.57-py2.py3-none-any.whl", hash = "sha256:fa430bc773363a3d332c11c55bd8c0c0a5819d576121eb6990528a1bdaa89bcd"}, + {file = "botocore-1.20.57.tar.gz", hash = "sha256:ae4ac72921f23d35ad54a5fb0989fc00c6fff8a39e24f26128b9315cc6209fec"}, ] certifi = [ {file = "certifi-2020.12.5-py2.py3-none-any.whl", hash = "sha256:719a74fb9e33b9bd44cc7f3a8d94bc35e4049deebe19ba7d8e108280cfd59830"}, @@ -993,25 +977,30 @@ coverage = [ {file = "coverage-5.5.tar.gz", hash = "sha256:ebe78fe9a0e874362175b02371bdfbee64d8edc42a044253ddf4ee7d3c15212c"}, ] cryptography = [ - {file = "cryptography-3.4.6-cp36-abi3-macosx_10_10_x86_64.whl", hash = "sha256:57ad77d32917bc55299b16d3b996ffa42a1c73c6cfa829b14043c561288d2799"}, - {file = "cryptography-3.4.6-cp36-abi3-manylinux2010_x86_64.whl", hash = "sha256:93cfe5b7ff006de13e1e89830810ecbd014791b042cbe5eec253be11ac2b28f3"}, - {file = "cryptography-3.4.6-cp36-abi3-manylinux2014_aarch64.whl", hash = "sha256:5ecf2bcb34d17415e89b546dbb44e73080f747e504273e4d4987630493cded1b"}, - {file = "cryptography-3.4.6-cp36-abi3-manylinux2014_x86_64.whl", hash = "sha256:fec7fb46b10da10d9e1d078d1ff8ed9e05ae14f431fdbd11145edd0550b9a964"}, - {file = "cryptography-3.4.6-cp36-abi3-win32.whl", hash = "sha256:df186fcbf86dc1ce56305becb8434e4b6b7504bc724b71ad7a3239e0c9d14ef2"}, - {file = "cryptography-3.4.6-cp36-abi3-win_amd64.whl", hash = "sha256:66b57a9ca4b3221d51b237094b0303843b914b7d5afd4349970bb26518e350b0"}, - {file = "cryptography-3.4.6.tar.gz", hash = "sha256:2d32223e5b0ee02943f32b19245b61a62db83a882f0e76cc564e1cec60d48f87"}, + {file = "cryptography-3.4.7-cp36-abi3-macosx_10_10_x86_64.whl", hash = "sha256:3d8427734c781ea5f1b41d6589c293089704d4759e34597dce91014ac125aad1"}, + {file = "cryptography-3.4.7-cp36-abi3-macosx_11_0_arm64.whl", hash = "sha256:8e56e16617872b0957d1c9742a3f94b43533447fd78321514abbe7db216aa250"}, + {file = "cryptography-3.4.7-cp36-abi3-manylinux2010_x86_64.whl", hash = "sha256:37340614f8a5d2fb9aeea67fd159bfe4f5f4ed535b1090ce8ec428b2f15a11f2"}, + {file = "cryptography-3.4.7-cp36-abi3-manylinux2014_aarch64.whl", hash = "sha256:240f5c21aef0b73f40bb9f78d2caff73186700bf1bc6b94285699aff98cc16c6"}, + {file = "cryptography-3.4.7-cp36-abi3-manylinux2014_x86_64.whl", hash = "sha256:1e056c28420c072c5e3cb36e2b23ee55e260cb04eee08f702e0edfec3fb51959"}, + {file = "cryptography-3.4.7-cp36-abi3-win32.whl", hash = "sha256:0f1212a66329c80d68aeeb39b8a16d54ef57071bf22ff4e521657b27372e327d"}, + {file = "cryptography-3.4.7-cp36-abi3-win_amd64.whl", hash = "sha256:de4e5f7f68220d92b7637fc99847475b59154b7a1b3868fb7385337af54ac9ca"}, + {file = "cryptography-3.4.7-pp36-pypy36_pp73-manylinux2010_x86_64.whl", hash = "sha256:26965837447f9c82f1855e0bc8bc4fb910240b6e0d16a664bb722df3b5b06873"}, + {file = "cryptography-3.4.7-pp36-pypy36_pp73-manylinux2014_x86_64.whl", hash = "sha256:eb8cc2afe8b05acbd84a43905832ec78e7b3873fb124ca190f574dca7389a87d"}, + {file = "cryptography-3.4.7-pp37-pypy37_pp73-manylinux2010_x86_64.whl", hash = "sha256:7ec5d3b029f5fa2b179325908b9cd93db28ab7b85bb6c1db56b10e0b54235177"}, + {file = "cryptography-3.4.7-pp37-pypy37_pp73-manylinux2014_x86_64.whl", hash = "sha256:ee77aa129f481be46f8d92a1a7db57269a2f23052d5f2433b4621bb457081cc9"}, + {file = "cryptography-3.4.7.tar.gz", hash = "sha256:3d10de8116d25649631977cb37da6cbdd2d6fa0e0281d014a5b7d337255ca713"}, ] docutils = [ - {file = "docutils-0.16-py2.py3-none-any.whl", hash = "sha256:0c5b78adfbf7762415433f5515cd5c9e762339e23369dbe8000d84a4bf4ab3af"}, - {file = "docutils-0.16.tar.gz", hash = "sha256:c2de3a60e9e7d07be26b7f2b00ca0309c207e06c100f9cc2a94931fc75a478fc"}, + {file = "docutils-0.17.1-py2.py3-none-any.whl", hash = "sha256:cf316c8370a737a022b72b56874f6602acf974a37a9fba42ec2876387549fc61"}, + {file = "docutils-0.17.1.tar.gz", hash = "sha256:686577d2e4c32380bb50cbb22f575ed742d58168cee37e99117a854bcd88f125"}, ] execnet = [ {file = "execnet-1.8.0-py2.py3-none-any.whl", hash = "sha256:7a13113028b1e1cc4c6492b28098b3c6576c9dccc7973bfe47b342afadafb2ac"}, {file = "execnet-1.8.0.tar.gz", hash = "sha256:b73c5565e517f24b62dea8a5ceac178c661c4309d3aa0c3e420856c072c411b4"}, ] flake8 = [ - {file = "flake8-3.9.0-py2.py3-none-any.whl", hash = "sha256:12d05ab02614b6aee8df7c36b97d1a3b2372761222b19b58621355e82acddcff"}, - {file = "flake8-3.9.0.tar.gz", hash = "sha256:78873e372b12b093da7b5e5ed302e8ad9e988b38b063b61ad937f26ca58fc5f0"}, + {file = "flake8-3.9.1-py2.py3-none-any.whl", hash = "sha256:3b9f848952dddccf635be78098ca75010f073bfe14d2c6bda867154bea728d2a"}, + {file = "flake8-3.9.1.tar.gz", hash = "sha256:1aa8990be1e689d96c745c5682b687ea49f2e05a443aff1f8251092b0014e378"}, ] future = [ {file = "future-0.18.2.tar.gz", hash = "sha256:b1bead90b70cf6ec3f0710ae53a525360fa360d306a86583adc6bf83a4db537d"}, @@ -1021,8 +1010,8 @@ idna = [ {file = "idna-2.10.tar.gz", hash = "sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6"}, ] importlib-metadata = [ - {file = "importlib_metadata-3.7.3-py3-none-any.whl", hash = "sha256:b74159469b464a99cb8cc3e21973e4d96e05d3024d337313fedb618a6e86e6f4"}, - {file = "importlib_metadata-3.7.3.tar.gz", hash = "sha256:742add720a20d0467df2f444ae41704000f50e1234f46174b51f9c6031a1bd71"}, + {file = "importlib_metadata-4.0.1-py3-none-any.whl", hash = "sha256:d7eb1dea6d6a6086f8be21784cc9e3bcfa55872b52309bc5fad53a8ea444465d"}, + {file = "importlib_metadata-4.0.1.tar.gz", hash = "sha256:8c501196e49fb9df5df43833bdb1e4328f64847763ec8a50703148b73784d581"}, ] iniconfig = [ {file = "iniconfig-1.1.1-py2.py3-none-any.whl", hash = "sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3"}, @@ -1040,10 +1029,6 @@ jsonpatch = [ {file = "jsonpatch-1.32-py2.py3-none-any.whl", hash = "sha256:26ac385719ac9f54df8a2f0827bb8253aa3ea8ab7b3368457bcdb8c14595a397"}, {file = "jsonpatch-1.32.tar.gz", hash = "sha256:b6ddfe6c3db30d81a96aaeceb6baf916094ffa23d7dd5fa2c13e13f8b6e600c2"}, ] -jsonpickle = [ - {file = "jsonpickle-1.3-py2.py3-none-any.whl", hash = "sha256:efc6839cb341985f0c24f98650a4c1063a2877c236ffd3d7e1662f0c482bac93"}, - {file = "jsonpickle-1.3.tar.gz", hash = "sha256:71bca2b80ae28af4e3f86629ef247100af7f97032b5ca8d791c1f8725b411d95"}, -] jsonpointer = [ {file = "jsonpointer-2.1-py2.py3-none-any.whl", hash = "sha256:150f80c5badd02c757da6644852f612f88e8b4bc2f9852dcbf557c8738919686"}, {file = "jsonpointer-2.1.tar.gz", hash = "sha256:5a34b698db1eb79ceac454159d3f7c12a451a91f6334a4f638454327b7a89962"}, @@ -1053,8 +1038,8 @@ jsonschema = [ {file = "jsonschema-3.2.0.tar.gz", hash = "sha256:c8a85b28d377cc7737e46e2d9f2b4f44ee3c0e1deac6bf46ddefc7187d30797a"}, ] keyring = [ - {file = "keyring-23.0.0-py3-none-any.whl", hash = "sha256:29f407fd5509c014a6086f17338c70215c8d1ab42d5d49e0254273bc0a64bbfc"}, - {file = "keyring-23.0.0.tar.gz", hash = "sha256:237ff44888ba9b3918a7dcb55c8f1db909c95b6f071bfb46c6918f33f453a68a"}, + {file = "keyring-23.0.1-py3-none-any.whl", hash = "sha256:8f607d7d1cc502c43a932a275a56fe47db50271904513a379d39df1af277ac48"}, + {file = "keyring-23.0.1.tar.gz", hash = "sha256:045703609dd3fccfcdb27da201684278823b72af515aedec1a8515719a038cb8"}, ] mccabe = [ {file = "mccabe-0.6.1-py2.py3-none-any.whl", hash = "sha256:ab8a6258860da4b6677da4bd2fe5dc2c659cff31b3ee4f7f5d64e79735b80d42"}, @@ -1064,10 +1049,6 @@ mock = [ {file = "mock-4.0.3-py3-none-any.whl", hash = "sha256:122fcb64ee37cfad5b3f48d7a7d51875d7031aaf3d8be7c42e2bee25044eee62"}, {file = "mock-4.0.3.tar.gz", hash = "sha256:7d3fbbde18228f4ff2f1f119a45cdffa458b4c0dee32eb4d2bb2f82554bac7bc"}, ] -more-itertools = [ - {file = "more-itertools-8.7.0.tar.gz", hash = "sha256:c5d6da9ca3ff65220c3bfd2a8db06d698f05d4d2b9be57e1deb2be5a45019713"}, - {file = "more_itertools-8.7.0-py3-none-any.whl", hash = "sha256:5652a9ac72209ed7df8d9c15daf4e1aa0e3d2ccd3c87f8265a0673cd9cbc9ced"}, -] multidict = [ {file = "multidict-5.1.0-cp36-cp36m-macosx_10_14_x86_64.whl", hash = "sha256:b7993704f1a4b204e71debe6095150d43b2ee6150fa4f44d6d966ec356a8d61f"}, {file = "multidict-5.1.0-cp36-cp36m-manylinux1_i686.whl", hash = "sha256:9dd6e9b1a913d096ac95d0399bd737e00f2af1e1594a787e00f7975778c8b2bf"}, @@ -1169,8 +1150,8 @@ pycparser = [ {file = "pycparser-2.20.tar.gz", hash = "sha256:2d475327684562c3a96cc71adf7dc8c4f0565175cf86b6d7a404ff4c771f15f0"}, ] pyflakes = [ - {file = "pyflakes-2.3.0-py2.py3-none-any.whl", hash = "sha256:910208209dcea632721cb58363d0f72913d9e8cf64dc6f8ae2e02a3609aba40d"}, - {file = "pyflakes-2.3.0.tar.gz", hash = "sha256:e59fd8e750e588358f1b8885e5a4751203a0516e0ee6d34811089ac294c8806f"}, + {file = "pyflakes-2.3.1-py2.py3-none-any.whl", hash = "sha256:7893783d01b8a89811dd72d7dfd4d84ff098e5eed95cfa8905b22bbffe52efc3"}, + {file = "pyflakes-2.3.1.tar.gz", hash = "sha256:f5bc8ecabc05bb9d291eb5203d6810b49040f6ff446a756326104746cc00c1db"}, ] pygments = [ {file = "Pygments-2.8.1-py3-none-any.whl", hash = "sha256:534ef71d539ae97d4c3a4cf7d6f110f214b0e687e92f9cb9d2a3b0d3101289c8"}, @@ -1184,8 +1165,8 @@ pyrsistent = [ {file = "pyrsistent-0.17.3.tar.gz", hash = "sha256:2e636185d9eb976a18a8a8e96efce62f2905fea90041958d8cc2a189756ebf3e"}, ] pytest = [ - {file = "pytest-6.0.2-py3-none-any.whl", hash = "sha256:0e37f61339c4578776e090c3b8f6b16ce4db333889d65d0efb305243ec544b40"}, - {file = "pytest-6.0.2.tar.gz", hash = "sha256:c8f57c2a30983f469bf03e68cdfa74dc474ce56b8f280ddcb080dfd91df01043"}, + {file = "pytest-6.2.3-py3-none-any.whl", hash = "sha256:6ad9c7bdf517a808242b998ac20063c41532a570d088d77eec1ee12b0b5574bc"}, + {file = "pytest-6.2.3.tar.gz", hash = "sha256:671238a46e4df0f3498d1c3270e5deb9b32d25134c99b7d75370a68cfbe9b634"}, ] pytest-cov = [ {file = "pytest-cov-2.11.1.tar.gz", hash = "sha256:359952d9d39b9f822d9d29324483e7ba04a3a17dd7d05aa6beb7ea01e359e5f7"}, @@ -1199,8 +1180,8 @@ pytest-sugar = [ {file = "pytest-sugar-0.9.4.tar.gz", hash = "sha256:b1b2186b0a72aada6859bea2a5764145e3aaa2c1cfbb23c3a19b5f7b697563d3"}, ] pytest-terraform = [ - {file = "pytest-terraform-0.5.2.tar.gz", hash = "sha256:7b2a3d00fa5913fea7744c9bbae21c62e0b72ccc2fbeab66a210176916d33f84"}, - {file = "pytest_terraform-0.5.2-py3-none-any.whl", hash = "sha256:7a8de8ae98c10e58886eefbb017ac2a95445ce8479f69ca1c0f0d48acfed9b01"}, + {file = "pytest-terraform-0.5.3.tar.gz", hash = "sha256:7e63de138b44d81807d6c5bae32b060c7ce75255e54d53c27956b7aea7792b1a"}, + {file = "pytest_terraform-0.5.3-py3-none-any.whl", hash = "sha256:b400ae8c097e121d41456e086f76a7b6f5e63b34a7320444b0b2fee1b8bb6499"}, ] pytest-xdist = [ {file = "pytest-xdist-1.34.0.tar.gz", hash = "sha256:340e8e83e2a4c0d861bdd8d05c5d7b7143f6eea0aba902997db15c2a86be04ee"}, @@ -1266,8 +1247,8 @@ rfc3986 = [ {file = "rfc3986-1.4.0.tar.gz", hash = "sha256:112398da31a3344dc25dbf477d8df6cb34f9278a94fee2625d89e4514be8bb9d"}, ] s3transfer = [ - {file = "s3transfer-0.3.6-py2.py3-none-any.whl", hash = "sha256:5d48b1fd2232141a9d5fb279709117aaba506cacea7f86f11bc392f06bfa8fc2"}, - {file = "s3transfer-0.3.6.tar.gz", hash = "sha256:c5dadf598762899d8cfaecf68eba649cd25b0ce93b6c954b156aaa3eed160547"}, + {file = "s3transfer-0.4.2-py2.py3-none-any.whl", hash = "sha256:9b3752887a2880690ce628bc263d6d13a3864083aeacff4890c1c9839a5eb0bc"}, + {file = "s3transfer-0.4.2.tar.gz", hash = "sha256:cb022f4b16551edebbb31a377d3f09600dbada7363d8c5db7976e7f47732e1b2"}, ] secretstorage = [ {file = "SecretStorage-3.3.1-py3-none-any.whl", hash = "sha256:422d82c36172d88d6a0ed5afdec956514b189ddbfb72fefab0c8a1cee4eaf71f"}, @@ -1289,8 +1270,8 @@ toml = [ {file = "toml-0.10.2.tar.gz", hash = "sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f"}, ] tqdm = [ - {file = "tqdm-4.59.0-py2.py3-none-any.whl", hash = "sha256:9fdf349068d047d4cfbe24862c425883af1db29bcddf4b0eeb2524f6fbdb23c7"}, - {file = "tqdm-4.59.0.tar.gz", hash = "sha256:d666ae29164da3e517fcf125e41d4fe96e5bb375cd87ff9763f6b38b5592fe33"}, + {file = "tqdm-4.60.0-py2.py3-none-any.whl", hash = "sha256:daec693491c52e9498632dfbe9ccfc4882a557f5fa08982db1b4d3adbe0887c3"}, + {file = "tqdm-4.60.0.tar.gz", hash = "sha256:ebdebdb95e3477ceea267decfc0784859aa3df3e27e22d23b83e9b272bf157ae"}, ] twine = [ {file = "twine-3.4.1-py3-none-any.whl", hash = "sha256:16f706f2f1687d7ce30e7effceee40ed0a09b7c33b9abb5ef6434e5551565d83"}, diff --git a/pyproject.toml b/pyproject.toml index 691731f4e4d..bcca9750aa1 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "c7n" -version = "0.9.11" +version = "0.9.12" description = "Cloud Custodian - Policy Rules Engine" authors = ["Cloud Custodian Project"] readme = "README.md" @@ -11,6 +11,7 @@ license = "Apache-2.0" packages = [ { include = "c7n" }] classifiers=[ + "License :: OSI Approved :: Apache Software License", "Topic :: System :: Systems Administration", "Topic :: System :: Distributed Computing"] @@ -29,10 +30,9 @@ python-dateutil = "^2.8.1" pyyaml = "^5.3" tabulate = "^0.8.6" importlib-metadata = ">1.7.0;python_version<3.8" -jsonpickle = "1.3" [tool.poetry.dev-dependencies] -pytest = "~6.0.0" +pytest = "^6.0.0" coverage = "^5.0.3" placebo = "^0.9.0" pytest-xdist = "^1.31.0" diff --git a/requirements.txt b/requirements.txt index 2d05b933ebb..fc7a1425cb6 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,55 +1,53 @@ apipkg==1.5; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" -argcomplete==1.12.2 -atomicwrites==1.4.0; python_version >= "3.5" and python_full_version < "3.0.0" and sys_platform == "win32" and (python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.5") or sys_platform == "win32" and python_version >= "3.5" and python_full_version >= "3.4.0" and (python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.5") -attrs==20.3.0; python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.5" -aws-xray-sdk==2.6.0 +argcomplete==1.12.3 +atomicwrites==1.4.0; python_version >= "3.6" and python_full_version < "3.0.0" and sys_platform == "win32" and (python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6") or sys_platform == "win32" and python_version >= "3.6" and python_full_version >= "3.4.0" and (python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6") +attrs==20.3.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" +aws-xray-sdk==2.7.0 bleach==3.3.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" -boto3==1.17.33; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.6.0") -botocore==1.20.33; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" +boto3==1.17.57; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.6.0") +botocore==1.20.57; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" certifi==2020.12.5; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" cffi==1.14.5; sys_platform == "linux" and python_version >= "3.6" chardet==4.0.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" click==7.1.2; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.5.0") -colorama==0.4.4; python_version >= "3.6" and python_full_version < "3.0.0" and sys_platform == "win32" and (python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.5") or sys_platform == "win32" and python_version >= "3.6" and python_full_version >= "3.5.0" and (python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.5") +colorama==0.4.4; python_version >= "3.6" and python_full_version < "3.0.0" and sys_platform == "win32" and (python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6") or sys_platform == "win32" and python_version >= "3.6" and python_full_version >= "3.5.0" and (python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6") coverage==5.5; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.5.0" and python_version < "4") -cryptography==3.4.6; sys_platform == "linux" and python_version >= "3.6" -docutils==0.16; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" +cryptography==3.4.7; sys_platform == "linux" and python_version >= "3.6" +docutils==0.17.1; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" execnet==1.8.0; python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "4.0" or python_version >= "3.6" and python_version < "4.0" and python_full_version >= "3.5.0" -flake8==3.9.0; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.5.0") +flake8==3.9.1; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.5.0") future==0.18.2; python_version >= "2.6" and python_full_version < "3.0.0" or python_full_version >= "3.3.0" idna==2.10; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" -importlib-metadata==3.7.3; python_version >= "3.6" -iniconfig==1.1.1; python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.5" +importlib-metadata==4.0.1; python_version >= "3.6" +iniconfig==1.1.1; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" jeepney==0.6.0; sys_platform == "linux" and python_version >= "3.6" jmespath==0.10.0; python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "4.0" or python_version >= "3.6" and python_version < "4.0" and python_full_version >= "3.6.0" jsonpatch==1.32; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.5.0") -jsonpickle==1.3 jsonpointer==2.1; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" jsonschema==3.2.0 -keyring==23.0.0; python_version >= "3.6" +keyring==23.0.1; python_version >= "3.6" mccabe==0.6.1; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" mock==4.0.3; python_version >= "3.6" -more-itertools==8.7.0; python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.5" multidict==5.1.0; python_version >= "3.6" packaging==20.9; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" pkginfo==1.7.0; python_version >= "3.6" placebo==0.9.0 -pluggy==0.13.1; python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.5" +pluggy==0.13.1; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" portalocker==1.7.1; python_version >= "3.6" and python_version < "4.0" psutil==5.8.0; (python_version >= "2.6" and python_full_version < "3.0.0") or (python_full_version >= "3.4.0") -py==1.10.0; python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.5" +py==1.10.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" pycodestyle==2.7.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" pycparser==2.20; python_version >= "3.6" and python_full_version < "3.0.0" and sys_platform == "linux" or sys_platform == "linux" and python_version >= "3.6" and python_full_version >= "3.4.0" -pyflakes==2.3.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" +pyflakes==2.3.1; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" pygments==2.8.1; python_version >= "3.6" -pyparsing==2.4.7; python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.5" +pyparsing==2.4.7; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6" pyrsistent==0.17.3; python_version >= "3.5" pytest-cov==2.11.1; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.5.0") pytest-forked==1.3.0; python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "4.0" or python_version >= "3.6" and python_version < "4.0" and python_full_version >= "3.5.0" pytest-sugar==0.9.4 -pytest-terraform==0.5.2; python_version >= "3.6" and python_version < "4.0" +pytest-terraform==0.5.3; python_version >= "3.6" and python_version < "4.0" pytest-xdist==1.34.0; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.5.0") -pytest==6.0.2; python_version >= "3.5" +pytest==6.2.3; python_version >= "3.6" python-dateutil==2.8.1; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.3.0") pywin32-ctypes==0.2.0; sys_platform == "win32" and python_version >= "3.6" pywin32==300; python_version >= "3.6" and python_version < "4.0" and platform_system == "Windows" @@ -58,13 +56,13 @@ readme-renderer==29.0; python_version >= "3.6" requests-toolbelt==0.9.1; python_version >= "3.6" requests==2.25.1; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" rfc3986==1.4.0; python_version >= "3.6" -s3transfer==0.3.6; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" +s3transfer==0.4.2; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" secretstorage==3.3.1; sys_platform == "linux" and python_version >= "3.6" six==1.15.0; python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "4.0" or python_full_version >= "3.6.0" and python_version >= "3.6" and python_version < "4.0" tabulate==0.8.9 termcolor==1.1.0 -toml==0.10.2; python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.5" -tqdm==4.59.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6" +toml==0.10.2; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" +tqdm==4.60.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6" twine==3.4.1; python_version >= "3.6" typing-extensions==3.7.4.3; python_version < "3.8" and python_version >= "3.6" urllib3==1.26.4; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" and python_version < "4" and python_version >= "3.6" diff --git a/setup.py b/setup.py index 20e2461f88d..139153d7c15 100644 --- a/setup.py +++ b/setup.py @@ -18,7 +18,6 @@ ['argcomplete>=1.11.1,<2.0.0', 'boto3>=1.12.31,<2.0.0', 'importlib-metadata>1.7.0', - 'jsonpickle==1.3', 'jsonschema>=3.2.0,<4.0.0', 'python-dateutil>=2.8.1,<3.0.0', 'pyyaml>=5.3,<6.0', @@ -29,8 +28,14 @@ setup_kwargs = { 'name': 'c7n', - 'version': '0.9.11', + 'version': '0.9.12', 'description': 'Cloud Custodian - Policy Rules Engine', + 'license': 'Apache-2.0', + 'classifiers': [ + 'License :: OSI Approved :: Apache Software License', + 'Topic :: System :: Systems Administration', + 'Topic :: System :: Distributed Computing' + ], 'long_description': 'Cloud Custodian\n=================\n\n

Cloud Custodian Logo

\n\n---\n\n[![](https://badges.gitter.im/cloud-custodian/cloud-custodian.svg)](https://gitter.im/cloud-custodian/cloud-custodian?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)\n[![CI](https://github.com/cloud-custodian/cloud-custodian/workflows/CI/badge.svg?event=push)](https://github.com/cloud-custodian/cloud-custodian/actions?query=workflow%3ACI+branch%3Amaster+event%3Apush)\n[![](https://dev.azure.com/cloud-custodian/cloud-custodian/_apis/build/status/Custodian%20-%20CI?branchName=master)](https://dev.azure.com/cloud-custodian/cloud-custodian/_build)\n[![](https://img.shields.io/badge/license-Apache%202-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)\n[![](https://codecov.io/gh/cloud-custodian/cloud-custodian/branch/master/graph/badge.svg)](https://codecov.io/gh/cloud-custodian/cloud-custodian)\n[![](https://requires.io/github/cloud-custodian/cloud-custodian/requirements.svg?branch=master)](https://requires.io/github/cloud-custodian/cloud-custodian/requirements/?branch=master)\n[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/3402/badge)](https://bestpractices.coreinfrastructure.org/projects/3402)\n\nCloud Custodian is a rules engine for managing public cloud accounts and\nresources. It allows users to define policies to enable a well managed\ncloud infrastructure, that\\\'s both secure and cost optimized. It\nconsolidates many of the adhoc scripts organizations have into a\nlightweight and flexible tool, with unified metrics and reporting.\n\nCustodian can be used to manage AWS, Azure, and GCP environments by\nensuring real time compliance to security policies (like encryption and\naccess requirements), tag policies, and cost management via garbage\ncollection of unused resources and off-hours resource management.\n\nCustodian policies are written in simple YAML configuration files that\nenable users to specify policies on a resource type (EC2, ASG, Redshift,\nCosmosDB, PubSub Topic) and are constructed from a vocabulary of filters\nand actions.\n\nIt integrates with the cloud native serverless capabilities of each\nprovider to provide for real time enforcement of policies with builtin\nprovisioning. Or it can be run as a simple cron job on a server to\nexecute against large existing fleets.\n\nCloud Custodian is a CNCF Sandbox project, lead by a community of hundreds\nof contributors.\n\nFeatures\n--------\n\n- Comprehensive support for public cloud services and resources with a\n rich library of actions and filters to build policies with.\n- Supports arbitrary filtering on resources with nested boolean\n conditions.\n- Dry run any policy to see what it would do.\n- Automatically provisions serverless functions and event sources (\n AWS CloudWatchEvents, AWS Config Rules, Azure EventGrid, GCP\n AuditLog & Pub/Sub, etc)\n- Cloud provider native metrics outputs on resources that matched a\n policy\n- Structured outputs into cloud native object storage of which\n resources matched a policy.\n- Intelligent cache usage to minimize api calls.\n- Supports multi-account/subscription/project usage.\n- Battle-tested - in production on some very large cloud environments.\n\nLinks\n-----\n\n- [Homepage](http://cloudcustodian.io)\n- [Docs](http://cloudcustodian.io/docs/index.html)\n- [Developer Install](https://cloudcustodian.io/docs/developer/installing.html)\n- [Presentations](https://www.google.com/search?q=cloud+custodian&source=lnms&tbm=vid)\n\nQuick Install\n-------------\n\n```shell\n$ python3 -m venv custodian\n$ source custodian/bin/activate\n(custodian) $ pip install c7n\n```\n\n\nUsage\n-----\n\nThe first step to using Cloud Custodian is writing a YAML file\ncontaining the policies that you want to run. Each policy specifies\nthe resource type that the policy will run on, a set of filters which\ncontrol resources will be affected by this policy, actions which the policy\nwith take on the matched resources, and a mode which controls which\nhow the policy will execute.\n\nThe best getting started guides are the cloud provider specific tutorials.\n\n - [AWS Getting Started](https://cloudcustodian.io/docs/aws/gettingstarted.html)\n - [Azure Getting Started](https://cloudcustodian.io/docs/azure/gettingstarted.html)\n - [GCP Getting Started](https://cloudcustodian.io/docs/gcp/gettingstarted.html)\n\nAs a quick walk through, below are some sample policies for AWS resources.\n\n 1. will enforce that no S3 buckets have cross-account access enabled.\n 1. will terminate any newly launched EC2 instance that do not have an encrypted EBS volume.\n 1. will tag any EC2 instance that does not have the follow tags\n "Environment", "AppId", and either "OwnerContact" or "DeptID" to\n be stopped in four days.\n\n```yaml\npolicies:\n - name: s3-cross-account\n description: |\n Checks S3 for buckets with cross-account access and\n removes the cross-account access.\n resource: aws.s3\n region: us-east-1\n filters:\n - type: cross-account\n actions:\n - type: remove-statements\n statement_ids: matched\n\n - name: ec2-require-non-public-and-encrypted-volumes\n resource: aws.ec2\n description: |\n Provision a lambda and cloud watch event target\n that looks at all new instances and terminates those with\n unencrypted volumes.\n mode:\n type: cloudtrail\n role: CloudCustodian-QuickStart\n events:\n - RunInstances\n filters:\n - type: ebs\n key: Encrypted\n value: false\n actions:\n - terminate\n\n - name: tag-compliance\n resource: aws.ec2\n description: |\n Schedule a resource that does not meet tag compliance policies to be stopped in four days. Note a separate policy using the`marked-for-op` filter is required to actually stop the instances after four days.\n filters:\n - State.Name: running\n - "tag:Environment": absent\n - "tag:AppId": absent\n - or:\n - "tag:OwnerContact": absent\n - "tag:DeptID": absent\n actions:\n - type: mark-for-op\n op: stop\n days: 4\n```\n\nYou can validate, test, and run Cloud Custodian with the example policy with these commands:\n\n```shell\n# Validate the configuration (note this happens by default on run)\n$ custodian validate policy.yml\n\n# Dryrun on the policies (no actions executed) to see what resources\n# match each policy.\n$ custodian run --dryrun -s out policy.yml\n\n# Run the policy\n$ custodian run -s out policy.yml\n```\n\nYou can run Cloud Custodian via Docker as well:\n\n```shell\n# Download the image\n$ docker pull cloudcustodian/c7n\n$ mkdir output\n\n# Run the policy\n#\n# This will run the policy using only the environment variables for authentication\n$ docker run -it \\\n -v $(pwd)/output:/home/custodian/output \\\n -v $(pwd)/policy.yml:/home/custodian/policy.yml \\\n --env-file <(env | grep "^AWS\\|^AZURE\\|^GOOGLE") \\\n cloudcustodian/c7n run -v -s /home/custodian/output /home/custodian/policy.yml\n\n# Run the policy (using AWS\'s generated credentials from STS)\n#\n# NOTE: We mount the ``.aws/credentials`` and ``.aws/config`` directories to\n# the docker container to support authentication to AWS using the same credentials\n# credentials that are available to the local user if authenticating with STS.\n\n$ docker run -it \\\n -v $(pwd)/output:/home/custodian/output \\\n -v $(pwd)/policy.yml:/home/custodian/policy.yml \\\n -v $(cd ~ && pwd)/.aws/credentials:/home/custodian/.aws/credentials \\\n -v $(cd ~ && pwd)/.aws/config:/home/custodian/.aws/config \\\n --env-file <(env | grep "^AWS") \\\n cloudcustodian/c7n run -v -s /home/custodian/output /home/custodian/policy.yml\n```\n\nThe [custodian cask\ntool](https://cloudcustodian.io/docs/tools/cask.html) is a go binary\nthat provides a transparent front end to docker that mirors the regular\ncustodian cli, but automatically takes care of mounting volumes.\n\nConsult the documentation for additional information, or reach out on gitter.\n\nCloud Provider Specific Help\n----------------------------\n\nFor specific instructions for AWS, Azure, and GCP, visit the relevant getting started page.\n\n- [AWS](https://cloudcustodian.io/docs/aws/gettingstarted.html)\n- [Azure](https://cloudcustodian.io/docs/azure/gettingstarted.html)\n- [GCP](https://cloudcustodian.io/docs/gcp/gettingstarted.html)\n\nGet Involved\n------------\n\n- [Gitter](https://gitter.im/cloud-custodian/cloud-custodian)\n- [GitHub](https://github.com/cloud-custodian/cloud-custodian)\n- [Mailing List](https://groups.google.com/forum/#!forum/cloud-custodian)\n- [Reddit](https://reddit.com/r/cloudcustodian)\n- [StackOverflow](https://stackoverflow.com/questions/tagged/cloudcustodian)\n\nAdditional Tools\n----------------\n\nThe Custodian project also develops and maintains a suite of additional\ntools here\n:\n\n- [**_Org_:**](https://cloudcustodian.io/docs/tools/c7n-org.html) Multi-account policy execution.\n\n- [**_PolicyStream_:**](https://cloudcustodian.io/docs/tools/c7n-policystream.html) Git history as stream of logical policy changes.\n\n- [**_Salactus_:**](https://cloudcustodian.io/docs/tools/c7n-salactus.html) Scale out s3 scanning.\n\n- [**_Mailer_:**](https://cloudcustodian.io/docs/tools/c7n-mailer.html) A reference implementation of sending messages to users to notify them.\n\n- [**_Trail Creator_:**](https://cloudcustodian.io/docs/tools/c7n-trailcreator.html) Retroactive tagging of resources creators from CloudTrail\n\n- **_TrailDB_:** Cloudtrail indexing and time series generation for dashboarding.\n\n- [**_LogExporter_:**](https://cloudcustodian.io/docs/tools/c7n-logexporter.html) Cloud watch log exporting to s3\n\n- [**_Cask_:**](https://cloudcustodian.io/docs/tools/cask.html) Easy custodian exec via docker\n\n- [**_Guardian_:**](https://cloudcustodian.io/docs/tools/c7n-guardian.html) Automated multi-account Guard Duty setup\n\n- [**_Omni SSM_:**](https://cloudcustodian.io/docs/tools/omnissm.html) EC2 Systems Manager Automation\n\n- [**_Mugc_:**](https://github.com/cloud-custodian/cloud-custodian/tree/master/tools/ops#mugc) A utility used to clean up Cloud Custodian Lambda policies that are deployed in an AWS environment.\n\nContributing\n------------\n\nSee \n\nSecurity\n--------\n\nIf you\'ve found a security related issue, a vulnerability, or a\npotential vulnerability in Cloud Custodian please let the Cloud\n[Custodian Security Team](mailto:security@cloudcustodian.io) know with\nthe details of the vulnerability. We\'ll send a confirmation email to\nacknowledge your report, and we\'ll send an additional email when we\'ve\nidentified the issue positively or negatively.\n\nCode of Conduct\n---------------\n\nThis project adheres to the [Open Code of Conduct](https://developer.capitalone.com/resources/code-of-conduct). By\nparticipating, you are expected to honor this code.\n\n', 'long_description_content_type': 'text/markdown', 'author': 'Cloud Custodian Project', diff --git a/signal-desktop-keyring.gpg b/signal-desktop-keyring.gpg new file mode 100644 index 00000000000..b5e68a0406c Binary files /dev/null and b/signal-desktop-keyring.gpg differ diff --git a/tests/data/cfn-types.json b/tests/data/cfn-types.json index 32e60797c28..2cecfc609d8 100644 --- a/tests/data/cfn-types.json +++ b/tests/data/cfn-types.json @@ -29,6 +29,7 @@ "AWS::ApiGateway::UsagePlanKey", "AWS::ApiGateway::VpcLink", "AWS::ApiGatewayV2::Api", + "AWS::ApiGatewayV2::ApiGatewayManagedOverrides", "AWS::ApiGatewayV2::ApiMapping", "AWS::ApiGatewayV2::Authorizer", "AWS::ApiGatewayV2::Deployment", @@ -39,13 +40,20 @@ "AWS::ApiGatewayV2::Route", "AWS::ApiGatewayV2::RouteResponse", "AWS::ApiGatewayV2::Stage", + "AWS::ApiGatewayV2::VpcLink", "AWS::AppConfig::Application", "AWS::AppConfig::ConfigurationProfile", "AWS::AppConfig::Deployment", "AWS::AppConfig::DeploymentStrategy", "AWS::AppConfig::Environment", + "AWS::AppConfig::HostedConfigurationVersion", + "AWS::AppFlow::ConnectorProfile", + "AWS::AppFlow::Flow", + "AWS::AppIntegrations::EventIntegration", + "AWS::AppMesh::GatewayRoute", "AWS::AppMesh::Mesh", "AWS::AppMesh::Route", + "AWS::AppMesh::VirtualGateway", "AWS::AppMesh::VirtualNode", "AWS::AppMesh::VirtualRouter", "AWS::AppMesh::VirtualService", @@ -65,8 +73,11 @@ "AWS::AppSync::Resolver", "AWS::ApplicationAutoScaling::ScalableTarget", "AWS::ApplicationAutoScaling::ScalingPolicy", + "AWS::ApplicationInsights::Application", + "AWS::Athena::DataCatalog", "AWS::Athena::NamedQuery", "AWS::Athena::WorkGroup", + "AWS::AuditManager::Assessment", "AWS::AutoScaling::AutoScalingGroup", "AWS::AutoScaling::LaunchConfiguration", "AWS::AutoScaling::LifecycleHook", @@ -80,19 +91,33 @@ "AWS::Batch::JobDefinition", "AWS::Batch::JobQueue", "AWS::Budgets::Budget", + "AWS::Budgets::BudgetsAction", + "AWS::CE::AnomalyMonitor", + "AWS::CE::AnomalySubscription", "AWS::CE::CostCategory", "AWS::Cassandra::Keyspace", "AWS::Cassandra::Table", + "AWS::CertificateManager::Account", "AWS::CertificateManager::Certificate", "AWS::Chatbot::SlackChannelConfiguration", "AWS::Cloud9::EnvironmentEC2", "AWS::CloudFormation::CustomResource", "AWS::CloudFormation::Macro", + "AWS::CloudFormation::ModuleDefaultVersion", + "AWS::CloudFormation::ModuleVersion", + "AWS::CloudFormation::ResourceDefaultVersion", + "AWS::CloudFormation::ResourceVersion", "AWS::CloudFormation::Stack", + "AWS::CloudFormation::StackSet", "AWS::CloudFormation::WaitCondition", "AWS::CloudFormation::WaitConditionHandle", + "AWS::CloudFront::CachePolicy", "AWS::CloudFront::CloudFrontOriginAccessIdentity", "AWS::CloudFront::Distribution", + "AWS::CloudFront::KeyGroup", + "AWS::CloudFront::OriginRequestPolicy", + "AWS::CloudFront::PublicKey", + "AWS::CloudFront::RealtimeLogConfig", "AWS::CloudFront::StreamingDistribution", "AWS::CloudTrail::Trail", "AWS::CloudWatch::Alarm", @@ -100,6 +125,9 @@ "AWS::CloudWatch::CompositeAlarm", "AWS::CloudWatch::Dashboard", "AWS::CloudWatch::InsightRule", + "AWS::CloudWatch::MetricStream", + "AWS::CodeArtifact::Domain", + "AWS::CodeArtifact::Repository", "AWS::CodeBuild::Project", "AWS::CodeBuild::ReportGroup", "AWS::CodeBuild::SourceCredential", @@ -108,6 +136,7 @@ "AWS::CodeDeploy::DeploymentConfig", "AWS::CodeDeploy::DeploymentGroup", "AWS::CodeGuruProfiler::ProfilingGroup", + "AWS::CodeGuruReviewer::RepositoryAssociation", "AWS::CodePipeline::CustomActionType", "AWS::CodePipeline::Pipeline", "AWS::CodePipeline::Webhook", @@ -135,6 +164,10 @@ "AWS::Config::OrganizationConfigRule", "AWS::Config::OrganizationConformancePack", "AWS::Config::RemediationConfiguration", + "AWS::Config::StoredQuery", + "AWS::CustomerProfiles::Domain", + "AWS::CustomerProfiles::Integration", + "AWS::CustomerProfiles::ObjectType", "AWS::DAX::Cluster", "AWS::DAX::ParameterGroup", "AWS::DAX::SubnetGroup", @@ -145,9 +178,24 @@ "AWS::DMS::ReplicationInstance", "AWS::DMS::ReplicationSubnetGroup", "AWS::DMS::ReplicationTask", + "AWS::DataBrew::Dataset", + "AWS::DataBrew::Job", + "AWS::DataBrew::Project", + "AWS::DataBrew::Recipe", + "AWS::DataBrew::Schedule", "AWS::DataPipeline::Pipeline", + "AWS::DataSync::Agent", + "AWS::DataSync::LocationEFS", + "AWS::DataSync::LocationFSxWindows", + "AWS::DataSync::LocationNFS", + "AWS::DataSync::LocationObjectStorage", + "AWS::DataSync::LocationS3", + "AWS::DataSync::LocationSMB", + "AWS::DataSync::Task", "AWS::Detective::Graph", "AWS::Detective::MemberInvitation", + "AWS::DevOpsGuru::NotificationChannel", + "AWS::DevOpsGuru::ResourceCollection", "AWS::DirectoryService::MicrosoftAD", "AWS::DirectoryService::SimpleAD", "AWS::DocDB::DBCluster", @@ -156,6 +204,7 @@ "AWS::DocDB::DBSubnetGroup", "AWS::DynamoDB::Table", "AWS::EC2::CapacityReservation", + "AWS::EC2::CarrierGateway", "AWS::EC2::ClientVpnAuthorizationRule", "AWS::EC2::ClientVpnEndpoint", "AWS::EC2::ClientVpnRoute", @@ -177,10 +226,13 @@ "AWS::EC2::NatGateway", "AWS::EC2::NetworkAcl", "AWS::EC2::NetworkAclEntry", + "AWS::EC2::NetworkInsightsAnalysis", + "AWS::EC2::NetworkInsightsPath", "AWS::EC2::NetworkInterface", "AWS::EC2::NetworkInterfaceAttachment", "AWS::EC2::NetworkInterfacePermission", "AWS::EC2::PlacementGroup", + "AWS::EC2::PrefixList", "AWS::EC2::Route", "AWS::EC2::RouteTable", "AWS::EC2::SecurityGroup", @@ -197,6 +249,11 @@ "AWS::EC2::TrafficMirrorTarget", "AWS::EC2::TransitGateway", "AWS::EC2::TransitGatewayAttachment", + "AWS::EC2::TransitGatewayConnect", + "AWS::EC2::TransitGatewayMulticastDomain", + "AWS::EC2::TransitGatewayMulticastDomainAssociation", + "AWS::EC2::TransitGatewayMulticastGroupMember", + "AWS::EC2::TransitGatewayMulticastGroupSource", "AWS::EC2::TransitGatewayRoute", "AWS::EC2::TransitGatewayRouteTable", "AWS::EC2::TransitGatewayRouteTableAssociation", @@ -216,8 +273,13 @@ "AWS::EC2::VPNGatewayRoutePropagation", "AWS::EC2::Volume", "AWS::EC2::VolumeAttachment", + "AWS::ECR::PublicRepository", + "AWS::ECR::RegistryPolicy", + "AWS::ECR::ReplicationConfiguration", "AWS::ECR::Repository", + "AWS::ECS::CapacityProvider", "AWS::ECS::Cluster", + "AWS::ECS::ClusterCapacityProviderAssociations", "AWS::ECS::PrimaryTaskSet", "AWS::ECS::Service", "AWS::ECS::TaskDefinition", @@ -225,19 +287,27 @@ "AWS::EFS::AccessPoint", "AWS::EFS::FileSystem", "AWS::EFS::MountTarget", + "AWS::EKS::Addon", "AWS::EKS::Cluster", + "AWS::EKS::FargateProfile", "AWS::EKS::Nodegroup", "AWS::EMR::Cluster", "AWS::EMR::InstanceFleetConfig", "AWS::EMR::InstanceGroupConfig", "AWS::EMR::SecurityConfiguration", "AWS::EMR::Step", + "AWS::EMR::Studio", + "AWS::EMR::StudioSessionMapping", + "AWS::EMRContainers::VirtualCluster", "AWS::ElastiCache::CacheCluster", + "AWS::ElastiCache::GlobalReplicationGroup", "AWS::ElastiCache::ParameterGroup", "AWS::ElastiCache::ReplicationGroup", "AWS::ElastiCache::SecurityGroup", "AWS::ElastiCache::SecurityGroupIngress", "AWS::ElastiCache::SubnetGroup", + "AWS::ElastiCache::User", + "AWS::ElastiCache::UserGroup", "AWS::ElasticBeanstalk::Application", "AWS::ElasticBeanstalk::ApplicationVersion", "AWS::ElasticBeanstalk::ConfigurationTemplate", @@ -253,15 +323,20 @@ "AWS::EventSchemas::Registry", "AWS::EventSchemas::RegistryPolicy", "AWS::EventSchemas::Schema", + "AWS::Events::ApiDestination", + "AWS::Events::Archive", + "AWS::Events::Connection", "AWS::Events::EventBus", "AWS::Events::EventBusPolicy", "AWS::Events::Rule", + "AWS::FIS::ExperimentTemplate", "AWS::FMS::NotificationChannel", "AWS::FMS::Policy", "AWS::FSx::FileSystem", "AWS::GameLift::Alias", "AWS::GameLift::Build", "AWS::GameLift::Fleet", + "AWS::GameLift::GameServerGroup", "AWS::GameLift::GameSessionQueue", "AWS::GameLift::MatchmakingConfiguration", "AWS::GameLift::MatchmakingRuleSet", @@ -278,6 +353,10 @@ "AWS::Glue::Job", "AWS::Glue::MLTransform", "AWS::Glue::Partition", + "AWS::Glue::Registry", + "AWS::Glue::Schema", + "AWS::Glue::SchemaVersion", + "AWS::Glue::SchemaVersionMetadata", "AWS::Glue::SecurityConfiguration", "AWS::Glue::Table", "AWS::Glue::Trigger", @@ -298,6 +377,10 @@ "AWS::Greengrass::ResourceDefinitionVersion", "AWS::Greengrass::SubscriptionDefinition", "AWS::Greengrass::SubscriptionDefinitionVersion", + "AWS::GreengrassV2::ComponentVersion", + "AWS::GroundStation::Config", + "AWS::GroundStation::DataflowEndpointGroup", + "AWS::GroundStation::MissionProfile", "AWS::GuardDuty::Detector", "AWS::GuardDuty::Filter", "AWS::GuardDuty::IPSet", @@ -308,12 +391,20 @@ "AWS::IAM::Group", "AWS::IAM::InstanceProfile", "AWS::IAM::ManagedPolicy", + "AWS::IAM::OIDCProvider", "AWS::IAM::Policy", "AWS::IAM::Role", + "AWS::IAM::SAMLProvider", + "AWS::IAM::ServerCertificate", "AWS::IAM::ServiceLinkedRole", "AWS::IAM::User", "AWS::IAM::UserToGroupAddition", + "AWS::IAM::VirtualMFADevice", + "AWS::IVS::Channel", + "AWS::IVS::PlaybackKeyPair", + "AWS::IVS::StreamKey", "AWS::ImageBuilder::Component", + "AWS::ImageBuilder::ContainerRecipe", "AWS::ImageBuilder::DistributionConfiguration", "AWS::ImageBuilder::Image", "AWS::ImageBuilder::ImagePipeline", @@ -325,21 +416,46 @@ "AWS::IoT1Click::Device", "AWS::IoT1Click::Placement", "AWS::IoT1Click::Project", + "AWS::IoT::AccountAuditConfiguration", + "AWS::IoT::Authorizer", "AWS::IoT::Certificate", + "AWS::IoT::CustomMetric", + "AWS::IoT::Dimension", + "AWS::IoT::DomainConfiguration", + "AWS::IoT::MitigationAction", "AWS::IoT::Policy", "AWS::IoT::PolicyPrincipalAttachment", + "AWS::IoT::ProvisioningTemplate", + "AWS::IoT::ScheduledAudit", + "AWS::IoT::SecurityProfile", "AWS::IoT::Thing", "AWS::IoT::ThingPrincipalAttachment", "AWS::IoT::TopicRule", + "AWS::IoT::TopicRuleDestination", "AWS::IoTAnalytics::Channel", "AWS::IoTAnalytics::Dataset", "AWS::IoTAnalytics::Datastore", "AWS::IoTAnalytics::Pipeline", "AWS::IoTEvents::DetectorModel", "AWS::IoTEvents::Input", + "AWS::IoTSiteWise::AccessPolicy", + "AWS::IoTSiteWise::Asset", + "AWS::IoTSiteWise::AssetModel", + "AWS::IoTSiteWise::Dashboard", + "AWS::IoTSiteWise::Gateway", + "AWS::IoTSiteWise::Portal", + "AWS::IoTSiteWise::Project", "AWS::IoTThingsGraph::FlowTemplate", + "AWS::IoTWireless::Destination", + "AWS::IoTWireless::DeviceProfile", + "AWS::IoTWireless::ServiceProfile", + "AWS::IoTWireless::WirelessDevice", + "AWS::IoTWireless::WirelessGateway", "AWS::KMS::Alias", "AWS::KMS::Key", + "AWS::Kendra::DataSource", + "AWS::Kendra::Faq", + "AWS::Kendra::Index", "AWS::Kinesis::Stream", "AWS::Kinesis::StreamConsumer", "AWS::KinesisAnalytics::Application", @@ -354,6 +470,7 @@ "AWS::LakeFormation::Permissions", "AWS::LakeFormation::Resource", "AWS::Lambda::Alias", + "AWS::Lambda::CodeSigningConfig", "AWS::Lambda::EventInvokeConfig", "AWS::Lambda::EventSourceMapping", "AWS::Lambda::Function", @@ -361,29 +478,50 @@ "AWS::Lambda::LayerVersionPermission", "AWS::Lambda::Permission", "AWS::Lambda::Version", + "AWS::LicenseManager::Grant", + "AWS::LicenseManager::License", "AWS::Logs::Destination", "AWS::Logs::LogGroup", "AWS::Logs::LogStream", "AWS::Logs::MetricFilter", + "AWS::Logs::QueryDefinition", "AWS::Logs::SubscriptionFilter", + "AWS::LookoutMetrics::Alert", + "AWS::LookoutMetrics::AnomalyDetector", + "AWS::LookoutVision::Project", "AWS::MSK::Cluster", + "AWS::MWAA::Environment", "AWS::Macie::CustomDataIdentifier", "AWS::Macie::FindingsFilter", "AWS::Macie::Session", "AWS::ManagedBlockchain::Member", "AWS::ManagedBlockchain::Node", + "AWS::MediaConnect::Flow", + "AWS::MediaConnect::FlowEntitlement", + "AWS::MediaConnect::FlowOutput", + "AWS::MediaConnect::FlowSource", + "AWS::MediaConnect::FlowVpcInterface", "AWS::MediaConvert::JobTemplate", "AWS::MediaConvert::Preset", "AWS::MediaConvert::Queue", "AWS::MediaLive::Channel", "AWS::MediaLive::Input", "AWS::MediaLive::InputSecurityGroup", + "AWS::MediaPackage::Asset", + "AWS::MediaPackage::Channel", + "AWS::MediaPackage::OriginEndpoint", + "AWS::MediaPackage::PackagingConfiguration", + "AWS::MediaPackage::PackagingGroup", "AWS::MediaStore::Container", "AWS::Neptune::DBCluster", "AWS::Neptune::DBClusterParameterGroup", "AWS::Neptune::DBInstance", "AWS::Neptune::DBParameterGroup", "AWS::Neptune::DBSubnetGroup", + "AWS::NetworkFirewall::Firewall", + "AWS::NetworkFirewall::FirewallPolicy", + "AWS::NetworkFirewall::LoggingConfiguration", + "AWS::NetworkFirewall::RuleGroup", "AWS::NetworkManager::CustomerGatewayAssociation", "AWS::NetworkManager::Device", "AWS::NetworkManager::GlobalNetwork", @@ -422,15 +560,26 @@ "AWS::PinpointEmail::DedicatedIpPool", "AWS::PinpointEmail::Identity", "AWS::QLDB::Ledger", + "AWS::QLDB::Stream", + "AWS::QuickSight::Analysis", + "AWS::QuickSight::Dashboard", + "AWS::QuickSight::DataSet", + "AWS::QuickSight::DataSource", + "AWS::QuickSight::Template", + "AWS::QuickSight::Theme", "AWS::RAM::ResourceShare", "AWS::RDS::DBCluster", "AWS::RDS::DBClusterParameterGroup", "AWS::RDS::DBInstance", "AWS::RDS::DBParameterGroup", + "AWS::RDS::DBProxy", + "AWS::RDS::DBProxyEndpoint", + "AWS::RDS::DBProxyTargetGroup", "AWS::RDS::DBSecurityGroup", "AWS::RDS::DBSecurityGroupIngress", "AWS::RDS::DBSubnetGroup", "AWS::RDS::EventSubscription", + "AWS::RDS::GlobalCluster", "AWS::RDS::OptionGroup", "AWS::Redshift::Cluster", "AWS::Redshift::ClusterParameterGroup", @@ -444,16 +593,31 @@ "AWS::RoboMaker::RobotApplicationVersion", "AWS::RoboMaker::SimulationApplication", "AWS::RoboMaker::SimulationApplicationVersion", + "AWS::Route53::DNSSEC", "AWS::Route53::HealthCheck", "AWS::Route53::HostedZone", + "AWS::Route53::KeySigningKey", "AWS::Route53::RecordSet", "AWS::Route53::RecordSetGroup", + "AWS::Route53Resolver::FirewallDomainList", + "AWS::Route53Resolver::FirewallRuleGroup", + "AWS::Route53Resolver::FirewallRuleGroupAssociation", + "AWS::Route53Resolver::ResolverDNSSECConfig", "AWS::Route53Resolver::ResolverEndpoint", + "AWS::Route53Resolver::ResolverQueryLoggingConfig", + "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation", "AWS::Route53Resolver::ResolverRule", "AWS::Route53Resolver::ResolverRuleAssociation", "AWS::S3::AccessPoint", "AWS::S3::Bucket", "AWS::S3::BucketPolicy", + "AWS::S3::StorageLens", + "AWS::S3ObjectLambda::AccessPoint", + "AWS::S3ObjectLambda::AccessPointPolicy", + "AWS::S3Outposts::AccessPoint", + "AWS::S3Outposts::Bucket", + "AWS::S3Outposts::BucketPolicy", + "AWS::S3Outposts::Endpoint", "AWS::SDB::Domain", "AWS::SES::ConfigurationSet", "AWS::SES::ConfigurationSetEventDestination", @@ -474,12 +638,32 @@ "AWS::SSM::Parameter", "AWS::SSM::PatchBaseline", "AWS::SSM::ResourceDataSync", + "AWS::SSO::Assignment", + "AWS::SSO::InstanceAccessControlAttributeConfiguration", + "AWS::SSO::PermissionSet", + "AWS::SageMaker::App", + "AWS::SageMaker::AppImageConfig", "AWS::SageMaker::CodeRepository", + "AWS::SageMaker::DataQualityJobDefinition", + "AWS::SageMaker::Device", + "AWS::SageMaker::DeviceFleet", + "AWS::SageMaker::Domain", "AWS::SageMaker::Endpoint", "AWS::SageMaker::EndpointConfig", + "AWS::SageMaker::FeatureGroup", + "AWS::SageMaker::Image", + "AWS::SageMaker::ImageVersion", "AWS::SageMaker::Model", + "AWS::SageMaker::ModelBiasJobDefinition", + "AWS::SageMaker::ModelExplainabilityJobDefinition", + "AWS::SageMaker::ModelPackageGroup", + "AWS::SageMaker::ModelQualityJobDefinition", + "AWS::SageMaker::MonitoringSchedule", "AWS::SageMaker::NotebookInstance", "AWS::SageMaker::NotebookInstanceLifecycleConfig", + "AWS::SageMaker::Pipeline", + "AWS::SageMaker::Project", + "AWS::SageMaker::UserProfile", "AWS::SageMaker::Workteam", "AWS::SecretsManager::ResourcePolicy", "AWS::SecretsManager::RotationSchedule", @@ -498,17 +682,27 @@ "AWS::ServiceCatalog::PortfolioProductAssociation", "AWS::ServiceCatalog::PortfolioShare", "AWS::ServiceCatalog::ResourceUpdateConstraint", + "AWS::ServiceCatalog::ServiceAction", + "AWS::ServiceCatalog::ServiceActionAssociation", "AWS::ServiceCatalog::StackSetConstraint", "AWS::ServiceCatalog::TagOption", "AWS::ServiceCatalog::TagOptionAssociation", + "AWS::ServiceCatalogAppRegistry::Application", + "AWS::ServiceCatalogAppRegistry::AttributeGroup", + "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation", + "AWS::ServiceCatalogAppRegistry::ResourceAssociation", "AWS::ServiceDiscovery::HttpNamespace", "AWS::ServiceDiscovery::Instance", "AWS::ServiceDiscovery::PrivateDnsNamespace", "AWS::ServiceDiscovery::PublicDnsNamespace", "AWS::ServiceDiscovery::Service", + "AWS::Signer::ProfilePermission", + "AWS::Signer::SigningProfile", "AWS::StepFunctions::Activity", "AWS::StepFunctions::StateMachine", "AWS::Synthetics::Canary", + "AWS::Timestream::Database", + "AWS::Timestream::Table", "AWS::Transfer::Server", "AWS::Transfer::User", "AWS::WAF::ByteMatchSet", @@ -534,6 +728,7 @@ "AWS::WAFv2::RuleGroup", "AWS::WAFv2::WebACL", "AWS::WAFv2::WebACLAssociation", + "AWS::WorkSpaces::ConnectionAlias", "AWS::WorkSpaces::Workspace", "Alexa::ASK::Skill" ] diff --git a/tests/data/iam-actions.json b/tests/data/iam-actions.json index f7f4feded3c..225206ea8aa 100644 --- a/tests/data/iam-actions.json +++ b/tests/data/iam-actions.json @@ -82,14 +82,19 @@ "UpdateSkillGroup" ], "access-analyzer": [ + "ApplyArchiveRule", + "CreateAccessPreview", "CreateAnalyzer", "CreateArchiveRule", "DeleteAnalyzer", "DeleteArchiveRule", + "GetAccessPreview", "GetAnalyzedResource", "GetAnalyzer", "GetArchiveRule", "GetFinding", + "ListAccessPreviewFindings", + "ListAccessPreviews", "ListAnalyzedResources", "ListAnalyzers", "ListArchiveRules", @@ -99,7 +104,8 @@ "TagResource", "UntagResource", "UpdateArchiveRule", - "UpdateFindings" + "UpdateFindings", + "ValidatePolicy" ], "account": [ "DisableRegion", @@ -111,10 +117,12 @@ "DeleteCertificate", "DescribeCertificate", "ExportCertificate", + "GetAccountConfiguration", "GetCertificate", "ImportCertificate", "ListCertificates", "ListTagsForCertificate", + "PutAccountConfiguration", "RemoveTagsFromCertificate", "RenewCertificate", "RequestCertificate", @@ -146,6 +154,29 @@ "UntagCertificateAuthority", "UpdateCertificateAuthority" ], + "activate": [ + "CreateForm", + "GetAccountContact", + "GetContentInfo", + "GetCosts", + "GetCredits", + "GetMemberInfo", + "GetProgram", + "PutMemberInfo" + ], + "airflow": [ + "CreateCliToken", + "CreateEnvironment", + "CreateWebLoginToken", + "DeleteEnvironment", + "GetEnvironment", + "ListEnvironments", + "ListTagsForResource", + "PublishMetrics", + "TagResource", + "UntagResource", + "UpdateEnvironment" + ], "amplify": [ "CreateApp", "CreateBackendEnvironment", @@ -184,15 +215,56 @@ "UpdateDomainAssociation", "UpdateWebHook" ], + "amplifybackend": [ + "CloneBackend", + "CreateBackend", + "CreateBackendAPI", + "CreateBackendAuth", + "CreateBackendConfig", + "CreateToken", + "DeleteBackend", + "DeleteBackendAPI", + "DeleteBackendAuth", + "DeleteToken", + "GenerateBackendAPIModels", + "GetBackend", + "GetBackendAPI", + "GetBackendAPIModels", + "GetBackendAuth", + "GetBackendJob", + "GetToken", + "ListBackendJobs", + "RemoveAllBackends", + "RemoveBackendConfig", + "UpdateBackendAPI", + "UpdateBackendAuth", + "UpdateBackendConfig", + "UpdateBackendJob" + ], "apigateway": [ + "AddCertificateToDomain", "DELETE", "GET", "PATCH", "POST", "PUT", + "RemoveCertificateFromDomain", "SetWebACL", "UpdateRestApiPolicy" ], + "app-integrations": [ + "CreateEventIntegration", + "CreateEventIntegrationAssociation", + "DeleteEventIntegration", + "DeleteEventIntegrationAssociation", + "GetEventIntegration", + "ListEventIntegrationAssociations", + "ListEventIntegrations", + "ListTagsForResource", + "TagResource", + "UntagResource", + "UpdateEventIntegration" + ], "appconfig": [ "CreateApplication", "CreateConfigurationProfile", @@ -268,21 +340,31 @@ "applicationinsights": [ "CreateApplication", "CreateComponent", + "CreateLogPattern", "DeleteApplication", "DeleteComponent", + "DeleteLogPattern", "DescribeApplication", "DescribeComponent", "DescribeComponentConfiguration", "DescribeComponentConfigurationRecommendation", + "DescribeLogPattern", "DescribeObservation", "DescribeProblem", "DescribeProblemObservations", "ListApplications", "ListComponents", + "ListConfigurationHistory", + "ListLogPatternSets", + "ListLogPatterns", "ListProblems", + "ListTagsForResource", + "TagResource", + "UntagResource", "UpdateApplication", "UpdateComponent", - "UpdateComponentConfiguration" + "UpdateComponentConfiguration", + "UpdateLogPattern" ], "appmesh": [ "CreateGatewayRoute", @@ -398,8 +480,6 @@ "DisassociateFleet", "EnableUser", "ExpireSession", - "GetImageBuilders", - "GetParametersForThemeAssetUpload", "ListAssociatedFleets", "ListAssociatedStacks", "ListTagsForResource", @@ -444,6 +524,7 @@ "ListResolversByFunction", "ListTagsForResource", "ListTypes", + "SetWebACL", "StartSchemaCreation", "TagResource", "UntagResource", @@ -454,6 +535,18 @@ "UpdateResolver", "UpdateType" ], + "aps": [ + "CreateWorkspace", + "DeleteWorkspace", + "DescribeWorkspace", + "GetLabels", + "GetMetricMetadata", + "GetSeries", + "ListWorkspaces", + "QueryMetrics", + "RemoteWrite", + "UpdateWorkspaceAlias" + ], "arsenal": [ "RegisterOnPremisesAgent" ], @@ -468,13 +561,16 @@ "BatchGetQueryExecution", "CreateDataCatalog", "CreateNamedQuery", + "CreatePreparedStatement", "CreateWorkGroup", "DeleteDataCatalog", "DeleteNamedQuery", + "DeletePreparedStatement", "DeleteWorkGroup", "GetDataCatalog", "GetDatabase", "GetNamedQuery", + "GetPreparedStatement", "GetQueryExecution", "GetQueryResults", "GetQueryResultsStream", @@ -482,7 +578,9 @@ "GetWorkGroup", "ListDataCatalogs", "ListDatabases", + "ListEngineVersions", "ListNamedQueries", + "ListPreparedStatements", "ListQueryExecutions", "ListTableMetadata", "ListTagsForResource", @@ -492,8 +590,62 @@ "TagResource", "UntagResource", "UpdateDataCatalog", + "UpdatePreparedStatement", "UpdateWorkGroup" ], + "auditmanager": [ + "AssociateAssessmentReportEvidenceFolder", + "BatchAssociateAssessmentReportEvidence", + "BatchCreateDelegationByAssessment", + "BatchDeleteDelegationByAssessment", + "BatchDisassociateAssessmentReportEvidence", + "BatchImportEvidenceToAssessmentControl", + "CreateAssessment", + "CreateAssessmentFramework", + "CreateAssessmentReport", + "CreateControl", + "DeleteAssessment", + "DeleteAssessmentFramework", + "DeleteAssessmentReport", + "DeleteControl", + "DeregisterAccount", + "DeregisterOrganizationAdminAccount", + "DisassociateAssessmentReportEvidenceFolder", + "GetAccountStatus", + "GetAssessment", + "GetAssessmentFramework", + "GetAssessmentReportUrl", + "GetChangeLogs", + "GetControl", + "GetDelegations", + "GetEvidence", + "GetEvidenceByEvidenceFolder", + "GetEvidenceFolder", + "GetEvidenceFoldersByAssessment", + "GetEvidenceFoldersByAssessmentControl", + "GetOrganizationAdminAccount", + "GetServicesInScope", + "GetSettings", + "ListAssessmentFrameworks", + "ListAssessmentReports", + "ListAssessments", + "ListControls", + "ListKeywordsForDataSource", + "ListNotifications", + "ListTagsForResource", + "RegisterAccount", + "RegisterOrganizationAdminAccount", + "TagResource", + "UntagResource", + "UpdateAssessment", + "UpdateAssessmentControl", + "UpdateAssessmentControlSetStatus", + "UpdateAssessmentFramework", + "UpdateAssessmentStatus", + "UpdateControl", + "UpdateSettings", + "ValidateAssessmentReportIntegrity" + ], "autoscaling": [ "AttachInstances", "AttachLoadBalancerTargetGroups", @@ -601,6 +753,7 @@ "ValidateConnectorId" ], "backup": [ + "CopyFromBackupVault", "CopyIntoBackupVault", "CreateBackupPlan", "CreateBackupSelection", @@ -614,10 +767,12 @@ "DescribeBackupJob", "DescribeBackupVault", "DescribeCopyJob", + "DescribeGlobalSettings", "DescribeProtectedResource", "DescribeRecoveryPoint", "DescribeRegionSettings", "DescribeRestoreJob", + "DisassociateRecoveryPoint", "ExportBackupPlanTemplate", "GetBackupPlan", "GetBackupPlanFromJSON", @@ -648,6 +803,7 @@ "TagResource", "UntagResource", "UpdateBackupPlan", + "UpdateGlobalSettings", "UpdateRecoveryPointLifecycle", "UpdateRegionSettings" ], @@ -666,9 +822,12 @@ "DescribeJobQueues", "DescribeJobs", "ListJobs", + "ListTagsForResource", "RegisterJobDefinition", "SubmitJob", + "TagResource", "TerminateJob", + "UntagResource", "UpdateComputeEnvironment", "UpdateJobQueue" ], @@ -677,11 +836,22 @@ "CreateQuantumTask", "GetDevice", "GetQuantumTask", + "ListTagsForResource", "SearchDevices", - "SearchQuantumTasks" + "SearchQuantumTasks", + "TagResource", + "UntagResource" ], "budgets": [ + "CreateBudgetAction", + "DeleteBudgetAction", + "DescribeBudgetAction", + "DescribeBudgetActionHistories", + "DescribeBudgetActionsForAccount", + "DescribeBudgetActionsForBudget", + "ExecuteBudgetAction", "ModifyBudget", + "UpdateBudgetAction", "ViewBudget" ], "cassandra": [ @@ -695,13 +865,28 @@ "UntagResource" ], "ce": [ + "CreateAnomalyMonitor", + "CreateAnomalySubscription", "CreateCostCategoryDefinition", + "CreateNotificationSubscription", + "CreateReport", + "DeleteAnomalyMonitor", + "DeleteAnomalySubscription", "DeleteCostCategoryDefinition", + "DeleteNotificationSubscription", + "DeleteReport", "DescribeCostCategoryDefinition", + "DescribeNotificationSubscription", + "DescribeReport", + "GetAnomalies", + "GetAnomalyMonitors", + "GetAnomalySubscriptions", "GetCostAndUsage", "GetCostAndUsageWithResources", + "GetCostCategories", "GetCostForecast", "GetDimensionValues", + "GetPreferences", "GetReservationCoverage", "GetReservationPurchaseRecommendation", "GetReservationUtilization", @@ -713,7 +898,13 @@ "GetTags", "GetUsageForecast", "ListCostCategoryDefinitions", - "UpdateCostCategoryDefinition" + "ProvideAnomalyFeedback", + "UpdateAnomalyMonitor", + "UpdateAnomalySubscription", + "UpdateCostCategoryDefinition", + "UpdateNotificationSubscription", + "UpdatePreferences", + "UpdateReport" ], "chatbot": [ "CreateChimeWebhookConfiguration", @@ -746,27 +937,48 @@ "BatchUnsuspendUser", "BatchUpdatePhoneNumber", "BatchUpdateUser", + "Connect", "ConnectDirectory", "CreateAccount", "CreateApiKey", + "CreateAppInstance", + "CreateAppInstanceAdmin", + "CreateAppInstanceUser", "CreateAttendee", "CreateBot", "CreateBotMembership", "CreateCDRBucket", + "CreateChannel", + "CreateChannelBan", + "CreateChannelMembership", + "CreateChannelModerator", "CreateMeeting", + "CreateMeetingDialOut", "CreateMeetingWithAttendees", "CreatePhoneNumberOrder", "CreateProxySession", "CreateRoom", "CreateRoomMembership", + "CreateSipMediaApplication", + "CreateSipMediaApplicationCall", + "CreateSipRule", "CreateUser", "CreateVoiceConnector", "CreateVoiceConnectorGroup", "DeleteAccount", "DeleteAccountOpenIdConfig", "DeleteApiKey", + "DeleteAppInstance", + "DeleteAppInstanceAdmin", + "DeleteAppInstanceStreamingConfigurations", + "DeleteAppInstanceUser", "DeleteAttendee", "DeleteCDRBucket", + "DeleteChannel", + "DeleteChannelBan", + "DeleteChannelMembership", + "DeleteChannelMessage", + "DeleteChannelModerator", "DeleteDelegate", "DeleteDomain", "DeleteEventsConfiguration", @@ -776,6 +988,8 @@ "DeleteProxySession", "DeleteRoom", "DeleteRoomMembership", + "DeleteSipMediaApplication", + "DeleteSipRule", "DeleteVoiceConnector", "DeleteVoiceConnectorEmergencyCallingConfiguration", "DeleteVoiceConnectorGroup", @@ -784,6 +998,15 @@ "DeleteVoiceConnectorStreamingConfiguration", "DeleteVoiceConnectorTermination", "DeleteVoiceConnectorTerminationCredentials", + "DescribeAppInstance", + "DescribeAppInstanceAdmin", + "DescribeAppInstanceUser", + "DescribeChannel", + "DescribeChannelBan", + "DescribeChannelMembership", + "DescribeChannelMembershipForAppInstanceUser", + "DescribeChannelModeratedByAppInstanceUser", + "DescribeChannelModerator", "DisassociatePhoneNumberFromUser", "DisassociatePhoneNumbersFromVoiceConnector", "DisassociatePhoneNumbersFromVoiceConnectorGroup", @@ -793,20 +1016,27 @@ "GetAccountResource", "GetAccountSettings", "GetAccountWithOpenIdConfig", + "GetAppInstanceRetentionSettings", + "GetAppInstanceStreamingConfigurations", "GetAttendee", "GetBot", "GetCDRBucket", + "GetChannelMessage", "GetDomain", "GetEventsConfiguration", "GetGlobalSettings", "GetMeeting", "GetMeetingDetail", + "GetMessagingSessionEndpoint", "GetPhoneNumber", "GetPhoneNumberOrder", "GetPhoneNumberSettings", "GetProxySession", "GetRetentionSettings", "GetRoom", + "GetSipMediaApplication", + "GetSipMediaApplicationLoggingConfiguration", + "GetSipRule", "GetTelephonyLimits", "GetUser", "GetUserActivityReportData", @@ -827,11 +1057,21 @@ "ListAccountUsageReportData", "ListAccounts", "ListApiKeys", + "ListAppInstanceAdmins", + "ListAppInstanceUsers", + "ListAppInstances", "ListAttendeeTags", "ListAttendees", "ListBots", "ListCDRBucket", "ListCallingRegions", + "ListChannelBans", + "ListChannelMemberships", + "ListChannelMembershipsForAppInstanceUser", + "ListChannelMessages", + "ListChannelModerators", + "ListChannels", + "ListChannelsModeratedByAppInstanceUser", "ListDelegates", "ListDirectories", "ListDomains", @@ -845,14 +1085,19 @@ "ListProxySessions", "ListRoomMemberships", "ListRooms", + "ListSipMediaApplications", + "ListSipRules", "ListTagsForResource", "ListUsers", "ListVoiceConnectorGroups", "ListVoiceConnectorTerminationCredentials", "ListVoiceConnectors", "LogoutUser", + "PutAppInstanceRetentionSettings", + "PutAppInstanceStreamingConfigurations", "PutEventsConfiguration", "PutRetentionSettings", + "PutSipMediaApplicationLoggingConfiguration", "PutVoiceConnectorEmergencyCallingConfiguration", "PutVoiceConnectorLoggingConfiguration", "PutVoiceConnectorOrigination", @@ -860,6 +1105,7 @@ "PutVoiceConnectorStreamingConfiguration", "PutVoiceConnectorTermination", "PutVoiceConnectorTerminationCredentials", + "RedactChannelMessage", "RedactConversationMessage", "RedactRoomMessage", "RegenerateSecurityToken", @@ -870,6 +1116,7 @@ "RestorePhoneNumber", "RetrieveDataExports", "SearchAvailablePhoneNumbers", + "SendChannelMessage", "StartDataExport", "SubmitSupportRequest", "SuspendUsers", @@ -884,14 +1131,21 @@ "UpdateAccountOpenIdConfig", "UpdateAccountResource", "UpdateAccountSettings", + "UpdateAppInstance", + "UpdateAppInstanceUser", "UpdateBot", "UpdateCDRSettings", + "UpdateChannel", + "UpdateChannelMessage", + "UpdateChannelReadMarker", "UpdateGlobalSettings", "UpdatePhoneNumber", "UpdatePhoneNumberSettings", "UpdateProxySession", "UpdateRoom", "UpdateRoomMembership", + "UpdateSipMediaApplication", + "UpdateSipRule", "UpdateSupportedLicenses", "UpdateUser", "UpdateUserLicenses", @@ -1168,6 +1422,17 @@ "search", "suggest" ], + "cloudshell": [ + "CreateEnvironment", + "CreateSession", + "DeleteEnvironment", + "GetEnvironmentStatus", + "GetFileDownloadUrls", + "GetFileUploadUrls", + "PutCredentials", + "StartEnvironment", + "StopEnvironment" + ], "cloudtrail": [ "AddTags", "CreateTrail", @@ -1193,6 +1458,7 @@ "DeleteAnomalyDetector", "DeleteDashboards", "DeleteInsightRules", + "DeleteMetricStream", "DescribeAlarmHistory", "DescribeAlarms", "DescribeAlarmsForMetric", @@ -1206,16 +1472,22 @@ "GetInsightRuleReport", "GetMetricData", "GetMetricStatistics", + "GetMetricStream", "GetMetricWidgetImage", "ListDashboards", + "ListMetricStreams", "ListMetrics", "ListTagsForResource", "PutAnomalyDetector", + "PutCompositeAlarm", "PutDashboard", "PutInsightRule", "PutMetricAlarm", "PutMetricData", + "PutMetricStream", "SetAlarmState", + "StartMetricStreams", + "StopMetricStreams", "TagResource", "UntagResource" ], @@ -1248,11 +1520,14 @@ "ListPackages", "ListRepositories", "ListRepositoriesInDomain", + "ListTagsForResource", "PublishPackageVersion", "PutDomainPermissionsPolicy", "PutPackageMetadata", "PutRepositoryPermissionsPolicy", "ReadFromRepository", + "TagResource", + "UntagResource", "UpdatePackageVersionsStatus", "UpdateRepository" ], @@ -1479,6 +1754,7 @@ ], "codeguru-reviewer": [ "AssociateRepository", + "CreateCodeReview", "CreateConnectionToken", "DescribeCodeReview", "DescribeRecommendationFeedback", @@ -1489,8 +1765,11 @@ "ListRecommendationFeedback", "ListRecommendations", "ListRepositoryAssociations", + "ListTagsForResource", "ListThirdPartyRepositories", - "PutRecommendationFeedback" + "PutRecommendationFeedback", + "TagResource", + "UnTagResource" ], "codepipeline": [ "AcknowledgeJob", @@ -1556,18 +1835,25 @@ ], "codestar-connections": [ "CreateConnection", + "CreateHost", "DeleteConnection", + "DeleteHost", "GetConnection", + "GetHost", "GetIndividualAccessToken", "GetInstallationUrl", "ListConnections", + "ListHosts", "ListInstallationTargets", "ListTagsForResource", "PassConnection", + "RegisterAppCode", + "StartAppRegistrationHandshake", "StartOAuthHandshake", "TagResource", "UntagResource", "UpdateConnectionInstallation", + "UpdateHost", "UseConnection" ], "codestar-notifications": [ @@ -1596,12 +1882,14 @@ "GetIdentityPoolRoles", "GetOpenIdToken", "GetOpenIdTokenForDeveloperIdentity", + "GetPrincipalTagAttributeMap", "ListIdentities", "ListIdentityPools", "ListTagsForResource", "LookupDeveloperIdentity", "MergeDeveloperIdentities", "SetIdentityPoolRoles", + "SetPrincipalTagAttributeMap", "TagResource", "UnlinkDeveloperIdentity", "UnlinkIdentity", @@ -1738,6 +2026,7 @@ "BatchDetectSentiment", "BatchDetectSyntax", "ClassifyDocument", + "ContainsPiiEntities", "CreateDocumentClassifier", "CreateEndpoint", "CreateEntityRecognizer", @@ -1750,12 +2039,15 @@ "DescribeEndpoint", "DescribeEntitiesDetectionJob", "DescribeEntityRecognizer", + "DescribeEventsDetectionJob", "DescribeKeyPhrasesDetectionJob", + "DescribePiiEntitiesDetectionJob", "DescribeSentimentDetectionJob", "DescribeTopicsDetectionJob", "DetectDominantLanguage", "DetectEntities", "DetectKeyPhrases", + "DetectPiiEntities", "DetectSentiment", "DetectSyntax", "ListDocumentClassificationJobs", @@ -1764,19 +2056,25 @@ "ListEndpoints", "ListEntitiesDetectionJobs", "ListEntityRecognizers", + "ListEventsDetectionJobs", "ListKeyPhrasesDetectionJobs", + "ListPiiEntitiesDetectionJobs", "ListSentimentDetectionJobs", "ListTagsForResource", "ListTopicsDetectionJobs", "StartDocumentClassificationJob", "StartDominantLanguageDetectionJob", "StartEntitiesDetectionJob", + "StartEventsDetectionJob", "StartKeyPhrasesDetectionJob", + "StartPiiEntitiesDetectionJob", "StartSentimentDetectionJob", "StartTopicsDetectionJob", "StopDominantLanguageDetectionJob", "StopEntitiesDetectionJob", + "StopEventsDetectionJob", "StopKeyPhrasesDetectionJob", + "StopPiiEntitiesDetectionJob", "StopSentimentDetectionJob", "StopTrainingDocumentClassifier", "StopTrainingEntityRecognizer", @@ -1785,17 +2083,37 @@ "UpdateEndpoint" ], "comprehendmedical": [ - "DetectEntities", - "DetectPHI" + "DescribeEntitiesDetectionV2Job", + "DescribeICD10CMInferenceJob", + "DescribePHIDetectionJob", + "DescribeRxNormInferenceJob", + "DetectEntitiesV2", + "DetectPHI", + "InferICD10CM", + "InferRxNorm", + "ListEntitiesDetectionV2Jobs", + "ListICD10CMInferenceJobs", + "ListPHIDetectionJobs", + "ListRxNormInferenceJobs", + "StartEntitiesDetectionV2Job", + "StartICD10CMInferenceJob", + "StartPHIDetectionJob", + "StartRxNormInferenceJob", + "StopEntitiesDetectionV2Job", + "StopICD10CMInferenceJob", + "StopPHIDetectionJob", + "StopRxNormInferenceJob" ], "compute-optimizer": [ "DescribeRecommendationExportJobs", "ExportAutoScalingGroupRecommendations", "ExportEC2InstanceRecommendations", "GetAutoScalingGroupRecommendations", + "GetEBSVolumeRecommendations", "GetEC2InstanceRecommendations", "GetEC2RecommendationProjectedMetrics", "GetEnrollmentStatus", + "GetLambdaFunctionRecommendations", "GetRecommendationSummaries", "UpdateEnrollmentStatus" ], @@ -1814,9 +2132,12 @@ "DeletePendingAggregationRequest", "DeleteRemediationConfiguration", "DeleteRemediationExceptions", + "DeleteResourceConfig", "DeleteRetentionConfiguration", + "DeleteStoredQuery", "DeliverConfigSnapshot", "DescribeAggregateComplianceByConfigRules", + "DescribeAggregateComplianceByConformancePacks", "DescribeAggregationAuthorizations", "DescribeComplianceByConfigRule", "DescribeComplianceByResource", @@ -1842,6 +2163,7 @@ "DescribeRetentionConfigurations", "GetAggregateComplianceDetailsByConfigRule", "GetAggregateConfigRuleComplianceSummary", + "GetAggregateConformancePackComplianceSummary", "GetAggregateDiscoveredResourceCounts", "GetAggregateResourceConfig", "GetComplianceDetailsByConfigRule", @@ -1854,8 +2176,10 @@ "GetOrganizationConfigRuleDetailedStatus", "GetOrganizationConformancePackDetailedStatus", "GetResourceConfigHistory", + "GetStoredQuery", "ListAggregateDiscoveredResources", "ListDiscoveredResources", + "ListStoredQueries", "ListTagsForResource", "PutAggregationAuthorization", "PutConfigRule", @@ -1864,11 +2188,14 @@ "PutConformancePack", "PutDeliveryChannel", "PutEvaluations", + "PutExternalEvaluation", "PutOrganizationConfigRule", "PutOrganizationConformancePack", "PutRemediationConfigurations", "PutRemediationExceptions", + "PutResourceConfig", "PutRetentionConfiguration", + "PutStoredQuery", "SelectAggregateResourceConfig", "SelectResourceConfig", "StartConfigRulesEvaluation", @@ -1879,41 +2206,96 @@ "UntagResource" ], "connect": [ + "AssociateApprovedOrigin", + "AssociateInstanceStorageConfig", + "AssociateLambdaFunction", + "AssociateLexBot", + "AssociateQueueQuickConnects", + "AssociateRoutingProfileQueues", + "AssociateSecurityKey", + "CreateContactFlow", "CreateInstance", + "CreateQueue", + "CreateQuickConnect", + "CreateRoutingProfile", "CreateUser", + "CreateUserHierarchyGroup", + "DeleteInstance", + "DeleteQuickConnect", "DeleteUser", + "DeleteUserHierarchyGroup", + "DescribeContactFlow", + "DescribeHoursOfOperation", "DescribeInstance", + "DescribeInstanceAttribute", + "DescribeInstanceStorageConfig", + "DescribeQueue", + "DescribeQuickConnect", + "DescribeRoutingProfile", "DescribeUser", "DescribeUserHierarchyGroup", "DescribeUserHierarchyStructure", - "DestroyInstance", + "DisassociateApprovedOrigin", + "DisassociateInstanceStorageConfig", + "DisassociateLambdaFunction", + "DisassociateLexBot", + "DisassociateQueueQuickConnects", + "DisassociateRoutingProfileQueues", + "DisassociateSecurityKey", "GetContactAttributes", "GetCurrentMetricData", "GetFederationToken", "GetFederationTokens", "GetMetricData", + "ListApprovedOrigins", "ListContactFlows", "ListHoursOfOperations", + "ListInstanceAttributes", + "ListInstanceStorageConfigs", "ListInstances", + "ListLambdaFunctions", + "ListLexBots", "ListPhoneNumbers", + "ListPrompts", + "ListQueueQuickConnects", "ListQueues", + "ListQuickConnects", + "ListRoutingProfileQueues", "ListRoutingProfiles", + "ListSecurityKeys", "ListSecurityProfiles", "ListTagsForResource", "ListUserHierarchyGroups", "ListUsers", - "ModifyInstance", "ResumeContactRecording", "StartChatContact", "StartContactRecording", "StartOutboundVoiceContact", + "StartTaskContact", "StopContact", "StopContactRecording", "SuspendContactRecording", "TagResource", "UntagResource", "UpdateContactAttributes", + "UpdateContactFlowContent", + "UpdateContactFlowName", + "UpdateInstanceAttribute", + "UpdateInstanceStorageConfig", + "UpdateQueueHoursOfOperation", + "UpdateQueueMaxContacts", + "UpdateQueueName", + "UpdateQueueOutboundCallerConfig", + "UpdateQueueStatus", + "UpdateQuickConnectConfig", + "UpdateQuickConnectName", + "UpdateRoutingProfileConcurrency", + "UpdateRoutingProfileDefaultOutboundQueue", + "UpdateRoutingProfileName", + "UpdateRoutingProfileQueues", "UpdateUserHierarchy", + "UpdateUserHierarchyGroupName", + "UpdateUserHierarchyStructure", "UpdateUserIdentityInfo", "UpdateUserPhoneConfig", "UpdateUserRoutingProfile", @@ -1925,6 +2307,47 @@ "ModifyReportDefinition", "PutReportDefinition" ], + "databrew": [ + "BatchDeleteRecipeVersion", + "CreateDataset", + "CreateProfileJob", + "CreateProject", + "CreateRecipe", + "CreateRecipeJob", + "CreateSchedule", + "DeleteDataset", + "DeleteJob", + "DeleteProject", + "DeleteRecipeVersion", + "DeleteSchedule", + "DescribeDataset", + "DescribeJob", + "DescribeJobRun", + "DescribeProject", + "DescribeRecipe", + "DescribeSchedule", + "ListDatasets", + "ListJobRuns", + "ListJobs", + "ListProjects", + "ListRecipeVersions", + "ListRecipes", + "ListSchedules", + "ListTagsForResource", + "PublishRecipe", + "SendProjectSessionAction", + "StartJobRun", + "StartProjectSession", + "StopJobRun", + "TagResource", + "UntagResource", + "UpdateDataset", + "UpdateProfileJob", + "UpdateProject", + "UpdateRecipe", + "UpdateRecipeJob", + "UpdateSchedule" + ], "dataexchange": [ "CancelJob", "CreateAsset", @@ -1979,6 +2402,7 @@ "CreateLocationEfs", "CreateLocationFsxWindows", "CreateLocationNfs", + "CreateLocationObjectStorage", "CreateLocationS3", "CreateLocationSmb", "CreateTask", @@ -1989,6 +2413,7 @@ "DescribeLocationEfs", "DescribeLocationFsxWindows", "DescribeLocationNfs", + "DescribeLocationObjectStorage", "DescribeLocationS3", "DescribeLocationSmb", "DescribeTask", @@ -2002,7 +2427,8 @@ "TagResource", "UntagResource", "UpdateAgent", - "UpdateTask" + "UpdateTask", + "UpdateTaskExecution" ], "dax": [ "BatchGetItem", @@ -2136,9 +2562,12 @@ "ListGraphs", "ListInvitations", "ListMembers", + "ListTagsForResource", "RejectInvitation", "SearchGraph", - "StartMonitoringMember" + "StartMonitoringMember", + "TagResource", + "UntagResource" ], "devicefarm": [ "CreateDevicePool", @@ -2219,6 +2648,26 @@ "UpdateUpload", "UpdateVPCEConfiguration" ], + "devops-guru": [ + "AddNotificationChannel", + "DescribeAccountHealth", + "DescribeAccountOverview", + "DescribeAnomaly", + "DescribeInsight", + "DescribeResourceCollectionHealth", + "DescribeServiceIntegration", + "GetResourceCollection", + "ListAnomaliesForInsight", + "ListEvents", + "ListInsights", + "ListNotificationChannels", + "ListRecommendations", + "PutFeedback", + "RemoveNotificationChannel", + "SearchInsights", + "UpdateResourceCollection", + "UpdateServiceIntegration" + ], "directconnect": [ "AcceptDirectConnectGatewayAssociationProposal", "AllocateConnectionOnInterconnect", @@ -2317,6 +2766,7 @@ "dms": [ "AddTagsToResource", "ApplyPendingMaintenanceAction", + "CancelReplicationTaskAssessmentRun", "CreateEndpoint", "CreateEventSubscription", "CreateReplicationInstance", @@ -2328,7 +2778,9 @@ "DeleteReplicationInstance", "DeleteReplicationSubnetGroup", "DeleteReplicationTask", + "DeleteReplicationTaskAssessmentRun", "DescribeAccountAttributes", + "DescribeApplicableIndividualAssessments", "DescribeCertificates", "DescribeConnections", "DescribeEndpointTypes", @@ -2342,6 +2794,8 @@ "DescribeReplicationInstances", "DescribeReplicationSubnetGroups", "DescribeReplicationTaskAssessmentResults", + "DescribeReplicationTaskAssessmentRuns", + "DescribeReplicationTaskIndividualAssessments", "DescribeReplicationTasks", "DescribeSchemas", "DescribeTableStatistics", @@ -2358,6 +2812,7 @@ "RemoveTagsFromResource", "StartReplicationTask", "StartReplicationTaskAssessment", + "StartReplicationTaskAssessmentRun", "StopReplicationTask", "TestConnection" ], @@ -2441,8 +2896,10 @@ "DescribeBackup", "DescribeContinuousBackups", "DescribeContributorInsights", + "DescribeExport", "DescribeGlobalTable", "DescribeGlobalTableSettings", + "DescribeKinesisStreamingDestination", "DescribeLimits", "DescribeReservedCapacity", "DescribeReservedCapacityOfferings", @@ -2450,15 +2907,23 @@ "DescribeTable", "DescribeTableReplicaAutoScaling", "DescribeTimeToLive", + "DisableKinesisStreamingDestination", + "EnableKinesisStreamingDestination", + "ExportTableToPointInTime", "GetItem", "GetRecords", "GetShardIterator", "ListBackups", "ListContributorInsights", + "ListExports", "ListGlobalTables", "ListStreams", "ListTables", "ListTagsOfResource", + "PartiQLDelete", + "PartiQLInsert", + "PartiQLSelect", + "PartiQLUpdate", "PurchaseReservedCapacityOfferings", "PutItem", "Query", @@ -2477,12 +2942,16 @@ "UpdateTimeToLive" ], "ebs": [ + "CompleteSnapshot", "GetSnapshotBlock", "ListChangedBlocks", - "ListSnapshotBlocks" + "ListSnapshotBlocks", + "PutSnapshotBlock", + "StartSnapshot" ], "ec2": [ "AcceptReservedInstancesExchangeQuote", + "AcceptTransitGatewayMulticastDomainAssociations", "AcceptTransitGatewayPeeringAttachment", "AcceptTransitGatewayVpcAttachment", "AcceptVpcEndpointConnections", @@ -2496,6 +2965,7 @@ "AssociateAddress", "AssociateClientVpnTargetNetwork", "AssociateDhcpOptions", + "AssociateEnclaveCertificateIamRole", "AssociateIamInstanceProfile", "AssociateRouteTable", "AssociateSubnetCidrBlock", @@ -2547,6 +3017,7 @@ "CreateNatGateway", "CreateNetworkAcl", "CreateNetworkAclEntry", + "CreateNetworkInsightsPath", "CreateNetworkInterface", "CreateNetworkInterfacePermission", "CreatePlacementGroup", @@ -2564,6 +3035,8 @@ "CreateTrafficMirrorSession", "CreateTrafficMirrorTarget", "CreateTransitGateway", + "CreateTransitGatewayConnect", + "CreateTransitGatewayConnectPeer", "CreateTransitGatewayMulticastDomain", "CreateTransitGatewayPeeringAttachment", "CreateTransitGatewayPrefixListReference", @@ -2598,9 +3071,12 @@ "DeleteNatGateway", "DeleteNetworkAcl", "DeleteNetworkAclEntry", + "DeleteNetworkInsightsAnalysis", + "DeleteNetworkInsightsPath", "DeleteNetworkInterface", "DeleteNetworkInterfacePermission", "DeletePlacementGroup", + "DeleteQueuedReservedInstances", "DeleteRoute", "DeleteRouteTable", "DeleteSecurityGroup", @@ -2613,6 +3089,8 @@ "DeleteTrafficMirrorSession", "DeleteTrafficMirrorTarget", "DeleteTransitGateway", + "DeleteTransitGatewayConnect", + "DeleteTransitGatewayConnectPeer", "DeleteTransitGatewayMulticastDomain", "DeleteTransitGatewayPeeringAttachment", "DeleteTransitGatewayPrefixListReference", @@ -2635,6 +3113,7 @@ "DeregisterTransitGatewayMulticastGroupSources", "DescribeAccountAttributes", "DescribeAddresses", + "DescribeAddressesAttribute", "DescribeAggregateIdFormat", "DescribeAvailabilityZones", "DescribeBundleTasks", @@ -2680,6 +3159,7 @@ "DescribeInstanceTypes", "DescribeInstances", "DescribeInternetGateways", + "DescribeIpv6Pools", "DescribeKeyPairs", "DescribeLaunchTemplateVersions", "DescribeLaunchTemplates", @@ -2693,6 +3173,8 @@ "DescribeMovingAddresses", "DescribeNatGateways", "DescribeNetworkAcls", + "DescribeNetworkInsightsAnalyses", + "DescribeNetworkInsightsPaths", "DescribeNetworkInterfaceAttribute", "DescribeNetworkInterfacePermissions", "DescribeNetworkInterfaces", @@ -2725,6 +3207,8 @@ "DescribeTrafficMirrorSessions", "DescribeTrafficMirrorTargets", "DescribeTransitGatewayAttachments", + "DescribeTransitGatewayConnectPeers", + "DescribeTransitGatewayConnects", "DescribeTransitGatewayMulticastDomains", "DescribeTransitGatewayPeeringAttachments", "DescribeTransitGatewayRouteTables", @@ -2760,6 +3244,7 @@ "DisableVpcClassicLinkDnsSupport", "DisassociateAddress", "DisassociateClientVpnTargetNetwork", + "DisassociateEnclaveCertificateIamRole", "DisassociateIamInstanceProfile", "DisassociateRouteTable", "DisassociateSubnetCidrBlock", @@ -2777,6 +3262,8 @@ "ExportClientVpnClientConfiguration", "ExportImage", "ExportTransitGatewayRoutes", + "GetAssociatedEnclaveCertificateIamRoles", + "GetAssociatedIpv6PoolCidrs", "GetCapacityReservationUsage", "GetCoipPoolUsage", "GetConsoleOutput", @@ -2784,6 +3271,7 @@ "GetDefaultCreditSpecification", "GetEbsDefaultKmsKeyId", "GetEbsEncryptionByDefault", + "GetGroupsForCapacityReservation", "GetHostReservationPurchasePreview", "GetLaunchTemplateData", "GetManagedPrefixListAssociations", @@ -2801,6 +3289,8 @@ "ImportKeyPair", "ImportSnapshot", "ImportVolume", + "ModifyAddressAttribute", + "ModifyAvailabilityZoneGroup", "ModifyCapacityReservation", "ModifyClientVpnEndpoint", "ModifyDefaultCreditSpecification", @@ -2840,6 +3330,7 @@ "ModifyVpcPeeringConnectionOptions", "ModifyVpcTenancy", "ModifyVpnConnection", + "ModifyVpnConnectionOptions", "ModifyVpnTunnelCertificate", "ModifyVpnTunnelOptions", "MonitorInstances", @@ -2853,6 +3344,7 @@ "RegisterInstanceEventNotificationAttributes", "RegisterTransitGatewayMulticastGroupMembers", "RegisterTransitGatewayMulticastGroupSources", + "RejectTransitGatewayMulticastDomainAssociations", "RejectTransitGatewayPeeringAttachment", "RejectTransitGatewayVpcAttachment", "RejectVpcEndpointConnections", @@ -2868,6 +3360,7 @@ "ReportInstanceStatus", "RequestSpotFleet", "RequestSpotInstances", + "ResetAddressAttribute", "ResetEbsDefaultKmsKeyId", "ResetFpgaImageAttribute", "ResetImageAttribute", @@ -2886,6 +3379,7 @@ "SearchTransitGatewayRoutes", "SendDiagnosticInterrupt", "StartInstances", + "StartNetworkInsightsAnalysis", "StartVpcEndpointServicePrivateDnsVerification", "StopInstances", "TerminateClientVpnConnections", @@ -2898,7 +3392,8 @@ "WithdrawByoipCidr" ], "ec2-instance-connect": [ - "SendSSHPublicKey" + "SendSSHPublicKey", + "SendSerialConsoleSSHPublicKey" ], "ec2messages": [ "AcknowledgeMessage", @@ -2915,15 +3410,18 @@ "CompleteLayerUpload", "CreateRepository", "DeleteLifecyclePolicy", + "DeleteRegistryPolicy", "DeleteRepository", "DeleteRepositoryPolicy", "DescribeImageScanFindings", "DescribeImages", + "DescribeRegistry", "DescribeRepositories", "GetAuthorizationToken", "GetDownloadUrlForLayer", "GetLifecyclePolicy", "GetLifecyclePolicyPreview", + "GetRegistryPolicy", "GetRepositoryPolicy", "InitiateLayerUpload", "ListImages", @@ -2932,6 +3430,9 @@ "PutImageScanningConfiguration", "PutImageTagMutability", "PutLifecyclePolicy", + "PutRegistryPolicy", + "PutReplicationConfiguration", + "ReplicateImage", "SetRepositoryPolicy", "StartImageScan", "StartLifecyclePolicyPreview", @@ -2939,6 +3440,31 @@ "UntagResource", "UploadLayerPart" ], + "ecr-public": [ + "BatchCheckLayerAvailability", + "BatchDeleteImage", + "CompleteLayerUpload", + "CreateRepository", + "DeleteRepository", + "DeleteRepositoryPolicy", + "DescribeImageTags", + "DescribeImages", + "DescribeRegistries", + "DescribeRepositories", + "GetAuthorizationToken", + "GetRegistryCatalogData", + "GetRepositoryCatalogData", + "GetRepositoryPolicy", + "InitiateLayerUpload", + "ListTagsForResource", + "PutImage", + "PutRegistryCatalogData", + "PutRepositoryCatalogData", + "SetRepositoryPolicy", + "TagResource", + "UntagResource", + "UploadLayerPart" + ], "ecs": [ "CreateCapacityProvider", "CreateCluster", @@ -2993,23 +3519,35 @@ "UpdateTaskSet" ], "eks": [ + "AccessKubernetesApi", + "AssociateEncryptionConfig", + "AssociateIdentityProviderConfig", + "CreateAddon", "CreateCluster", "CreateFargateProfile", "CreateNodegroup", + "DeleteAddon", "DeleteCluster", "DeleteFargateProfile", "DeleteNodegroup", + "DescribeAddon", + "DescribeAddonVersions", "DescribeCluster", "DescribeFargateProfile", + "DescribeIdentityProviderConfig", "DescribeNodegroup", "DescribeUpdate", + "DisassociateIdentityProviderConfig", + "ListAddons", "ListClusters", "ListFargateProfiles", + "ListIdentityProviderConfigs", "ListNodegroups", "ListTagsForResource", "ListUpdates", "TagResource", "UntagResource", + "UpdateAddon", "UpdateClusterConfig", "UpdateClusterVersion", "UpdateNodegroupConfig", @@ -3032,6 +3570,8 @@ "CreateGlobalReplicationGroup", "CreateReplicationGroup", "CreateSnapshot", + "CreateUser", + "CreateUserGroup", "DecreaseNodeGroupsInGlobalReplicationGroup", "DecreaseReplicaCount", "DeleteCacheCluster", @@ -3041,6 +3581,8 @@ "DeleteGlobalReplicationGroup", "DeleteReplicationGroup", "DeleteSnapshot", + "DeleteUser", + "DeleteUserGroup", "DescribeCacheClusters", "DescribeCacheEngineVersions", "DescribeCacheParameterGroups", @@ -3056,6 +3598,8 @@ "DescribeServiceUpdates", "DescribeSnapshots", "DescribeUpdateActions", + "DescribeUserGroups", + "DescribeUsers", "DisassociateGlobalReplicationGroup", "FailoverGlobalReplicationGroup", "IncreaseNodeGroupsInGlobalReplicationGroup", @@ -3068,6 +3612,8 @@ "ModifyGlobalReplicationGroup", "ModifyReplicationGroup", "ModifyReplicationGroupShardConfiguration", + "ModifyUser", + "ModifyUserGroup", "PurchaseReservedCacheNodesOffering", "RebalanceSlotsInGlobalReplicationGroup", "RebootCacheCluster", @@ -3252,10 +3798,14 @@ "UpdatePipelineStatus" ], "elemental-activations": [ + "CompleteAccountRegistration", + "CompleteFileUpload", "DownloadSoftware", "GenerateLicenses", "GetActivation", "ListTagsForResource", + "StartAccountRegistration", + "StartFileUpload", "TagResource", "UntagResource" ], @@ -3268,6 +3818,29 @@ "UntagResource", "UpdateQuote" ], + "elemental-support-cases": [ + "CheckCasePermission", + "CreateCase", + "GetCase", + "GetCases", + "UpdateCase" + ], + "elemental-support-content": [ + "Query" + ], + "emr-containers": [ + "CancelJobRun", + "CreateVirtualCluster", + "DeleteVirtualCluster", + "DescribeJobRun", + "DescribeVirtualCluster", + "ListJobRuns", + "ListTagsForResource", + "ListVirtualClusters", + "StartJobRun", + "TagResource", + "UntagResource" + ], "es": [ "AcceptInboundCrossClusterSearchConnection", "AddTags", @@ -3309,22 +3882,39 @@ ], "events": [ "ActivateEventSource", + "CancelReplay", + "CreateApiDestination", + "CreateArchive", + "CreateConnection", "CreateEventBus", "CreatePartnerEventSource", "DeactivateEventSource", + "DeauthorizeConnection", + "DeleteApiDestination", + "DeleteArchive", + "DeleteConnection", "DeleteEventBus", "DeletePartnerEventSource", "DeleteRule", + "DescribeApiDestination", + "DescribeArchive", + "DescribeConnection", "DescribeEventBus", "DescribeEventSource", "DescribePartnerEventSource", + "DescribeReplay", "DescribeRule", "DisableRule", "EnableRule", + "InvokeApiDestination", + "ListApiDestinations", + "ListArchives", + "ListConnections", "ListEventBuses", "ListEventSources", "ListPartnerEventSourceAccounts", "ListPartnerEventSources", + "ListReplays", "ListRuleNamesByTarget", "ListRules", "ListTagsForResource", @@ -3336,9 +3926,13 @@ "PutTargets", "RemovePermission", "RemoveTargets", + "StartReplay", "TagResource", "TestEventPattern", - "UntagResource" + "UntagResource", + "UpdateApiDestination", + "UpdateArchive", + "UpdateConnection" ], "execute-api": [ "InvalidateCache", @@ -3359,6 +3953,25 @@ "UntagDeliveryStream", "UpdateDestination" ], + "fis": [ + "CreateExperimentTemplate", + "DeleteExperimentTemplate", + "GetAction", + "GetExperiment", + "GetExperimentTemplate", + "InjectApiInternalError", + "InjectApiThrottleError", + "InjectApiUnavailableError", + "ListActions", + "ListExperimentTemplates", + "ListExperiments", + "ListTagsForResource", + "StartExperiment", + "StopExperiment", + "TagResource", + "UntagResource", + "UpdateExperimentTemplate" + ], "fms": [ "AssociateAdminAccount", "DeleteAppsList", @@ -3373,6 +3986,7 @@ "GetPolicy", "GetProtectionStatus", "GetProtocolsList", + "GetViolationDetails", "ListAppsLists", "ListComplianceStatus", "ListMemberAccounts", @@ -3393,27 +4007,32 @@ "CreateForecast", "CreateForecastExportJob", "CreatePredictor", + "CreatePredictorBacktestExportJob", "DeleteDataset", "DeleteDatasetGroup", "DeleteDatasetImportJob", "DeleteForecast", "DeleteForecastExportJob", "DeletePredictor", + "DeletePredictorBacktestExportJob", "DescribeDataset", "DescribeDatasetGroup", "DescribeDatasetImportJob", "DescribeForecast", "DescribeForecastExportJob", "DescribePredictor", + "DescribePredictorBacktestExportJob", "GetAccuracyMetrics", "ListDatasetGroups", "ListDatasetImportJobs", "ListDatasets", "ListForecastExportJobs", "ListForecasts", + "ListPredictorBacktestExportJobs", "ListPredictors", "ListTagsForResource", "QueryForecast", + "StopResource", "TagResource", "UntagResource", "UpdateDatasetGroup" @@ -3421,17 +4040,29 @@ "frauddetector": [ "BatchCreateVariable", "BatchGetVariable", + "CancelBatchPredictionJob", + "CreateBatchPredictionJob", "CreateDetectorVersion", "CreateModel", "CreateModelVersion", "CreateRule", "CreateVariable", + "DeleteBatchPredictionJob", "DeleteDetector", "DeleteDetectorVersion", + "DeleteEntityType", "DeleteEvent", + "DeleteEventType", + "DeleteExternalModel", + "DeleteLabel", + "DeleteModel", + "DeleteModelVersion", + "DeleteOutcome", "DeleteRule", + "DeleteVariable", "DescribeDetector", "DescribeModelVersions", + "GetBatchPredictionJobs", "GetDetectorVersion", "GetDetectors", "GetEntityTypes", @@ -3479,6 +4110,8 @@ "UpdateSoftwareConfiguration" ], "fsx": [ + "AssociateFileGateway", + "AssociateFileSystemAliases", "CancelDataRepositoryTask", "CreateBackup", "CreateDataRepositoryTask", @@ -3486,9 +4119,13 @@ "CreateFileSystemFromBackup", "DeleteBackup", "DeleteFileSystem", + "DescribeAssociatedFileGateways", "DescribeBackups", "DescribeDataRepositoryTasks", + "DescribeFileSystemAliases", "DescribeFileSystems", + "DisassociateFileGateway", + "DisassociateFileSystemAliases", "ListTagsForResource", "TagResource", "UntagResource", @@ -3500,6 +4137,7 @@ "CreateAlias", "CreateBuild", "CreateFleet", + "CreateFleetLocations", "CreateGameServerGroup", "CreateGameSession", "CreateGameSessionQueue", @@ -3513,6 +4151,7 @@ "DeleteAlias", "DeleteBuild", "DeleteFleet", + "DeleteFleetLocations", "DeleteGameServerGroup", "DeleteGameSessionQueue", "DeleteMatchmakingConfiguration", @@ -3528,6 +4167,9 @@ "DescribeFleetAttributes", "DescribeFleetCapacity", "DescribeFleetEvents", + "DescribeFleetLocationAttributes", + "DescribeFleetLocationCapacity", + "DescribeFleetLocationUtilization", "DescribeFleetPortSettings", "DescribeFleetUtilization", "DescribeGameServer", @@ -3586,6 +4228,46 @@ "UpdateScript", "ValidateMatchmakingRuleSet" ], + "geo": [ + "AssociateTrackerConsumer", + "BatchDeleteGeofence", + "BatchEvaluateGeofences", + "BatchGetDevicePosition", + "BatchPutGeofence", + "BatchUpdateDevicePosition", + "CreateGeofenceCollection", + "CreateMap", + "CreatePlaceIndex", + "CreateTracker", + "DeleteGeofenceCollection", + "DeleteMap", + "DeletePlaceIndex", + "DeleteTracker", + "DescribeGeofenceCollection", + "DescribeMap", + "DescribePlaceIndex", + "DescribeTracker", + "DisassociateTrackerConsumer", + "GetDevicePosition", + "GetDevicePositionHistory", + "GetGeofence", + "GetMapGlyphs", + "GetMapSprites", + "GetMapStyleDescriptor", + "GetMapTile", + "GetMapTileJson", + "ListGeofenceCollections", + "ListGeofences", + "ListMaps", + "ListPlaceIndexes", + "ListTrackerConsumers", + "ListTrackers", + "PutGeofence", + "SearchPlaceIndexForPosition", + "SearchPlaceIndexForText", + "UpdateGeofenceCollection", + "UpdateTracker" + ], "glacier": [ "AbortMultipartUpload", "AbortVaultLock", @@ -3622,28 +4304,50 @@ "UploadMultipartPart" ], "globalaccelerator": [ + "AddCustomRoutingEndpoints", "AdvertiseByoipCidr", + "AllowCustomRoutingTraffic", "CreateAccelerator", + "CreateCustomRoutingAccelerator", + "CreateCustomRoutingEndpointGroup", + "CreateCustomRoutingListener", "CreateEndpointGroup", "CreateListener", "DeleteAccelerator", + "DeleteCustomRoutingAccelerator", + "DeleteCustomRoutingEndpointGroup", + "DeleteCustomRoutingListener", "DeleteEndpointGroup", "DeleteListener", + "DenyCustomRoutingTraffic", "DeprovisionByoipCidr", "DescribeAccelerator", "DescribeAcceleratorAttributes", + "DescribeCustomRoutingAccelerator", + "DescribeCustomRoutingAcceleratorAttributes", + "DescribeCustomRoutingEndpointGroup", + "DescribeCustomRoutingListener", "DescribeEndpointGroup", "DescribeListener", "ListAccelerators", "ListByoipCidrs", + "ListCustomRoutingAccelerators", + "ListCustomRoutingEndpointGroups", + "ListCustomRoutingListeners", + "ListCustomRoutingPortMappings", + "ListCustomRoutingPortMappingsByDestination", "ListEndpointGroups", "ListListeners", "ListTagsForResource", "ProvisionByoipCidr", + "RemoveCustomRoutingEndpoints", "TagResource", "UntagResource", "UpdateAccelerator", "UpdateAcceleratorAttributes", + "UpdateCustomRoutingAccelerator", + "UpdateCustomRoutingAcceleratorAttributes", + "UpdateCustomRoutingListener", "UpdateEndpointGroup", "UpdateListener", "WithdrawByoipCidr" @@ -3662,6 +4366,7 @@ "BatchGetWorkflows", "BatchStopJobRun", "CancelMLTaskRun", + "CheckSchemaVersionValidity", "CreateClassifier", "CreateConnection", "CreateCrawler", @@ -3670,6 +4375,8 @@ "CreateJob", "CreateMLTransform", "CreatePartition", + "CreateRegistry", + "CreateSchema", "CreateScript", "CreateSecurityConfiguration", "CreateTable", @@ -3684,7 +4391,10 @@ "DeleteJob", "DeleteMLTransform", "DeletePartition", + "DeleteRegistry", "DeleteResourcePolicy", + "DeleteSchema", + "DeleteSchemaVersions", "DeleteSecurityConfiguration", "DeleteTable", "DeleteTableVersion", @@ -3718,7 +4428,13 @@ "GetPartition", "GetPartitions", "GetPlan", + "GetRegistry", + "GetResourcePolicies", "GetResourcePolicy", + "GetSchema", + "GetSchemaByDefinition", + "GetSchemaVersion", + "GetSchemaVersionsDiff", "GetSecurityConfiguration", "GetSecurityConfigurations", "GetTable", @@ -3739,11 +4455,18 @@ "ListDevEndpoints", "ListJobs", "ListMLTransforms", + "ListRegistries", + "ListSchemaVersions", + "ListSchemas", "ListTriggers", "ListWorkflows", "PutDataCatalogEncryptionSettings", "PutResourcePolicy", + "PutSchemaVersionMetadata", "PutWorkflowRunProperties", + "QuerySchemaVersionMetadata", + "RegisterSchemaVersion", + "RemoveSchemaVersionMetadata", "ResetJobBookmark", "SearchTables", "StartCrawler", @@ -3769,12 +4492,23 @@ "UpdateJob", "UpdateMLTransform", "UpdatePartition", + "UpdateRegistry", + "UpdateSchema", "UpdateTable", "UpdateTrigger", "UpdateUserDefinedFunction", "UpdateWorkflow", "UseMLTransforms" ], + "grafana": [ + "CreateWorkspace", + "DeleteWorkspace", + "DescribeWorkspace", + "ListPermissions", + "ListWorkspaces", + "UpdatePermissions", + "UpdateWorkspace" + ], "greengrass": [ "AssociateRoleToGroup", "AssociateServiceRoleToAccount", @@ -3831,6 +4565,7 @@ "GetServiceRoleForAccount", "GetSubscriptionDefinition", "GetSubscriptionDefinitionVersion", + "GetThingRuntimeConfiguration", "ListBulkDeploymentDetailedReports", "ListBulkDeployments", "ListConnectorDefinitionVersions", @@ -3866,7 +4601,8 @@ "UpdateGroupCertificateConfiguration", "UpdateLoggerDefinition", "UpdateResourceDefinition", - "UpdateSubscriptionDefinition" + "UpdateSubscriptionDefinition", + "UpdateThingRuntimeConfiguration" ], "groundstation": [ "CancelContact", @@ -3938,6 +4674,7 @@ "ListDetectors", "ListFilters", "ListFindings", + "ListIPSets", "ListInvitations", "ListMembers", "ListOrganizationAdminAccounts", @@ -3972,12 +4709,41 @@ "DisableHealthServiceAccessForOrganization", "EnableHealthServiceAccessForOrganization" ], + "healthlake": [ + "CreateFHIRDatastore", + "CreateResource", + "DeleteFHIRDatastore", + "DeleteResource", + "DescribeFHIRDatastore", + "DescribeFHIRExportJob", + "DescribeFHIRImportJob", + "GetCapabilities", + "ListFHIRDatastores", + "ReadResource", + "SearchWithGet", + "SearchWithPost", + "StartFHIRExportJob", + "StartFHIRImportJob", + "UpdateResource" + ], "honeycode": [ "ApproveTeamAssociation", + "BatchCreateTableRows", + "BatchDeleteTableRows", + "BatchUpdateTableRows", + "BatchUpsertTableRows", + "CreateTenant", + "DescribeTableDataImportJob", "GetScreenData", "InvokeScreenAutomation", + "ListTableColumns", + "ListTableRows", + "ListTables", "ListTeamAssociations", - "RejectTeamAssociation" + "ListTenants", + "QueryTableRows", + "RejectTeamAssociation", + "StartTableDataImportJob" ], "iam": [ "AddClientIDToOpenIDConnectProvider", @@ -4066,18 +4832,24 @@ "ListGroupPolicies", "ListGroups", "ListGroupsForUser", + "ListInstanceProfileTags", "ListInstanceProfiles", "ListInstanceProfilesForRole", + "ListMFADeviceTags", "ListMFADevices", + "ListOpenIDConnectProviderTags", "ListOpenIDConnectProviders", "ListPolicies", "ListPoliciesGrantingServiceAccess", + "ListPolicyTags", "ListPolicyVersions", "ListRolePolicies", "ListRoleTags", "ListRoles", + "ListSAMLProviderTags", "ListSAMLProviders", "ListSSHPublicKeys", + "ListServerCertificateTags", "ListServerCertificates", "ListServiceSpecificCredentials", "ListSigningCertificates", @@ -4100,9 +4872,21 @@ "SetSecurityTokenServicePreferences", "SimulateCustomPolicy", "SimulatePrincipalPolicy", + "TagInstanceProfile", + "TagMFADevice", + "TagOpenIDConnectProvider", + "TagPolicy", "TagRole", + "TagSAMLProvider", + "TagServerCertificate", "TagUser", + "UntagInstanceProfile", + "UntagMFADevice", + "UntagOpenIDConnectProvider", + "UntagPolicy", "UntagRole", + "UntagSAMLProvider", + "UntagServerCertificate", "UntagUser", "UpdateAccessKey", "UpdateAccountPasswordPolicy", @@ -4131,12 +4915,14 @@ "imagebuilder": [ "CancelImageCreation", "CreateComponent", + "CreateContainerRecipe", "CreateDistributionConfiguration", "CreateImage", "CreateImagePipeline", "CreateImageRecipe", "CreateInfrastructureConfiguration", "DeleteComponent", + "DeleteContainerRecipe", "DeleteDistributionConfiguration", "DeleteImage", "DeleteImagePipeline", @@ -4144,6 +4930,8 @@ "DeleteInfrastructureConfiguration", "GetComponent", "GetComponentPolicy", + "GetContainerRecipe", + "GetContainerRecipePolicy", "GetDistributionConfiguration", "GetImage", "GetImagePipeline", @@ -4153,14 +4941,18 @@ "GetInfrastructureConfiguration", "ListComponentBuildVersions", "ListComponents", + "ListContainerRecipes", "ListDistributionConfigurations", "ListImageBuildVersions", + "ListImagePackages", + "ListImagePipelineImages", "ListImagePipelines", "ListImageRecipes", "ListImages", "ListInfrastructureConfigurations", "ListTagsForResource", "PutComponentPolicy", + "PutContainerRecipePolicy", "PutImagePolicy", "PutImageRecipePolicy", "StartImagePipelineExecution", @@ -4228,12 +5020,16 @@ "CancelJobExecution", "ClearDefaultAuthorizer", "CloseTunnel", + "ConfirmTopicRuleDestination", "Connect", + "CreateAuditSuppression", "CreateAuthorizer", "CreateBillingGroup", "CreateCertificateFromCsr", "CreateDimension", + "CreateDomainConfiguration", "CreateDynamicThingGroup", + "CreateFleetMetric", "CreateJob", "CreateKeysAndCertificate", "CreateMitigationAction", @@ -4251,13 +5047,17 @@ "CreateThingGroup", "CreateThingType", "CreateTopicRule", + "CreateTopicRuleDestination", "DeleteAccountAuditConfiguration", + "DeleteAuditSuppression", "DeleteAuthorizer", "DeleteBillingGroup", "DeleteCACertificate", "DeleteCertificate", "DeleteDimension", + "DeleteDomainConfiguration", "DeleteDynamicThingGroup", + "DeleteFleetMetric", "DeleteJob", "DeleteJobExecution", "DeleteMitigationAction", @@ -4276,10 +5076,13 @@ "DeleteThingShadow", "DeleteThingType", "DeleteTopicRule", + "DeleteTopicRuleDestination", "DeleteV2LoggingLevel", "DeprecateThingType", "DescribeAccountAuditConfiguration", + "DescribeAuditFinding", "DescribeAuditMitigationActionsTask", + "DescribeAuditSuppression", "DescribeAuditTask", "DescribeAuthorizer", "DescribeBillingGroup", @@ -4287,8 +5090,10 @@ "DescribeCertificate", "DescribeDefaultAuthorizer", "DescribeDimension", + "DescribeDomainConfiguration", "DescribeEndpoint", "DescribeEventConfigurations", + "DescribeFleetMetric", "DescribeIndex", "DescribeJob", "DescribeJobExecution", @@ -4310,6 +5115,7 @@ "DetachThingPrincipal", "DisableTopicRule", "EnableTopicRule", + "GetBucketsAggregation", "GetCardinality", "GetEffectivePolicies", "GetIndexingConfiguration", @@ -4324,12 +5130,14 @@ "GetStatistics", "GetThingShadow", "GetTopicRule", + "GetTopicRuleDestination", "GetV2LoggingOptions", "ListActiveViolations", "ListAttachedPolicies", "ListAuditFindings", "ListAuditMitigationActionsExecutions", "ListAuditMitigationActionsTasks", + "ListAuditSuppressions", "ListAuditTasks", "ListAuthorizers", "ListBillingGroups", @@ -4337,6 +5145,8 @@ "ListCertificates", "ListCertificatesByCA", "ListDimensions", + "ListDomainConfigurations", + "ListFleetMetrics", "ListIndices", "ListJobExecutionsForJob", "ListJobExecutionsForThing", @@ -4369,6 +5179,7 @@ "ListThings", "ListThingsInBillingGroup", "ListThingsInThingGroup", + "ListTopicRuleDestinations", "ListTopicRules", "ListTunnels", "ListV2LoggingLevels", @@ -4402,13 +5213,16 @@ "TransferCertificate", "UntagResource", "UpdateAccountAuditConfiguration", + "UpdateAuditSuppression", "UpdateAuthorizer", "UpdateBillingGroup", "UpdateCACertificate", "UpdateCertificate", "UpdateDimension", + "UpdateDomainConfiguration", "UpdateDynamicThingGroup", "UpdateEventConfigurations", + "UpdateFleetMetric", "UpdateIndexingConfiguration", "UpdateJob", "UpdateJobExecution", @@ -4422,6 +5236,7 @@ "UpdateThingGroup", "UpdateThingGroupsForThing", "UpdateThingShadow", + "UpdateTopicRuleDestination", "ValidateSecurityProfileBehaviors" ], "iot-device-tester": [ @@ -4494,17 +5309,44 @@ "UpdateDatastore", "UpdatePipeline" ], + "iotdeviceadvisor": [ + "CreateSuiteDefinition", + "DeleteSuiteDefinition", + "GetSuiteDefinition", + "GetSuiteRun", + "GetSuiteRunReport", + "ListSuiteDefinitions", + "ListSuiteRuns", + "ListTagsForResource", + "ListTestCases", + "StartSuiteRun", + "TagResource", + "UntagResource", + "UpdateSuiteDefinition" + ], "iotevents": [ + "BatchAcknowledgeAlarm", + "BatchDisableAlarm", + "BatchEnableAlarm", "BatchPutMessage", + "BatchResetAlarm", + "BatchSnoozeAlarm", "BatchUpdateDetector", + "CreateAlarmModel", "CreateDetectorModel", "CreateInput", + "DeleteAlarmModel", "DeleteDetectorModel", "DeleteInput", + "DescribeAlarm", + "DescribeAlarmModel", "DescribeDetector", "DescribeDetectorModel", "DescribeInput", "DescribeLoggingOptions", + "ListAlarmModelVersions", + "ListAlarmModels", + "ListAlarms", "ListDetectorModelVersions", "ListDetectorModels", "ListDetectors", @@ -4513,10 +5355,21 @@ "PutLoggingOptions", "TagResource", "UntagResource", + "UpdateAlarmModel", "UpdateDetectorModel", "UpdateInput", "UpdateInputRouting" ], + "iotfleethub": [ + "CreateApplication", + "DeleteApplication", + "DescribeApplication", + "ListApplications", + "ListTagsForResource", + "TagResource", + "UntagResource", + "UpdateApplication" + ], "iotsitewise": [ "AssociateAssets", "BatchAssociateProjectAssets", @@ -4552,6 +5405,7 @@ "GetAssetPropertyValueHistory", "ListAccessPolicies", "ListAssetModels", + "ListAssetRelationships", "ListAssets", "ListAssociatedAssets", "ListDashboards", @@ -4610,6 +5464,59 @@ "UpdateSystemTemplate", "UploadEntityDefinitions" ], + "iotwireless": [ + "AssociateAwsAccountWithPartnerAccount", + "AssociateWirelessDeviceWithThing", + "AssociateWirelessGatewayWithCertificate", + "AssociateWirelessGatewayWithThing", + "CreateDestination", + "CreateDeviceProfile", + "CreateServiceProfile", + "CreateWirelessDevice", + "CreateWirelessGateway", + "CreateWirelessGatewayTask", + "CreateWirelessGatewayTaskDefinition", + "DeleteDestination", + "DeleteDeviceProfile", + "DeleteServiceProfile", + "DeleteWirelessDevice", + "DeleteWirelessGateway", + "DeleteWirelessGatewayTask", + "DeleteWirelessGatewayTaskDefinition", + "DisassociateAwsAccountFromPartnerAccount", + "DisassociateWirelessDeviceFromThing", + "DisassociateWirelessGatewayFromCertificate", + "DisassociateWirelessGatewayFromThing", + "GetDestination", + "GetDeviceProfile", + "GetPartnerAccount", + "GetServiceEndpoint", + "GetServiceProfile", + "GetWirelessDevice", + "GetWirelessDeviceStatistics", + "GetWirelessGateway", + "GetWirelessGatewayCertificate", + "GetWirelessGatewayFirmwareInformation", + "GetWirelessGatewayStatistics", + "GetWirelessGatewayTask", + "GetWirelessGatewayTaskDefinition", + "ListDestinations", + "ListDeviceProfiles", + "ListPartnerAccounts", + "ListServiceProfiles", + "ListTagsForResource", + "ListWirelessDevices", + "ListWirelessGatewayTaskDefinitions", + "ListWirelessGateways", + "SendDataToWirelessDevice", + "TagResource", + "TestWirelessDevice", + "UntagResource", + "UpdateDestination", + "UpdatePartnerAccount", + "UpdateWirelessDevice", + "UpdateWirelessGateway" + ], "iq": [ "CreateProject" ], @@ -4641,6 +5548,8 @@ "UpdateChannel" ], "kafka": [ + "BatchAssociateScramSecret", + "BatchDisassociateScramSecret", "CreateCluster", "CreateConfiguration", "DeleteCluster", @@ -4653,13 +5562,18 @@ "GetCompatibleKafkaVersions", "ListClusterOperations", "ListClusters", + "ListConfigurationRevisions", "ListConfigurations", + "ListKafkaVersions", "ListNodes", + "ListScramSecrets", "ListTagsForResource", + "RebootBroker", "TagResource", "UntagResource", "UpdateBrokerCount", "UpdateBrokerStorage", + "UpdateBrokerType", "UpdateClusterConfiguration", "UpdateClusterKafkaVersion", "UpdateConfiguration", @@ -4671,17 +5585,21 @@ "CreateDataSource", "CreateFaq", "CreateIndex", + "CreateThesaurus", "DeleteDataSource", "DeleteFaq", "DeleteIndex", + "DeleteThesaurus", "DescribeDataSource", "DescribeFaq", "DescribeIndex", + "DescribeThesaurus", "ListDataSourceSyncJobs", "ListDataSources", "ListFaqs", "ListIndices", "ListTagsForResource", + "ListThesauri", "Query", "StartDataSourceSyncJob", "StopDataSourceSyncJob", @@ -4689,7 +5607,8 @@ "TagResource", "UntagResource", "UpdateDataSource", - "UpdateIndex" + "UpdateIndex", + "UpdateThesaurus" ], "kinesis": [ "AddTagsToStream", @@ -4841,11 +5760,14 @@ "AddLayerVersionPermission", "AddPermission", "CreateAlias", + "CreateCodeSigningConfig", "CreateEventSourceMapping", "CreateFunction", "DeleteAlias", + "DeleteCodeSigningConfig", "DeleteEventSourceMapping", "DeleteFunction", + "DeleteFunctionCodeSigningConfig", "DeleteFunctionConcurrency", "DeleteFunctionEventInvokeConfig", "DeleteLayerVersion", @@ -4854,8 +5776,10 @@ "EnableReplication", "GetAccountSettings", "GetAlias", + "GetCodeSigningConfig", "GetEventSourceMapping", "GetFunction", + "GetFunctionCodeSigningConfig", "GetFunctionConcurrency", "GetFunctionConfiguration", "GetFunctionEventInvokeConfig", @@ -4866,9 +5790,11 @@ "InvokeAsync", "InvokeFunction", "ListAliases", + "ListCodeSigningConfigs", "ListEventSourceMappings", "ListFunctionEventInvokeConfigs", "ListFunctions", + "ListFunctionsByCodeSigningConfig", "ListLayerVersions", "ListLayers", "ListProvisionedConcurrencyConfigs", @@ -4876,6 +5802,7 @@ "ListVersionsByFunction", "PublishLayerVersion", "PublishVersion", + "PutFunctionCodeSigningConfig", "PutFunctionConcurrency", "PutFunctionEventInvokeConfig", "PutProvisionedConcurrencyConfig", @@ -4884,8 +5811,10 @@ "TagResource", "UntagResource", "UpdateAlias", + "UpdateCodeSigningConfig", "UpdateEventSourceMapping", "UpdateFunctionCode", + "UpdateFunctionCodeSigningConfig", "UpdateFunctionConfiguration", "UpdateFunctionEventInvokeConfig" ], @@ -4946,16 +5875,41 @@ "UntagResource" ], "license-manager": [ + "AcceptGrant", + "CheckInLicense", + "CheckoutBorrowLicense", + "CheckoutLicense", + "CreateGrant", + "CreateGrantVersion", + "CreateLicense", "CreateLicenseConfiguration", + "CreateLicenseVersion", + "CreateToken", + "DeleteGrant", + "DeleteLicense", "DeleteLicenseConfiguration", + "DeleteToken", + "ExtendLicenseConsumption", + "GetAccessToken", + "GetGrant", + "GetLicense", "GetLicenseConfiguration", + "GetLicenseUsage", "GetServiceSettings", "ListAssociationsForLicenseConfiguration", + "ListDistributedGrants", + "ListFailuresForLicenseConfigurationOperations", "ListLicenseConfigurations", "ListLicenseSpecificationsForResource", + "ListLicenseVersions", + "ListLicenses", + "ListReceivedGrants", + "ListReceivedLicenses", "ListResourceInventory", "ListTagsForResource", + "ListTokens", "ListUsageForLicenseConfiguration", + "RejectGrant", "TagResource", "UntagResource", "UpdateLicenseConfiguration", @@ -4964,16 +5918,23 @@ ], "lightsail": [ "AllocateStaticIp", + "AttachCertificateToDistribution", "AttachDisk", "AttachInstancesToLoadBalancer", "AttachLoadBalancerTlsCertificate", "AttachStaticIp", "CloseInstancePublicPorts", "CopySnapshot", + "CreateCertificate", "CreateCloudFormationStack", + "CreateContactMethod", + "CreateContainerService", + "CreateContainerServiceDeployment", + "CreateContainerServiceRegistryLogin", "CreateDisk", "CreateDiskFromSnapshot", "CreateDiskSnapshot", + "CreateDistribution", "CreateDomain", "CreateDomainEntry", "CreateInstanceSnapshot", @@ -4985,8 +5946,15 @@ "CreateRelationalDatabase", "CreateRelationalDatabaseFromSnapshot", "CreateRelationalDatabaseSnapshot", + "DeleteAlarm", + "DeleteAutoSnapshot", + "DeleteCertificate", + "DeleteContactMethod", + "DeleteContainerImage", + "DeleteContainerService", "DeleteDisk", "DeleteDiskSnapshot", + "DeleteDistribution", "DeleteDomain", "DeleteDomainEntry", "DeleteInstance", @@ -4997,19 +5965,37 @@ "DeleteLoadBalancerTlsCertificate", "DeleteRelationalDatabase", "DeleteRelationalDatabaseSnapshot", + "DetachCertificateFromDistribution", "DetachDisk", "DetachInstancesFromLoadBalancer", "DetachStaticIp", + "DisableAddOn", "DownloadDefaultKeyPair", + "EnableAddOn", "ExportSnapshot", "GetActiveNames", + "GetAlarms", + "GetAutoSnapshots", "GetBlueprints", "GetBundles", + "GetCertificates", "GetCloudFormationStackRecords", + "GetContactMethods", + "GetContainerAPIMetadata", + "GetContainerImages", + "GetContainerLog", + "GetContainerServiceDeployments", + "GetContainerServiceMetricData", + "GetContainerServicePowers", + "GetContainerServices", "GetDisk", "GetDiskSnapshot", "GetDiskSnapshots", "GetDisks", + "GetDistributionBundles", + "GetDistributionLatestCacheReset", + "GetDistributionMetricData", + "GetDistributions", "GetDomain", "GetDomains", "GetExportSnapshotRecords", @@ -5049,17 +6035,26 @@ "IsVpcPeered", "OpenInstancePublicPorts", "PeerVpc", + "PutAlarm", "PutInstancePublicPorts", "RebootInstance", "RebootRelationalDatabase", + "RegisterContainerImage", "ReleaseStaticIp", + "ResetDistributionCache", + "SendContactMethodVerification", + "SetIpAddressType", "StartInstance", "StartRelationalDatabase", "StopInstance", "StopRelationalDatabase", "TagResource", + "TestAlarm", "UnpeerVpc", "UntagResource", + "UpdateContainerService", + "UpdateDistribution", + "UpdateDistributionBundle", "UpdateDomainEntry", "UpdateLoadBalancerAttribute", "UpdateRelationalDatabase", @@ -5111,6 +6106,82 @@ "UntagLogGroup", "UpdateLogDelivery" ], + "lookoutequipment": [ + "CreateDataset", + "CreateInferenceScheduler", + "CreateModel", + "DeleteDataset", + "DeleteInferenceScheduler", + "DeleteModel", + "DescribeDataIngestionJob", + "DescribeDataset", + "DescribeInferenceScheduler", + "DescribeModel", + "ListDataIngestionJobs", + "ListDatasets", + "ListInferenceExecutions", + "ListInferenceSchedulers", + "ListModels", + "ListTagsForResource", + "StartDataIngestionJob", + "StartInferenceScheduler", + "StopInferenceScheduler", + "TagResource", + "UntagResource", + "UpdateInferenceScheduler" + ], + "lookoutmetrics": [ + "ActivateAnomalyDetector", + "BackTestAnomalyDetector", + "CreateAlert", + "CreateAnomalyDetector", + "CreateMetricSet", + "DeleteAlert", + "DeleteAnomalyDetector", + "DescribeAlert", + "DescribeAnomalyDetectionExecutions", + "DescribeAnomalyDetector", + "DescribeMetricSet", + "GetAnomalyGroup", + "GetDataQualityMetrics", + "GetFeedback", + "GetSampleData", + "ListAlerts", + "ListAnomalyDetectors", + "ListAnomalyGroupSummaries", + "ListAnomalyGroupTimeSeries", + "ListMetricSets", + "ListTagsForResource", + "PutFeedback", + "TagResource", + "UntagResource", + "UpdateAnomalyDetector", + "UpdateMetricSet" + ], + "lookoutvision": [ + "CreateDataset", + "CreateModel", + "CreateProject", + "DeleteDataset", + "DeleteModel", + "DeleteProject", + "DescribeDataset", + "DescribeModel", + "DescribeProject", + "DescribeTrialDetection", + "DetectAnomalies", + "ListDatasetEntries", + "ListModels", + "ListProjects", + "ListTagsForResource", + "ListTrialDetections", + "StartModel", + "StartTrialDetection", + "StopModel", + "TagResource", + "UntagResource", + "UpdateDatasetEntries" + ], "machinelearning": [ "AddTags", "CreateBatchPrediction", @@ -5152,7 +6223,6 @@ ], "macie2": [ "AcceptInvitation", - "ArchiveFindings", "BatchGetCustomDataIdentifiers", "CreateClassificationJob", "CreateCustomDataIdentifier", @@ -5193,11 +6263,10 @@ "ListInvitations", "ListMembers", "ListOrganizationAdminAccounts", - "ListTagsForResources", + "ListTagsForResource", "PutClassificationExportConfiguration", "TagResource", "TestCustomDataIdentifier", - "UnarchiveFindings", "UntagResource", "UpdateClassificationJob", "UpdateFindingsFilter", @@ -5222,11 +6291,18 @@ "ListNodes", "ListProposalVotes", "ListProposals", + "ListTagsForResource", "RejectInvitation", + "TagResource", + "UntagResource", "UpdateMember", "UpdateNode", "VoteOnProposal" ], + "marketplacecommerceanalytics": [ + "GenerateDataSet", + "StartSupportDataExport" + ], "mechanicalturk": [ "AcceptQualificationRequest", "ApproveAssignment", @@ -5312,17 +6388,25 @@ "UpdateQueue" ], "medialive": [ + "AcceptInputDeviceTransfer", + "BatchDelete", + "BatchStart", + "BatchStop", "BatchUpdateSchedule", + "CancelInputDeviceTransfer", "CreateChannel", "CreateInput", "CreateInputSecurityGroup", "CreateMultiplex", + "CreateMultiplexProgram", "CreateTags", "DeleteChannel", "DeleteInput", "DeleteInputSecurityGroup", "DeleteMultiplex", + "DeleteMultiplexProgram", "DeleteReservation", + "DeleteSchedule", "DeleteTags", "DescribeChannel", "DescribeInput", @@ -5330,38 +6414,47 @@ "DescribeInputDeviceThumbnail", "DescribeInputSecurityGroup", "DescribeMultiplex", + "DescribeMultiplexProgram", "DescribeOffering", "DescribeReservation", "DescribeSchedule", "ListChannels", + "ListInputDeviceTransfers", "ListInputDevices", "ListInputSecurityGroups", "ListInputs", + "ListMultiplexPrograms", "ListMultiplexes", "ListOfferings", "ListReservations", "ListTagsForResource", "PurchaseOffering", + "RejectInputDeviceTransfer", "StartChannel", "StartMultiplex", "StopChannel", "StopMultiplex", + "TransferInputDevice", "UpdateChannel", "UpdateChannelClass", "UpdateInput", "UpdateInputDevice", "UpdateInputSecurityGroup", "UpdateMultiplex", + "UpdateMultiplexProgram", "UpdateReservation" ], "mediapackage": [ "CreateChannel", + "CreateHarvestJob", "CreateOriginEndpoint", "DeleteChannel", "DeleteOriginEndpoint", "DescribeChannel", + "DescribeHarvestJob", "DescribeOriginEndpoint", "ListChannels", + "ListHarvestJobs", "ListOriginEndpoints", "ListTagsForResource", "RotateIngestEndpointCredentials", @@ -5581,6 +6674,20 @@ "UpdateVoiceChannel", "UpdateVoiceTemplate" ], + "monitron": [ + "AssociateProjectAdminUser", + "CreateProject", + "DeleteProject", + "DisassociateProjectAdminUser", + "GetProject", + "GetProjectAdminUser", + "ListProjectAdminUsers", + "ListProjects", + "ListTagsForResource", + "TagResource", + "UntagResource", + "UpdateProject" + ], "mq": [ "CreateBroker", "CreateConfiguration", @@ -5608,13 +6715,47 @@ "neptune-db": [ "connect" ], + "network-firewall": [ + "AssociateFirewallPolicy", + "AssociateSubnets", + "CreateFirewall", + "CreateFirewallPolicy", + "CreateRuleGroup", + "DeleteFirewall", + "DeleteFirewallPolicy", + "DeleteResourcePolicy", + "DeleteRuleGroup", + "DescribeFirewall", + "DescribeFirewallPolicy", + "DescribeLoggingConfiguration", + "DescribeResourcePolicy", + "DescribeRuleGroup", + "DisassociateSubnets", + "ListFirewallPolicies", + "ListFirewalls", + "ListRuleGroups", + "ListTagsForResource", + "PutResourcePolicy", + "TagResource", + "UntagResource", + "UpdateFirewallDeleteProtection", + "UpdateFirewallDescription", + "UpdateFirewallPolicy", + "UpdateFirewallPolicyChangeProtection", + "UpdateLoggingConfiguration", + "UpdateRuleGroup", + "UpdateSubnetChangeProtection" + ], "networkmanager": [ "AssociateCustomerGateway", "AssociateLink", + "AssociateTransitGatewayConnectPeer", + "CreateConnection", "CreateDevice", "CreateGlobalNetwork", "CreateLink", "CreateSite", + "DeleteConnection", "DeleteDevice", "DeleteGlobalNetwork", "DeleteLink", @@ -5623,16 +6764,20 @@ "DescribeGlobalNetworks", "DisassociateCustomerGateway", "DisassociateLink", + "DisassociateTransitGatewayConnectPeer", + "GetConnections", "GetCustomerGatewayAssociations", "GetDevices", "GetLinkAssociations", "GetLinks", "GetSites", + "GetTransitGatewayConnectPeerAssociations", "GetTransitGatewayRegistrations", "ListTagsForResource", "RegisterTransitGateway", "TagResource", "UntagResource", + "UpdateConnection", "UpdateDevice", "UpdateGlobalNetwork", "UpdateLink", @@ -5725,8 +6870,11 @@ "DescribeNodeAssociationStatus", "DescribeServers", "DisassociateNode", + "ListTagsForResource", "RestoreServer", "StartMaintenance", + "TagResource", + "UntagResource", "UpdateServer", "UpdateServerEngineAttributes" ], @@ -5785,10 +6933,59 @@ ], "outposts": [ "CreateOutpost", + "DeleteOutpost", + "DeleteSite", "GetOutpost", "GetOutpostInstanceTypes", "ListOutposts", - "ListSites" + "ListSites", + "ListTagsForResource", + "TagResource", + "UntagResource" + ], + "panorama": [ + "CreateApp", + "CreateAppDeployment", + "CreateAppVersion", + "CreateDataSource", + "CreateDeploymentConfiguration", + "CreateDevice", + "CreateDeviceUpdate", + "CreateInputs", + "CreateModel", + "CreateStreams", + "DeleteApp", + "DeleteAppVersion", + "DeleteDataSource", + "DeleteDevice", + "DeleteModel", + "DescribeApp", + "DescribeAppDeployment", + "DescribeAppVersion", + "DescribeDataSource", + "DescribeDevice", + "DescribeDeviceUpdate", + "DescribeModel", + "DescribeSoftware", + "GetDeploymentConfiguration", + "GetInputs", + "GetStreams", + "GetWebSocketURL", + "ListAppDeploymentOperations", + "ListAppVersions", + "ListApps", + "ListDataSources", + "ListDeploymentConfigurations", + "ListDeviceUpdates", + "ListDevices", + "ListModels", + "ListTagsForResource", + "TagResource", + "UntagResource", + "UpdateApp", + "UpdateAppConfiguration", + "UpdateDataSource", + "UpdateDevice" ], "personalize": [ "CreateBatchInferenceJob", @@ -5836,6 +7033,8 @@ "ListSolutionVersions", "ListSolutions", "PutEvents", + "PutItems", + "PutUsers", "UpdateCampaign" ], "pi": [ @@ -5858,6 +7057,88 @@ "GetAttributeValues", "GetProducts" ], + "profile": [ + "AddProfileKey", + "CreateDomain", + "CreateProfile", + "DeleteDomain", + "DeleteIntegration", + "DeleteProfile", + "DeleteProfileKey", + "DeleteProfileObject", + "DeleteProfileObjectType", + "GetDomain", + "GetIntegration", + "GetProfileObjectType", + "GetProfileObjectTypeTemplate", + "ListAccountIntegrations", + "ListDomains", + "ListIntegrations", + "ListProfileObjectTypeTemplates", + "ListProfileObjectTypes", + "ListProfileObjects", + "ListTagsForResource", + "PutIntegration", + "PutProfileObject", + "PutProfileObjectType", + "SearchProfiles", + "TagResource", + "UntagResource", + "UpdateDomain", + "UpdateProfile" + ], + "proton": [ + "CreateEnvironment", + "CreateEnvironmentTemplate", + "CreateEnvironmentTemplateMajorVersion", + "CreateEnvironmentTemplateMinorVersion", + "CreateService", + "CreateServiceTemplate", + "CreateServiceTemplateMajorVersion", + "CreateServiceTemplateMinorVersion", + "DeleteAccountRoles", + "DeleteEnvironment", + "DeleteEnvironmentTemplate", + "DeleteEnvironmentTemplateMajorVersion", + "DeleteEnvironmentTemplateMinorVersion", + "DeleteService", + "DeleteServiceTemplate", + "DeleteServiceTemplateMajorVersion", + "DeleteServiceTemplateMinorVersion", + "GetAccountRoles", + "GetEnvironment", + "GetEnvironmentTemplate", + "GetEnvironmentTemplateMajorVersion", + "GetEnvironmentTemplateMinorVersion", + "GetService", + "GetServiceInstance", + "GetServiceTemplate", + "GetServiceTemplateMajorVersion", + "GetServiceTemplateMinorVersion", + "ListEnvironmentTemplateMajorVersions", + "ListEnvironmentTemplateMinorVersions", + "ListEnvironmentTemplates", + "ListEnvironments", + "ListServiceInstances", + "ListServiceTemplateMajorVersions", + "ListServiceTemplateMinorVersions", + "ListServiceTemplates", + "ListServices", + "ListTagsForResource", + "TagResource", + "UntagResource", + "UpdateAccountRoles", + "UpdateEnvironment", + "UpdateEnvironmentTemplate", + "UpdateEnvironmentTemplateMajorVersion", + "UpdateEnvironmentTemplateMinorVersion", + "UpdateService", + "UpdateServiceInstance", + "UpdateServicePipeline", + "UpdateServiceTemplate", + "UpdateServiceTemplateMajorVersion", + "UpdateServiceTemplateMinorVersion" + ], "purchase-orders": [ "ModifyPurchaseOrders", "ViewPurchaseOrders" @@ -5888,31 +7169,58 @@ "UpdateLedger" ], "quicksight": [ + "CancelIngestion", + "CreateAccountCustomization", "CreateAdmin", + "CreateAnalysis", + "CreateCustomPermissions", "CreateDashboard", + "CreateDataSet", + "CreateDataSource", "CreateGroup", "CreateGroupMembership", "CreateIAMPolicyAssignment", + "CreateIngestion", + "CreateNamespace", "CreateReader", "CreateTemplate", "CreateTemplateAlias", "CreateTheme", "CreateThemeAlias", "CreateUser", + "CreateVPCConnection", + "DeleteAccountCustomization", + "DeleteAnalysis", + "DeleteCustomPermissions", "DeleteDashboard", + "DeleteDataSet", + "DeleteDataSource", "DeleteGroup", "DeleteGroupMembership", "DeleteIAMPolicyAssignment", + "DeleteNamespace", "DeleteTemplate", "DeleteTemplateAlias", "DeleteTheme", "DeleteThemeAlias", "DeleteUser", "DeleteUserByPrincipalId", + "DeleteVPCConnection", + "DescribeAccountCustomization", + "DescribeAccountSettings", + "DescribeAnalysis", + "DescribeAnalysisPermissions", + "DescribeCustomPermissions", "DescribeDashboard", "DescribeDashboardPermissions", + "DescribeDataSet", + "DescribeDataSetPermissions", + "DescribeDataSource", + "DescribeDataSourcePermissions", "DescribeGroup", "DescribeIAMPolicyAssignment", + "DescribeIngestion", + "DescribeNamespace", "DescribeTemplate", "DescribeTemplateAlias", "DescribeTemplatePermissions", @@ -5923,12 +7231,19 @@ "GetAuthCode", "GetDashboardEmbedUrl", "GetGroupMapping", + "GetSessionEmbedUrl", + "ListAnalyses", + "ListCustomPermissions", "ListDashboardVersions", "ListDashboards", + "ListDataSets", + "ListDataSources", "ListGroupMemberships", "ListGroups", "ListIAMPolicyAssignments", "ListIAMPolicyAssignmentsForUser", + "ListIngestions", + "ListNamespaces", "ListTagsForResource", "ListTemplateAliases", "ListTemplateVersions", @@ -5938,16 +7253,30 @@ "ListThemes", "ListUserGroups", "ListUsers", + "PassDataSet", + "PassDataSource", "RegisterUser", + "RestoreAnalysis", + "SearchAnalyses", + "SearchDashboards", "SearchDirectoryGroups", "SetGroupMapping", "Subscribe", "TagResource", "Unsubscribe", "UntagResource", + "UpdateAccountCustomization", + "UpdateAccountSettings", + "UpdateAnalysis", + "UpdateAnalysisPermissions", + "UpdateCustomPermissions", "UpdateDashboard", "UpdateDashboardPermissions", "UpdateDashboardPublishedVersion", + "UpdateDataSet", + "UpdateDataSetPermissions", + "UpdateDataSource", + "UpdateDataSourcePermissions", "UpdateGroup", "UpdateIAMPolicyAssignment", "UpdateTemplate", @@ -5976,7 +7305,9 @@ "ListPermissions", "ListPrincipals", "ListResourceSharePermissions", + "ListResourceTypes", "ListResources", + "PromoteResourceShareCreatedFromPolicy", "RejectResourceShareInvitation", "TagResource", "UntagResource", @@ -6004,12 +7335,14 @@ "CreateDBInstanceReadReplica", "CreateDBParameterGroup", "CreateDBProxy", + "CreateDBProxyEndpoint", "CreateDBSecurityGroup", "CreateDBSnapshot", "CreateDBSubnetGroup", "CreateEventSubscription", "CreateGlobalCluster", "CreateOptionGroup", + "CrossRegionCommunication", "DeleteDBCluster", "DeleteDBClusterEndpoint", "DeleteDBClusterParameterGroup", @@ -6018,6 +7351,7 @@ "DeleteDBInstanceAutomatedBackup", "DeleteDBParameterGroup", "DeleteDBProxy", + "DeleteDBProxyEndpoint", "DeleteDBSecurityGroup", "DeleteDBSnapshot", "DeleteDBSubnetGroup", @@ -6041,6 +7375,7 @@ "DescribeDBParameterGroups", "DescribeDBParameters", "DescribeDBProxies", + "DescribeDBProxyEndpoints", "DescribeDBProxyTargetGroups", "DescribeDBProxyTargets", "DescribeDBSecurityGroups", @@ -6064,6 +7399,7 @@ "DescribeValidDBInstanceModifications", "DownloadDBLogFilePortion", "FailoverDBCluster", + "FailoverGlobalCluster", "ListTagsForResource", "ModifyCurrentDBClusterCapacity", "ModifyDBCluster", @@ -6073,6 +7409,7 @@ "ModifyDBInstance", "ModifyDBParameterGroup", "ModifyDBProxy", + "ModifyDBProxyEndpoint", "ModifyDBProxyTargetGroup", "ModifyDBSnapshot", "ModifyDBSnapshotAttribute", @@ -6256,6 +7593,7 @@ "DetectFaces", "DetectLabels", "DetectModerationLabels", + "DetectProtectiveEquipment", "DetectText", "GetCelebrityInfo", "GetCelebrityRecognition", @@ -6270,6 +7608,7 @@ "ListCollections", "ListFaces", "ListStreamProcessors", + "ListTagsForResource", "RecognizeCelebrities", "SearchFaces", "SearchFacesByImage", @@ -6284,7 +7623,9 @@ "StartStreamProcessor", "StartTextDetection", "StopProjectVersion", - "StopStreamProcessor" + "StopStreamProcessor", + "TagResource", + "UntagResource" ], "resource-explorer": [ "ListResourceTypes", @@ -6295,21 +7636,28 @@ "CreateGroup", "DeleteGroup", "GetGroup", + "GetGroupConfiguration", "GetGroupQuery", "GetTags", + "GroupResources", "ListGroupResources", "ListGroups", + "PutGroupPolicy", "SearchResources", "Tag", + "UngroupResources", "Untag", "UpdateGroup", "UpdateGroupQuery" ], "robomaker": [ + "BatchDeleteWorlds", "BatchDescribeSimulationJob", "CancelDeploymentJob", "CancelSimulationJob", "CancelSimulationJobBatch", + "CancelWorldExportJob", + "CancelWorldGenerationJob", "CreateDeploymentJob", "CreateFleet", "CreateRobot", @@ -6318,10 +7666,14 @@ "CreateSimulationApplication", "CreateSimulationApplicationVersion", "CreateSimulationJob", + "CreateWorldExportJob", + "CreateWorldGenerationJob", + "CreateWorldTemplate", "DeleteFleet", "DeleteRobot", "DeleteRobotApplication", "DeleteSimulationApplication", + "DeleteWorldTemplate", "DeregisterRobot", "DescribeDeploymentJob", "DescribeFleet", @@ -6330,6 +7682,11 @@ "DescribeSimulationApplication", "DescribeSimulationJob", "DescribeSimulationJobBatch", + "DescribeWorld", + "DescribeWorldExportJob", + "DescribeWorldGenerationJob", + "DescribeWorldTemplate", + "GetWorldTemplateBody", "ListDeploymentJobs", "ListFleets", "ListRobotApplications", @@ -6337,7 +7694,12 @@ "ListSimulationApplications", "ListSimulationJobBatches", "ListSimulationJobs", + "ListSupportedAvailabilityZones", "ListTagsForResource", + "ListWorldExportJobs", + "ListWorldGenerationJobs", + "ListWorldTemplates", + "ListWorlds", "RegisterRobot", "RestartSimulationJob", "StartSimulationJobBatch", @@ -6345,7 +7707,9 @@ "TagResource", "UntagResource", "UpdateRobotApplication", - "UpdateSimulationApplication" + "UpdateRobotDeployment", + "UpdateSimulationApplication", + "UpdateWorldTemplate" ], "route53": [ "AssociateVPCWithHostedZone", @@ -6388,6 +7752,7 @@ "ListHealthChecks", "ListHostedZones", "ListHostedZonesByName", + "ListHostedZonesByVPC", "ListQueryLoggingConfigs", "ListResourceRecordSets", "ListReusableDelegationSets", @@ -6431,18 +7796,32 @@ "ViewBilling" ], "route53resolver": [ + "AssociateFirewallRuleGroup", "AssociateResolverEndpointIpAddress", "AssociateResolverQueryLogConfig", "AssociateResolverRule", + "CreateFirewallDomainList", + "CreateFirewallRule", + "CreateFirewallRuleGroup", "CreateResolverEndpoint", "CreateResolverQueryLogConfig", "CreateResolverRule", + "DeleteFirewallDomainList", + "DeleteFirewallRule", + "DeleteFirewallRuleGroup", "DeleteResolverEndpoint", "DeleteResolverQueryLogConfig", "DeleteResolverRule", + "DisassociateFirewallRuleGroup", "DisassociateResolverEndpointIpAddress", "DisassociateResolverQueryLogConfig", "DisassociateResolverRule", + "GetFirewallConfig", + "GetFirewallDomainList", + "GetFirewallRuleGroup", + "GetFirewallRuleGroupAssociation", + "GetFirewallRuleGroupPolicy", + "GetResolverDnssecConfig", "GetResolverEndpoint", "GetResolverQueryLogConfig", "GetResolverQueryLogConfigAssociation", @@ -6450,6 +7829,14 @@ "GetResolverRule", "GetResolverRuleAssociation", "GetResolverRulePolicy", + "ImportFirewallDomains", + "ListFirewallConfigs", + "ListFirewallDomainLists", + "ListFirewallDomains", + "ListFirewallRuleGroupAssociations", + "ListFirewallRuleGroups", + "ListFirewallRules", + "ListResolverDnssecConfigs", "ListResolverEndpointIpAddresses", "ListResolverEndpoints", "ListResolverQueryLogConfigAssociations", @@ -6457,10 +7844,16 @@ "ListResolverRuleAssociations", "ListResolverRules", "ListTagsForResource", + "PutFirewallRuleGroupPolicy", "PutResolverQueryLogConfigPolicy", "PutResolverRulePolicy", "TagResource", "UntagResource", + "UpdateFirewallConfig", + "UpdateFirewallDomains", + "UpdateFirewallRule", + "UpdateFirewallRuleGroupAssociation", + "UpdateResolverDnssecConfig", "UpdateResolverEndpoint", "UpdateResolverRule" ], @@ -6468,11 +7861,15 @@ "AbortMultipartUpload", "BypassGovernanceRetention", "CreateAccessPoint", + "CreateAccessPointForObjectLambda", "CreateBucket", "CreateJob", "DeleteAccessPoint", + "DeleteAccessPointForObjectLambda", "DeleteAccessPointPolicy", + "DeleteAccessPointPolicyForObjectLambda", "DeleteBucket", + "DeleteBucketOwnershipControls", "DeleteBucketPolicy", "DeleteBucketWebsite", "DeleteJobTagging", @@ -6480,11 +7877,17 @@ "DeleteObjectTagging", "DeleteObjectVersion", "DeleteObjectVersionTagging", + "DeleteStorageLensConfiguration", + "DeleteStorageLensConfigurationTagging", "DescribeJob", "GetAccelerateConfiguration", "GetAccessPoint", + "GetAccessPointConfigurationForObjectLambda", + "GetAccessPointForObjectLambda", "GetAccessPointPolicy", + "GetAccessPointPolicyForObjectLambda", "GetAccessPointPolicyStatus", + "GetAccessPointPolicyStatusForObjectLambda", "GetAccountPublicAccessBlock", "GetAnalyticsConfiguration", "GetBucketAcl", @@ -6493,6 +7896,7 @@ "GetBucketLogging", "GetBucketNotification", "GetBucketObjectLockConfiguration", + "GetBucketOwnershipControls", "GetBucketPolicy", "GetBucketPolicyStatus", "GetBucketPublicAccessBlock", @@ -6501,6 +7905,7 @@ "GetBucketVersioning", "GetBucketWebsite", "GetEncryptionConfiguration", + "GetIntelligentTieringConfiguration", "GetInventoryConfiguration", "GetJobTagging", "GetLifecycleConfiguration", @@ -6517,17 +7922,23 @@ "GetObjectVersionTagging", "GetObjectVersionTorrent", "GetReplicationConfiguration", - "HeadBucket", + "GetStorageLensConfiguration", + "GetStorageLensConfigurationTagging", + "GetStorageLensDashboard", "ListAccessPoints", + "ListAccessPointsForObjectLambda", "ListAllMyBuckets", "ListBucket", "ListBucketMultipartUploads", "ListBucketVersions", "ListJobs", "ListMultipartUploadParts", + "ListStorageLensConfigurations", "ObjectOwnerOverrideToBucketOwner", "PutAccelerateConfiguration", + "PutAccessPointConfigurationForObjectLambda", "PutAccessPointPolicy", + "PutAccessPointPolicyForObjectLambda", "PutAccountPublicAccessBlock", "PutAnalyticsConfiguration", "PutBucketAcl", @@ -6535,6 +7946,7 @@ "PutBucketLogging", "PutBucketNotification", "PutBucketObjectLockConfiguration", + "PutBucketOwnershipControls", "PutBucketPolicy", "PutBucketPublicAccessBlock", "PutBucketRequestPayment", @@ -6542,6 +7954,7 @@ "PutBucketVersioning", "PutBucketWebsite", "PutEncryptionConfiguration", + "PutIntelligentTieringConfiguration", "PutInventoryConfiguration", "PutJobTagging", "PutLifecycleConfiguration", @@ -6554,6 +7967,8 @@ "PutObjectVersionAcl", "PutObjectVersionTagging", "PutReplicationConfiguration", + "PutStorageLensConfiguration", + "PutStorageLensConfigurationTagging", "ReplicateDelete", "ReplicateObject", "ReplicateTags", @@ -6561,32 +7976,103 @@ "UpdateJobPriority", "UpdateJobStatus" ], + "s3-object-lambda": [ + "AbortMultipartUpload", + "DeleteObject", + "DeleteObjectTagging", + "GetObject", + "GetObjectAcl", + "GetObjectLegalHold", + "GetObjectRetention", + "GetObjectTagging", + "GetObjectVersion", + "ListBucket", + "ListMultipartUploadParts", + "PutObject", + "PutObjectAcl", + "PutObjectLegalHold", + "PutObjectRetention", + "PutObjectTagging", + "RestoreObject", + "WriteGetObjectResponse" + ], + "s3-outposts": [ + "AbortMultipartUpload", + "CreateAccessPoint", + "CreateBucket", + "CreateEndpoint", + "DeleteAccessPoint", + "DeleteAccessPointPolicy", + "DeleteBucket", + "DeleteBucketPolicy", + "DeleteEndpoint", + "DeleteObject", + "DeleteObjectTagging", + "GetAccessPoint", + "GetAccessPointPolicy", + "GetBucket", + "GetBucketPolicy", + "GetBucketTagging", + "GetLifecycleConfiguration", + "GetObject", + "GetObjectTagging", + "ListAccessPoints", + "ListBucket", + "ListBucketMultipartUploads", + "ListEndpoints", + "ListMultipartUploadParts", + "ListRegionalBuckets", + "PutAccessPointPolicy", + "PutBucketPolicy", + "PutBucketTagging", + "PutLifecycleConfiguration", + "PutObject", + "PutObjectAcl", + "PutObjectTagging" + ], "sagemaker": [ + "AddAssociation", "AddTags", "AssociateTrialComponent", "BatchGetMetrics", "BatchPutMetrics", + "CreateAction", "CreateAlgorithm", "CreateApp", + "CreateAppImageConfig", + "CreateArtifact", "CreateAutoMLJob", "CreateCodeRepository", "CreateCompilationJob", + "CreateContext", + "CreateDataQualityJobDefinition", + "CreateDeviceFleet", "CreateDomain", + "CreateEdgePackagingJob", "CreateEndpoint", "CreateEndpointConfig", "CreateExperiment", + "CreateFeatureGroup", "CreateFlowDefinition", "CreateHumanTaskUi", "CreateHyperParameterTuningJob", + "CreateImage", + "CreateImageVersion", "CreateLabelingJob", "CreateModel", + "CreateModelBiasJobDefinition", + "CreateModelExplainabilityJobDefinition", "CreateModelPackage", + "CreateModelPackageGroup", + "CreateModelQualityJobDefinition", "CreateMonitoringSchedule", "CreateNotebookInstance", "CreateNotebookInstanceLifecycleConfig", + "CreatePipeline", "CreatePresignedDomainUrl", "CreatePresignedNotebookInstanceUrl", "CreateProcessingJob", + "CreateProject", "CreateTrainingJob", "CreateTransformJob", "CreateTrial", @@ -6594,46 +8080,84 @@ "CreateUserProfile", "CreateWorkforce", "CreateWorkteam", + "DeleteAction", "DeleteAlgorithm", "DeleteApp", + "DeleteAppImageConfig", + "DeleteArtifact", + "DeleteAssociation", "DeleteCodeRepository", + "DeleteContext", + "DeleteDataQualityJobDefinition", + "DeleteDeviceFleet", "DeleteDomain", "DeleteEndpoint", "DeleteEndpointConfig", "DeleteExperiment", + "DeleteFeatureGroup", "DeleteFlowDefinition", "DeleteHumanLoop", + "DeleteImage", + "DeleteImageVersion", "DeleteModel", + "DeleteModelBiasJobDefinition", + "DeleteModelExplainabilityJobDefinition", "DeleteModelPackage", + "DeleteModelPackageGroup", + "DeleteModelPackageGroupPolicy", + "DeleteModelQualityJobDefinition", "DeleteMonitoringSchedule", "DeleteNotebookInstance", "DeleteNotebookInstanceLifecycleConfig", + "DeletePipeline", + "DeleteProject", + "DeleteRecord", "DeleteTags", "DeleteTrial", "DeleteTrialComponent", "DeleteUserProfile", "DeleteWorkforce", "DeleteWorkteam", + "DeregisterDevices", + "DescribeAction", "DescribeAlgorithm", "DescribeApp", + "DescribeAppImageConfig", + "DescribeArtifact", "DescribeAutoMLJob", "DescribeCodeRepository", "DescribeCompilationJob", + "DescribeContext", + "DescribeDataQualityJobDefinition", + "DescribeDevice", + "DescribeDeviceFleet", "DescribeDomain", + "DescribeEdgePackagingJob", "DescribeEndpoint", "DescribeEndpointConfig", "DescribeExperiment", + "DescribeFeatureGroup", "DescribeFlowDefinition", "DescribeHumanLoop", "DescribeHumanTaskUi", "DescribeHyperParameterTuningJob", + "DescribeImage", + "DescribeImageVersion", "DescribeLabelingJob", "DescribeModel", + "DescribeModelBiasJobDefinition", + "DescribeModelExplainabilityJobDefinition", "DescribeModelPackage", + "DescribeModelPackageGroup", + "DescribeModelQualityJobDefinition", "DescribeMonitoringSchedule", "DescribeNotebookInstance", "DescribeNotebookInstanceLifecycleConfig", + "DescribePipeline", + "DescribePipelineDefinitionForExecution", + "DescribePipelineExecution", "DescribeProcessingJob", + "DescribeProject", "DescribeSubscribedWorkteam", "DescribeTrainingJob", "DescribeTransformJob", @@ -6642,32 +8166,60 @@ "DescribeUserProfile", "DescribeWorkforce", "DescribeWorkteam", + "DisableSagemakerServicecatalogPortfolio", "DisassociateTrialComponent", + "EnableSagemakerServicecatalogPortfolio", + "GetDeviceFleetReport", + "GetDeviceRegistration", + "GetModelPackageGroupPolicy", + "GetRecord", + "GetSagemakerServicecatalogPortfolioStatus", "GetSearchSuggestions", "InvokeEndpoint", + "ListActions", "ListAlgorithms", + "ListAppImageConfigs", "ListApps", + "ListArtifacts", + "ListAssociations", "ListAutoMLJobs", "ListCandidatesForAutoMLJob", "ListCodeRepositories", "ListCompilationJobs", + "ListContexts", + "ListDataQualityJobDefinitions", + "ListDeviceFleets", + "ListDevices", "ListDomains", + "ListEdgePackagingJobs", "ListEndpointConfigs", "ListEndpoints", "ListExperiments", + "ListFeatureGroups", "ListFlowDefinitions", "ListHumanLoops", "ListHumanTaskUis", "ListHyperParameterTuningJobs", + "ListImageVersions", + "ListImages", "ListLabelingJobs", "ListLabelingJobsForWorkteam", + "ListModelBiasJobDefinitions", + "ListModelExplainabilityJobDefinitions", + "ListModelPackageGroups", "ListModelPackages", + "ListModelQualityJobDefinitions", "ListModels", "ListMonitoringExecutions", "ListMonitoringSchedules", "ListNotebookInstanceLifecycleConfigs", "ListNotebookInstances", + "ListPipelineExecutionSteps", + "ListPipelineExecutions", + "ListPipelineParametersForExecution", + "ListPipelines", "ListProcessingJobs", + "ListProjects", "ListSubscribedWorkteams", "ListTags", "ListTrainingJobs", @@ -6678,29 +8230,47 @@ "ListUserProfiles", "ListWorkforces", "ListWorkteams", + "PutModelPackageGroupPolicy", + "PutRecord", + "RegisterDevices", "RenderUiTemplate", "Search", + "SendHeartbeat", "StartHumanLoop", "StartMonitoringSchedule", "StartNotebookInstance", + "StartPipelineExecution", "StopAutoMLJob", "StopCompilationJob", + "StopEdgePackagingJob", "StopHumanLoop", "StopHyperParameterTuningJob", "StopLabelingJob", "StopMonitoringSchedule", "StopNotebookInstance", + "StopPipelineExecution", "StopProcessingJob", "StopTrainingJob", "StopTransformJob", + "UpdateAction", + "UpdateAppImageConfig", + "UpdateArtifact", "UpdateCodeRepository", + "UpdateContext", + "UpdateDeviceFleet", + "UpdateDevices", "UpdateDomain", "UpdateEndpoint", "UpdateEndpointWeightsAndCapacities", "UpdateExperiment", + "UpdateImage", + "UpdateModelPackage", "UpdateMonitoringSchedule", "UpdateNotebookInstance", "UpdateNotebookInstanceLifecycleConfig", + "UpdatePipeline", + "UpdatePipelineExecution", + "UpdateTrainingJob", "UpdateTrial", "UpdateTrialComponent", "UpdateUserProfile", @@ -6709,6 +8279,7 @@ ], "savingsplans": [ "CreateSavingsPlan", + "DeleteQueuedSavingsPlan", "DescribeSavingsPlanRates", "DescribeSavingsPlans", "DescribeSavingsPlansOfferingRates", @@ -6730,6 +8301,7 @@ "DescribeDiscoverer", "DescribeRegistry", "DescribeSchema", + "ExportSchema", "GetCodeBindingSource", "GetDiscoveredSchema", "GetResourcePolicy", @@ -6798,32 +8370,44 @@ "DeleteMembers", "DescribeActionTargets", "DescribeHub", + "DescribeOrganizationConfiguration", "DescribeProducts", "DescribeStandards", "DescribeStandardsControls", "DisableImportFindingsForProduct", + "DisableOrganizationAdminAccount", "DisableSecurityHub", "DisassociateFromMasterAccount", "DisassociateMembers", "EnableImportFindingsForProduct", + "EnableOrganizationAdminAccount", "EnableSecurityHub", + "GetAdhocInsightResults", "GetEnabledStandards", "GetFindings", + "GetFreeTrialEndDate", + "GetFreeTrialUsage", + "GetInsightFindingTrend", "GetInsightResults", "GetInsights", "GetInvitationsCount", "GetMasterAccount", "GetMembers", + "GetUsage", "InviteMembers", "ListEnabledProductsForImport", "ListInvitations", "ListMembers", + "ListOrganizationAdminAccounts", "ListTagsForResource", + "SendFindingEvents", + "SendInsightEvents", "TagResource", "UntagResource", "UpdateActionTarget", "UpdateFindings", "UpdateInsight", + "UpdateOrganizationConfiguration", "UpdateSecurityHubConfiguration", "UpdateStandardsControl" ], @@ -6846,14 +8430,18 @@ ], "servicecatalog": [ "AcceptPortfolioShare", + "AssociateAttributeGroup", "AssociateBudgetWithResource", "AssociatePrincipalWithPortfolio", "AssociateProductWithPortfolio", + "AssociateResource", "AssociateServiceActionWithProvisioningArtifact", "AssociateTagOptionWithResource", "BatchAssociateServiceActionWithProvisioningArtifact", "BatchDisassociateServiceActionFromProvisioningArtifact", "CopyProduct", + "CreateApplication", + "CreateAttributeGroup", "CreateConstraint", "CreatePortfolio", "CreatePortfolioShare", @@ -6862,6 +8450,8 @@ "CreateProvisioningArtifact", "CreateServiceAction", "CreateTagOption", + "DeleteApplication", + "DeleteAttributeGroup", "DeleteConstraint", "DeletePortfolio", "DeletePortfolioShare", @@ -6886,16 +8476,25 @@ "DescribeServiceActionExecutionParameters", "DescribeTagOption", "DisableAWSOrganizationsAccess", + "DisassociateAttributeGroup", "DisassociateBudgetFromResource", "DisassociatePrincipalFromPortfolio", "DisassociateProductFromPortfolio", + "DisassociateResource", "DisassociateServiceActionFromProvisioningArtifact", "DisassociateTagOptionFromResource", "EnableAWSOrganizationsAccess", "ExecuteProvisionedProductPlan", "ExecuteProvisionedProductServiceAction", "GetAWSOrganizationsAccessStatus", + "GetApplication", + "GetAttributeGroup", + "ImportAsProvisionedProduct", "ListAcceptedPortfolioShares", + "ListApplications", + "ListAssociatedAttributeGroups", + "ListAssociatedResources", + "ListAttributeGroups", "ListBudgetsForResource", "ListConstraintsForPortfolio", "ListLaunchPaths", @@ -6913,13 +8512,19 @@ "ListServiceActionsForProvisioningArtifact", "ListStackInstancesForProvisionedProduct", "ListTagOptions", + "ListTagsForResource", "ProvisionProduct", "RejectPortfolioShare", "ScanProvisionedProducts", "SearchProducts", "SearchProductsAsAdmin", "SearchProvisionedProducts", + "SyncResource", + "TagResource", "TerminateProvisionedProduct", + "UntagResource", + "UpdateApplication", + "UpdateAttributeGroup", "UpdateConstraint", "UpdatePortfolio", "UpdateProduct", @@ -6969,8 +8574,11 @@ "ListServiceQuotaIncreaseRequestsInTemplate", "ListServiceQuotas", "ListServices", + "ListTagsForResource", "PutServiceQuotaIncreaseRequestIntoTemplate", - "RequestServiceQuotaIncrease" + "RequestServiceQuotaIncrease", + "TagResource", + "UntagResource" ], "ses": [ "CloneReceiptRuleSet", @@ -7065,15 +8673,20 @@ "UpdateSubscription" ], "signer": [ + "AddProfilePermission", "CancelSigningProfile", "DescribeSigningJob", "GetSigningPlatform", "GetSigningProfile", + "ListProfilePermissions", "ListSigningJobs", "ListSigningPlatforms", "ListSigningProfiles", "ListTagsForResource", "PutSigningProfile", + "RemoveProfilePermission", + "RevokeSignature", + "RevokeSigningProfile", "StartSigningJob", "TagResource", "UntagResource" @@ -7213,6 +8826,7 @@ "CreateDocument", "CreateMaintenanceWindow", "CreateOpsItem", + "CreateOpsMetadata", "CreatePatchBaseline", "CreateResourceDataSync", "DeleteActivation", @@ -7220,6 +8834,7 @@ "DeleteDocument", "DeleteInventory", "DeleteMaintenanceWindow", + "DeleteOpsMetadata", "DeleteParameter", "DeleteParameters", "DeletePatchBaseline", @@ -7263,6 +8878,7 @@ "DescribePatchProperties", "DescribeSessions", "GetAutomationExecution", + "GetCalendarState", "GetCommandInvocation", "GetConnectionStatus", "GetDefaultPatchBaseline", @@ -7277,6 +8893,7 @@ "GetMaintenanceWindowTask", "GetManifest", "GetOpsItem", + "GetOpsMetadata", "GetOpsSummary", "GetParameter", "GetParameterHistory", @@ -7292,10 +8909,13 @@ "ListCommands", "ListComplianceItems", "ListComplianceSummaries", + "ListDocumentMetadataHistory", "ListDocumentVersions", "ListDocuments", "ListInstanceAssociations", "ListInventoryEntries", + "ListOpsItemEvents", + "ListOpsMetadata", "ListResourceComplianceSummaries", "ListResourceDataSync", "ListTagsForResource", @@ -7315,6 +8935,7 @@ "SendCommand", "StartAssociationsOnce", "StartAutomationExecution", + "StartChangeRequestExecution", "StartSession", "StopAutomationExecution", "TerminateSession", @@ -7322,6 +8943,7 @@ "UpdateAssociationStatus", "UpdateDocument", "UpdateDocumentDefaultVersion", + "UpdateDocumentMetadata", "UpdateInstanceAssociationStatus", "UpdateInstanceInformation", "UpdateMaintenanceWindow", @@ -7329,6 +8951,7 @@ "UpdateMaintenanceWindowTask", "UpdateManagedInstanceRole", "UpdateOpsItem", + "UpdateOpsMetadata", "UpdatePatchBaseline", "UpdateResourceDataSync", "UpdateServiceSetting" @@ -7346,6 +8969,7 @@ "CreateAccountAssignment", "CreateApplicationInstance", "CreateApplicationInstanceCertificate", + "CreateInstanceAccessControlAttributeConfiguration", "CreateManagedApplicationInstance", "CreatePermissionSet", "CreateProfile", @@ -7354,12 +8978,14 @@ "DeleteApplicationInstance", "DeleteApplicationInstanceCertificate", "DeleteInlinePolicyFromPermissionSet", + "DeleteInstanceAccessControlAttributeConfiguration", "DeleteManagedApplicationInstance", "DeletePermissionSet", "DeletePermissionsPolicy", "DeleteProfile", "DescribeAccountAssignmentCreationStatus", "DescribeAccountAssignmentDeletionStatus", + "DescribeInstanceAccessControlAttributeConfiguration", "DescribePermissionSet", "DescribePermissionSetProvisioningStatus", "DescribePermissionsPolicies", @@ -7401,6 +9027,8 @@ "PutInlinePolicyToPermissionSet", "PutMfaDeviceManagementForDirectory", "PutPermissionsPolicy", + "SearchGroups", + "SearchUsers", "StartSSO", "TagResource", "UntagResource", @@ -7412,6 +9040,7 @@ "UpdateApplicationInstanceServiceProviderConfiguration", "UpdateApplicationInstanceStatus", "UpdateDirectoryAssociation", + "UpdateInstanceAccessControlAttributeConfiguration", "UpdateManagedApplicationInstanceStatus", "UpdatePermissionSet", "UpdateProfile", @@ -7421,6 +9050,7 @@ "sso-directory": [ "AddMemberToGroup", "CompleteVirtualMfaDeviceRegistration", + "CompleteWebAuthnDeviceRegistration", "CreateAlias", "CreateBearerToken", "CreateExternalIdPConfigurationForDirectory", @@ -7428,21 +9058,31 @@ "CreateProvisioningTenant", "CreateUser", "DeleteBearerToken", + "DeleteExternalIdPCertificate", "DeleteExternalIdPConfigurationForDirectory", "DeleteGroup", "DeleteMfaDeviceForUser", "DeleteProvisioningTenant", "DeleteUser", "DescribeDirectory", + "DescribeGroup", "DescribeGroups", + "DescribeProvisioningTenant", + "DescribeUser", + "DescribeUserByUniqueAttribute", "DescribeUsers", "DisableExternalIdPConfigurationForDirectory", "DisableUser", "EnableExternalIdPConfigurationForDirectory", "EnableUser", "GetAWSSPConfigurationForDirectory", + "GetUserPoolInfo", + "ImportExternalIdPCertificate", + "IsMemberInGroup", "ListBearerTokens", + "ListExternalIdPCertificates", "ListExternalIdPConfigurationsForDirectory", + "ListGroupsForMember", "ListGroupsForUser", "ListMembersInGroup", "ListMfaDevicesForUser", @@ -7451,10 +9091,14 @@ "SearchGroups", "SearchUsers", "StartVirtualMfaDeviceRegistration", + "StartWebAuthnDeviceRegistration", "UpdateExternalIdPConfigurationForDirectory", "UpdateGroup", + "UpdateGroupDisplayName", + "UpdateMfaDeviceForUser", "UpdatePassword", "UpdateUser", + "UpdateUserName", "VerifyEmail" ], "states": [ @@ -7476,6 +9120,7 @@ "SendTaskHeartbeat", "SendTaskSuccess", "StartExecution", + "StartSyncExecution", "StopExecution", "TagResource", "UntagResource", @@ -7487,7 +9132,10 @@ "AddTagsToResource", "AddUploadBuffer", "AddWorkingStorage", + "AssignTapePool", + "AssociateFileSystem", "AttachVolume", + "BypassGovernanceRetention", "CancelArchival", "CancelRetrieval", "CreateCachediSCSIVolume", @@ -7496,8 +9144,10 @@ "CreateSnapshot", "CreateSnapshotFromVolumeRecoveryPoint", "CreateStorediSCSIVolume", + "CreateTapePool", "CreateTapeWithBarcode", "CreateTapes", + "DeleteAutomaticTapeCreationPolicy", "DeleteBandwidthRateLimit", "DeleteChapCredentials", "DeleteFileShare", @@ -7505,11 +9155,15 @@ "DeleteSnapshotSchedule", "DeleteTape", "DeleteTapeArchive", + "DeleteTapePool", "DeleteVolume", + "DescribeAvailabilityMonitorTest", "DescribeBandwidthRateLimit", + "DescribeBandwidthRateLimitSchedule", "DescribeCache", "DescribeCachediSCSIVolumes", "DescribeChapCredentials", + "DescribeFileSystemAssociations", "DescribeGatewayInformation", "DescribeMaintenanceStartTime", "DescribeNFSFileShares", @@ -7525,11 +9179,15 @@ "DescribeWorkingStorage", "DetachVolume", "DisableGateway", + "DisassociateFileSystem", "JoinDomain", + "ListAutomaticTapeCreationPolicies", "ListFileShares", + "ListFileSystemAssociations", "ListGateways", "ListLocalDisks", "ListTagsForResource", + "ListTapePools", "ListTapes", "ListVolumeInitiators", "ListVolumeRecoveryPoints", @@ -7543,14 +9201,20 @@ "SetLocalConsolePassword", "SetSMBGuestPassword", "ShutdownGateway", + "StartAvailabilityMonitorTest", "StartGateway", + "UpdateAutomaticTapeCreationPolicy", "UpdateBandwidthRateLimit", + "UpdateBandwidthRateLimitSchedule", "UpdateChapCredentials", + "UpdateFileSystemAssociation", "UpdateGatewayInformation", "UpdateGatewaySoftwareNow", "UpdateMaintenanceStartTime", "UpdateNFSFileShare", "UpdateSMBFileShare", + "UpdateSMBFileShareVisibility", + "UpdateSMBSecurityStrategy", "UpdateSnapshotSchedule", "UpdateVTLDeviceType" ], @@ -7673,6 +9337,32 @@ "StartDocumentAnalysis", "StartDocumentTextDetection" ], + "timestream": [ + "CancelQuery", + "CreateDatabase", + "CreateTable", + "DeleteDatabase", + "DeleteTable", + "DescribeDatabase", + "DescribeEndpoints", + "DescribeTable", + "ListDatabases", + "ListMeasures", + "ListTables", + "ListTagsForResource", + "Select", + "SelectValues", + "TagResource", + "UntagResource", + "UpdateDatabase", + "UpdateTable", + "WriteRecords" + ], + "tiros": [ + "CreateQuery", + "GetQueryAnswer", + "GetQueryExplanation" + ], "transcribe": [ "CreateLanguageModel", "CreateMedicalVocabulary", @@ -7712,9 +9402,11 @@ "DeleteServer", "DeleteSshPublicKey", "DeleteUser", + "DescribeSecurityPolicy", "DescribeServer", "DescribeUser", "ImportSshPublicKey", + "ListSecurityPolicies", "ListServers", "ListTagsForResource", "ListUsers", @@ -7727,15 +9419,20 @@ "UpdateUser" ], "translate": [ + "CreateParallelData", + "DeleteParallelData", "DeleteTerminology", "DescribeTextTranslationJob", + "GetParallelData", "GetTerminology", "ImportTerminology", + "ListParallelData", "ListTerminologies", "ListTextTranslationJobs", "StartTextTranslationJob", "StopTextTranslationJob", - "TranslateText" + "TranslateText", + "UpdateParallelData" ], "trustedadvisor": [ "DescribeAccount", @@ -7752,6 +9449,9 @@ "ExcludeCheckItems", "GenerateReport", "IncludeCheckItems", + "ListAccountsForParent", + "ListOrganizationalUnitsForParent", + "ListRoots", "RefreshCheck", "SetAccountAccess", "SetOrganizationAccess", @@ -7967,11 +9667,37 @@ "AuthenticatePackager" ], "wellarchitected": [ + "AssociateLenses", + "CreateMilestone", "CreateWorkload", "CreateWorkloadShare", "DeleteWorkload", + "DeleteWorkloadShare", + "DisassociateLenses", + "GetAnswer", + "GetLensReview", + "GetLensReviewReport", + "GetLensVersionDifference", + "GetMilestone", "GetWorkload", - "ListWorkloads" + "ListAnswers", + "ListLensReviewImprovements", + "ListLensReviews", + "ListLenses", + "ListMilestones", + "ListNotifications", + "ListShareInvitations", + "ListTagsForResource", + "ListWorkloadShares", + "ListWorkloads", + "TagResource", + "UntagResource", + "UpdateAnswer", + "UpdateLensReview", + "UpdateShareInvitation", + "UpdateWorkload", + "UpdateWorkloadShare", + "UpgradeLensReview" ], "workdocs": [ "AbortDocumentVersionUpload", @@ -8051,6 +9777,7 @@ "ListWebsiteCertificateAuthorities", "RestoreDomainAccess", "RevokeDomainAccess", + "SearchEntity", "SignOutUser", "TagResource", "UntagResource", @@ -8065,6 +9792,7 @@ "AddMembersToGroup", "AssociateDelegateToResource", "AssociateMemberToGroup", + "CancelMailboxExportJob", "CreateAlias", "CreateGroup", "CreateInboundMailFlowRule", @@ -8096,6 +9824,7 @@ "DescribeMailDomains", "DescribeMailGroups", "DescribeMailUsers", + "DescribeMailboxExportJob", "DescribeOrganization", "DescribeOrganizations", "DescribeOutboundMailFlowRule", @@ -8124,6 +9853,7 @@ "ListGroupMembers", "ListGroups", "ListInboundMailFlowRules", + "ListMailboxExportJobs", "ListMailboxPermissions", "ListMembersInMailGroup", "ListOrganizations", @@ -8147,6 +9877,7 @@ "SetMailGroupDetails", "SetMailUserDetails", "SetMobilePolicyDetails", + "StartMailboxExportJob", "TagResource", "TestInboundMailFlowRules", "TestOutboundMailFlowRules", diff --git a/tests/data/placebo/test_alarm_add_tags/monitoring.DescribeAlarms_1.json b/tests/data/placebo/test_alarm_add_tags/monitoring.DescribeAlarms_1.json new file mode 100644 index 00000000000..57495977a3d --- /dev/null +++ b/tests/data/placebo/test_alarm_add_tags/monitoring.DescribeAlarms_1.json @@ -0,0 +1,47 @@ +{ + "status_code": 200, + "data": { + "CompositeAlarms": [], + "MetricAlarms": [ + { + "AlarmName": "c7n-test-alarm-tags-filter", + "AlarmArn": "arn:aws:cloudwatch:us-east-1:012345678910:alarm:c7n-test-alarm-tags-filter", + "AlarmConfigurationUpdatedTimestamp": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 24, + "hour": 18, + "minute": 1, + "second": 32, + "microsecond": 583000 + }, + "ActionsEnabled": true, + "OKActions": [], + "AlarmActions": [], + "InsufficientDataActions": [], + "StateValue": "INSUFFICIENT_DATA", + "StateReason": "Unchecked: Initial alarm creation", + "StateUpdatedTimestamp": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 24, + "hour": 18, + "minute": 1, + "second": 32, + "microsecond": 583000 + }, + "MetricName": "CPUUtilization", + "Namespace": "AWS/EC2", + "Statistic": "Average", + "Dimensions": [], + "Period": 3600, + "EvaluationPeriods": 5, + "Threshold": 10.0, + "ComparisonOperator": "GreaterThanThreshold" + } + ], + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_alarm_add_tags/tagging.GetResources_1.json b/tests/data/placebo/test_alarm_add_tags/tagging.GetResources_1.json new file mode 100644 index 00000000000..d589a98ab3a --- /dev/null +++ b/tests/data/placebo/test_alarm_add_tags/tagging.GetResources_1.json @@ -0,0 +1,22 @@ +{ + "status_code": 200, + "data": { + "PaginationToken": "", + "ResourceTagMappingList": [ + { + "ResourceARN": "arn:aws:cloudwatch:us-east-1:012345678910:alarm:c7n-test-alarm-tags-filter", + "Tags": [ + { + "Key": "OwnerName", + "Value": "SomeName" + }, + { + "Key": "some-tag", + "Value": "some-value" + } + ] + } + ], + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_alarm_add_tags/tagging.TagResources_1.json b/tests/data/placebo/test_alarm_add_tags/tagging.TagResources_1.json new file mode 100644 index 00000000000..bd2dead8598 --- /dev/null +++ b/tests/data/placebo/test_alarm_add_tags/tagging.TagResources_1.json @@ -0,0 +1,7 @@ +{ + "status_code": 200, + "data": { + "FailedResourcesMap": {}, + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_alarm_delete/tagging.GetResources_1.json b/tests/data/placebo/test_alarm_delete/tagging.GetResources_1.json new file mode 100644 index 00000000000..e5386a1d5d1 --- /dev/null +++ b/tests/data/placebo/test_alarm_delete/tagging.GetResources_1.json @@ -0,0 +1,26 @@ +{ + "status_code": 200, + "data": { + "PaginationToken": "", + "ResourceTagMappingList": [ + { + "ResourceARN": "arn:aws:cloudwatch:us-east-1:012345678910:alarm:c7n-test-alarm-delete", + "Tags": [] + }, + { + "ResourceARN": "arn:aws:cloudwatch:us-east-1:012345678910:alarm:c7n-test-alarm-tags-filter", + "Tags": [ + { + "Key": "OwnerName", + "Value": "SomeName" + }, + { + "Key": "some-tag", + "Value": "some-value" + } + ] + } + ], + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_alarm_tags_filter/monitoring.DescribeAlarms_1.json b/tests/data/placebo/test_alarm_tags_filter/monitoring.DescribeAlarms_1.json new file mode 100644 index 00000000000..57495977a3d --- /dev/null +++ b/tests/data/placebo/test_alarm_tags_filter/monitoring.DescribeAlarms_1.json @@ -0,0 +1,47 @@ +{ + "status_code": 200, + "data": { + "CompositeAlarms": [], + "MetricAlarms": [ + { + "AlarmName": "c7n-test-alarm-tags-filter", + "AlarmArn": "arn:aws:cloudwatch:us-east-1:012345678910:alarm:c7n-test-alarm-tags-filter", + "AlarmConfigurationUpdatedTimestamp": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 24, + "hour": 18, + "minute": 1, + "second": 32, + "microsecond": 583000 + }, + "ActionsEnabled": true, + "OKActions": [], + "AlarmActions": [], + "InsufficientDataActions": [], + "StateValue": "INSUFFICIENT_DATA", + "StateReason": "Unchecked: Initial alarm creation", + "StateUpdatedTimestamp": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 24, + "hour": 18, + "minute": 1, + "second": 32, + "microsecond": 583000 + }, + "MetricName": "CPUUtilization", + "Namespace": "AWS/EC2", + "Statistic": "Average", + "Dimensions": [], + "Period": 3600, + "EvaluationPeriods": 5, + "Threshold": 10.0, + "ComparisonOperator": "GreaterThanThreshold" + } + ], + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_alarm_tags_filter/monitoring.PutMetricAlarm_1.json b/tests/data/placebo/test_alarm_tags_filter/monitoring.PutMetricAlarm_1.json new file mode 100644 index 00000000000..5b2170a073c --- /dev/null +++ b/tests/data/placebo/test_alarm_tags_filter/monitoring.PutMetricAlarm_1.json @@ -0,0 +1,6 @@ +{ + "status_code": 200, + "data": { + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_alarm_tags_filter/tagging.GetResources_1.json b/tests/data/placebo/test_alarm_tags_filter/tagging.GetResources_1.json new file mode 100644 index 00000000000..04671b5962d --- /dev/null +++ b/tests/data/placebo/test_alarm_tags_filter/tagging.GetResources_1.json @@ -0,0 +1,18 @@ +{ + "status_code": 200, + "data": { + "PaginationToken": "", + "ResourceTagMappingList": [ + { + "ResourceARN": "arn:aws:cloudwatch:us-east-1:012345678910:alarm:c7n-test-alarm-tags-filter", + "Tags": [ + { + "Key": "some-tag", + "Value": "some-value" + } + ] + } + ], + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_aws_asg_update/autoscaling.DescribeAutoScalingGroups_1.json b/tests/data/placebo/test_aws_asg_update/autoscaling.DescribeAutoScalingGroups_1.json new file mode 100644 index 00000000000..5c1201c5fc3 --- /dev/null +++ b/tests/data/placebo/test_aws_asg_update/autoscaling.DescribeAutoScalingGroups_1.json @@ -0,0 +1,84 @@ +{ + "status_code": 200, + "data": { + "AutoScalingGroups": [ + { + "AutoScalingGroupName": "tf-asg-20210406161729306300000003", + "AutoScalingGroupARN": "arn:aws:autoscaling:us-west-2:644160558196:autoScalingGroup:f92d4ea4-ba11-42ab-8c34-696ed8047010:autoScalingGroupName/tf-asg-20210406161729306300000003", + "LaunchTemplate": { + "LaunchTemplateId": "lt-007e80764a20763ae", + "LaunchTemplateName": "foobar20210406161728176600000001", + "Version": "$Latest" + }, + "MinSize": 1, + "MaxSize": 1, + "DesiredCapacity": 1, + "DefaultCooldown": 300, + "AvailabilityZones": [ + "us-west-2a" + ], + "LoadBalancerNames": [], + "TargetGroupARNs": [], + "HealthCheckType": "EC2", + "HealthCheckGracePeriod": 300, + "Instances": [ + { + "InstanceId": "i-0843feb694ac159c7", + "InstanceType": "t3.micro", + "AvailabilityZone": "us-west-2a", + "LifecycleState": "InService", + "HealthStatus": "Healthy", + "LaunchTemplate": { + "LaunchTemplateId": "lt-007e80764a20763ae", + "LaunchTemplateName": "foobar20210406161728176600000001", + "Version": "1" + }, + "ProtectedFromScaleIn": false + } + ], + "CreatedTime": { + "__class__": "datetime", + "year": 2021, + "month": 4, + "day": 6, + "hour": 16, + "minute": 17, + "second": 30, + "microsecond": 696000 + }, + "SuspendedProcesses": [], + "VPCZoneIdentifier": "", + "EnabledMetrics": [], + "Tags": [ + { + "ResourceId": "tf-asg-20210406161729306300000003", + "ResourceType": "auto-scaling-group", + "Key": "App", + "Value": "Testing", + "PropagateAtLaunch": true + }, + { + "ResourceId": "tf-asg-20210406161729306300000003", + "ResourceType": "auto-scaling-group", + "Key": "Creator", + "Value": "tstansell", + "PropagateAtLaunch": false + }, + { + "ResourceId": "tf-asg-20210406161729306300000003", + "ResourceType": "auto-scaling-group", + "Key": "c7n_status", + "Value": "AutoScaleGroup does not meet org policy: suspend@2021/04/06 1717 UTC", + "PropagateAtLaunch": false + } + ], + "TerminationPolicies": [ + "Default" + ], + "NewInstancesProtectedFromScaleIn": false, + "ServiceLinkedRoleARN": "arn:aws:iam::644160558196:role/aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling" + } + ], + "ResponseMetadata": {} + } +} diff --git a/tests/data/placebo/test_aws_asg_update/autoscaling.DescribeAutoScalingGroups_2.json b/tests/data/placebo/test_aws_asg_update/autoscaling.DescribeAutoScalingGroups_2.json new file mode 100644 index 00000000000..f9a57ae4d12 --- /dev/null +++ b/tests/data/placebo/test_aws_asg_update/autoscaling.DescribeAutoScalingGroups_2.json @@ -0,0 +1,86 @@ +{ + "status_code": 200, + "data": { + "AutoScalingGroups": [ + { + "AutoScalingGroupName": "tf-asg-20210406161729306300000003", + "AutoScalingGroupARN": "arn:aws:autoscaling:us-west-2:644160558196:autoScalingGroup:f92d4ea4-ba11-42ab-8c34-696ed8047010:autoScalingGroupName/tf-asg-20210406161729306300000003", + "LaunchTemplate": { + "LaunchTemplateId": "lt-007e80764a20763ae", + "LaunchTemplateName": "foobar20210406161728176600000001", + "Version": "$Latest" + }, + "MinSize": 1, + "MaxSize": 1, + "DesiredCapacity": 1, + "DefaultCooldown": 600, + "AvailabilityZones": [ + "us-west-2a" + ], + "LoadBalancerNames": [], + "TargetGroupARNs": [], + "HealthCheckType": "EC2", + "HealthCheckGracePeriod": 300, + "Instances": [ + { + "InstanceId": "i-0843feb694ac159c7", + "InstanceType": "t3.micro", + "AvailabilityZone": "us-west-2a", + "LifecycleState": "InService", + "HealthStatus": "Healthy", + "LaunchTemplate": { + "LaunchTemplateId": "lt-007e80764a20763ae", + "LaunchTemplateName": "foobar20210406161728176600000001", + "Version": "1" + }, + "ProtectedFromScaleIn": false + } + ], + "CreatedTime": { + "__class__": "datetime", + "year": 2021, + "month": 4, + "day": 6, + "hour": 16, + "minute": 17, + "second": 30, + "microsecond": 696000 + }, + "SuspendedProcesses": [], + "VPCZoneIdentifier": "", + "EnabledMetrics": [], + "Tags": [ + { + "ResourceId": "tf-asg-20210406161729306300000003", + "ResourceType": "auto-scaling-group", + "Key": "App", + "Value": "Testing", + "PropagateAtLaunch": true + }, + { + "ResourceId": "tf-asg-20210406161729306300000003", + "ResourceType": "auto-scaling-group", + "Key": "Creator", + "Value": "tstansell", + "PropagateAtLaunch": false + }, + { + "ResourceId": "tf-asg-20210406161729306300000003", + "ResourceType": "auto-scaling-group", + "Key": "c7n_status", + "Value": "AutoScaleGroup does not meet org policy: suspend@2021/04/06 1717 UTC", + "PropagateAtLaunch": false + } + ], + "TerminationPolicies": [ + "Default" + ], + "NewInstancesProtectedFromScaleIn": true, + "ServiceLinkedRoleARN": "arn:aws:iam::644160558196:role/aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling", + "MaxInstanceLifetime": 604800, + "CapacityRebalance": true + } + ], + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_aws_asg_update/autoscaling.UpdateAutoScalingGroup_1.json b/tests/data/placebo/test_aws_asg_update/autoscaling.UpdateAutoScalingGroup_1.json new file mode 100644 index 00000000000..5b2170a073c --- /dev/null +++ b/tests/data/placebo/test_aws_asg_update/autoscaling.UpdateAutoScalingGroup_1.json @@ -0,0 +1,6 @@ +{ + "status_code": 200, + "data": { + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_connection_password_hidden/glue.GetConnections_1.json b/tests/data/placebo/test_connection_password_hidden/glue.GetConnections_1.json new file mode 100644 index 00000000000..d5f3eeffdf7 --- /dev/null +++ b/tests/data/placebo/test_connection_password_hidden/glue.GetConnections_1.json @@ -0,0 +1,44 @@ +{ + "status_code": 200, + "data": { + "ConnectionList": [ + { + "Name": "test", + "ConnectionType": "JDBC", + "ConnectionProperties": { + "JDBC_CONNECTION_URL": "jdbc:mysql://database-3-instance-1.cz6wy8cci3uf.us-east-1.rds.amazonaws.com:3306/test", + "JDBC_ENFORCE_SSL": "false", + "USERNAME": "admin" + }, + "PhysicalConnectionRequirements": { + "SubnetId": "subnet-3a334610", + "SecurityGroupIdList": [ + "sg-6c7fa917" + ], + "AvailabilityZone": "us-east-1d" + }, + "CreationTime": { + "__class__": "datetime", + "year": 2020, + "month": 5, + "day": 4, + "hour": 17, + "minute": 1, + "second": 0, + "microsecond": 856000 + }, + "LastUpdatedTime": { + "__class__": "datetime", + "year": 2021, + "month": 5, + "day": 4, + "hour": 17, + "minute": 1, + "second": 0, + "microsecond": 856000 + } + } + ], + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_ecs_service_config/config.GetResourceConfigHistory_1.json b/tests/data/placebo/test_ecs_service_config/config.GetResourceConfigHistory_1.json new file mode 100644 index 00000000000..5fb3ecefcc8 --- /dev/null +++ b/tests/data/placebo/test_ecs_service_config/config.GetResourceConfigHistory_1.json @@ -0,0 +1,37 @@ +{ + "status_code": 200, + "data": { + "configurationItems": [ + { + "version": "1.3", + "accountId": "644160558196", + "configurationItemCaptureTime": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 22, + "hour": 8, + "minute": 11, + "second": 34, + "microsecond": 566000 + }, + "configurationItemStatus": "OK", + "configurationStateId": "1616415094566", + "configurationItemMD5Hash": "", + "arn": "arn:aws:ecs:us-east-2:644160558196:service/dev/queue-processor", + "resourceType": "AWS::ECS::Service", + "resourceId": "arn:aws:ecs:us-east-2:644160558196:service/dev/queue-processor", + "resourceName": "queue-processor", + "awsRegion": "us-east-2", + "availabilityZone": "Regional", + "tags": {}, + "relatedEvents": [], + "relationships": [], + "configuration": "{\"ServiceArn\":\"arn:aws:ecs:us-east-2:644160558196:service/dev/queue-processor\",\"CapacityProviderStrategy\":[{\"CapacityProvider\":\"FARGATE_SPOT\",\"Weight\":100,\"Base\":0}],\"Cluster\":\"arn:aws:ecs:us-east-2:644160558196:cluster/dev\",\"DeploymentConfiguration\":{\"DeploymentCircuitBreaker\":{\"Enable\":false,\"Rollback\":false},\"MaximumPercent\":200,\"MinimumHealthyPercent\":100},\"DesiredCount\":1,\"EnableECSManagedTags\":true,\"LoadBalancers\":[],\"Name\":\"queue-processor\",\"NetworkConfiguration\":{\"AwsvpcConfiguration\":{\"Subnets\":[\"subnet-0419cca2069994f38\",\"subnet-0274fa45085e24c57\",\"subnet-060031dd8ac95c297\"],\"SecurityGroups\":[\"sg-04f520370e79f229f\"],\"AssignPublicIp\":\"ENABLED\"}},\"PlacementConstraints\":[],\"PlacementStrategies\":[],\"PlatformVersion\":\"LATEST\",\"Role\":\"arn:aws:iam::644160558196:role/aws-service-role/ecs.amazonaws.com/AWSServiceRoleForECS\",\"SchedulingStrategy\":\"REPLICA\",\"ServiceName\":\"queue-processor\",\"ServiceRegistries\":[],\"Tags\":[],\"TaskDefinition\":\"arn:aws:ecs:us-east-2:644160558196:task-definition/dev:4\"}", + "supplementaryConfiguration": {} + } + ], + "nextToken": "eyJlbmNyeXB0ZWREYXRhIjpbODUsNTQsMzYsMTEzLDEwOSw5OSwxMjAsNDcsLTEwNCwtMTIwLC05NSw5NSwtOTIsNTcsMTEyLC04MiwxNywtOTEsLTExMiwxMjMsLTExNCwtNjYsNTgsLTExMSwxMDgsMTEsLTM1LC05OSw3MywtODUsLTI5LC0xNywtMjMsLTUsNzUsLTQ0LDkzLDgxLDE0LDI2LC01Nyw5Miw2OCwtMjYsLTExLDQyLDEyLDU3LC0yNCw1Nyw2NywtNDQsMTI0LC0zOSwxMDgsLTcwLDg1LC00MiwtNTUsLTU3LC03OCwtNDQsMTA4LDIwLC0xMDIsMTgsOTMsMTAsLTYxLDg2LC0yOCwtOTUsLTExNSwxMjIsLTMxLC0xMDEsMTE2LDAsNTYsMTE2LC04NSwtNzQsMzMsLTMxLDk1LDE4LDEwMiwtMTA5LDc4LDIxLDQ5LC03Nyw3MiwtOTYsNjUsLTExNywtNTcsMjYsLTEwOSwtNjcsMTA1LC01Nyw3MiwtMiwtNjUsLTQzLDEwMCwyMiwtNCwtNzMsMTAsNzksLTg5LC0xMjIsMTYsLTExLDUxLDQzLDU2LDEyMCwtMiwtNDEsNjcsLTQ0LDEwNSwtOTEsLTQ5LDU3LC0xMTAsLTE3LC03MywtNTcsNCwxMiwzNiwxMDMsLTYsLTExNiwtOTUsLTEyMSw0MywtMzIsLTEyNSw1MSwyNiwtODcsLTI0LDkzLDEyMSwtMzEsNDIsLTUzLC0yOSwtODcsLTc0LDc5LC04MiwtNDAsLTc4LC01MywtNTcsLTEyOCwtNDEsNDgsLTEyMywtMTAyXSwibWF0ZXJpYWxTZXRTZXJpYWxOdW1iZXIiOjEsIml2UGFyYW1ldGVyU3BlYyI6eyJpdiI6Wy04NSwtMTAwLDMsLTc1LC03MSwtMTE2LDMzLC05LDYyLC0xMTcsLTMsLTEzLDExNSwtMTA3LC02NSwtNTFdfX0=", + "ResponseMetadata": {} + } +} diff --git a/tests/data/placebo/test_ecs_service_config/config.GetResourceConfigHistory_2.json b/tests/data/placebo/test_ecs_service_config/config.GetResourceConfigHistory_2.json new file mode 100644 index 00000000000..2e1a1adaa69 --- /dev/null +++ b/tests/data/placebo/test_ecs_service_config/config.GetResourceConfigHistory_2.json @@ -0,0 +1,8 @@ +{ + "status_code": 200, + "data": { + "configurationItems": [], + "nextToken": "eyJlbmNyeXB0ZWREYXRhIjpbLTg4LDIzLDksLTk5LC0xNiwtNDYsMzMsNTcsLTExLC0xMDMsLTg1LDIsMTA5LDEyNiwtMzksLTg1LDE2LDg4LDg3LDk3LC0xMDQsLTk1LC0xMTcsMTIzLC05NSwtNCwtMTgsLTY4LDY1LC01NSwtOTUsLTk1LDU0LDEwOCwtOTMsLTEyNiwtOTIsLTgwLDQxLDQzLDQ0LC04NSwtMTMsMTA1LDU4LC05MCwtNTIsLTI1LDEyLDYyLC03MywtODYsMywtMiw3OSwxNSwtNjIsLTk5LDExOSwyOSwtMTEyLDMyLC01OCw1LC0yMywtMjgsOTUsMTE0LC00NiwxMiw4NSw4NCwtNzYsLTkxLDMyLC0zNyw5NiwyOSwtNzEsLTc1LDQ5LDEwOSwtMTUsLTM5LC03MCw0NywtMzIsMTEsLTExMiwtMTcsMTA4LC01MSwtOTgsLTEyMyw4NSwtMTgsLTkzLDY2LDk3LDUzLC0xMjIsMjgsMzcsNTAsMTAxLC0xMCw5NiwyNywxMTksODcsNTAsLTIwLDc0LC03MCwtMTEsMTksLTcsLTExNSwtMTE5LDExNSwtNCwtMTYsMjEsLTEwMywzLDIzLDM1LDQwLDExNiwtMTE5LC0xMDgsLTQ2LDU2LDExMSwzMiwtNTYsLTM2LDU1LDEwMSwxNywtMTEzLC0xMTcsODEsNTEsLTI2LDExNCwtNjQsLTk2LC05OSw2MSwzLDEyMiw2MSw1OCw0MywtMTUsNDMsLTg1LDEwOSwtNiwtOTQsMTE3LC0xMDcsLTEwMSwxMjEsLTNdLCJtYXRlcmlhbFNldFNlcmlhbE51bWJlciI6MSwiaXZQYXJhbWV0ZXJTcGVjIjp7Iml2IjpbOTksMTAxLC00NCw1MCwtNTUsNzcsMjgsNjcsLTg4LDI2LDgsLTEwOCwtOTksLTM3LC0xOSw3M119fQ==", + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_ecs_service_config/config.ListDiscoveredResources_1.json b/tests/data/placebo/test_ecs_service_config/config.ListDiscoveredResources_1.json new file mode 100644 index 00000000000..96e2ec19a38 --- /dev/null +++ b/tests/data/placebo/test_ecs_service_config/config.ListDiscoveredResources_1.json @@ -0,0 +1,18 @@ +{ + "status_code": 200, + "data": { + "resourceIdentifiers": [ + { + "resourceType": "AWS::ECS::Service", + "resourceId": "arn:aws:ecs:us-east-2:644160558196:service/dev/queue-processor", + "resourceName": "queue-processor" + }, + { + "resourceType": "AWS::ECS::Service", + "resourceId": "arn:aws:ecs:us-east-2:644160558196:service/dev/dev-queue-processor", + "resourceName": "dev-queue-processor" + } + ], + "ResponseMetadata": {} + } +} diff --git a/tests/data/placebo/test_ecs_service_config/config.SelectResourceConfig_1.json b/tests/data/placebo/test_ecs_service_config/config.SelectResourceConfig_1.json new file mode 100644 index 00000000000..b9cb87638b8 --- /dev/null +++ b/tests/data/placebo/test_ecs_service_config/config.SelectResourceConfig_1.json @@ -0,0 +1,20 @@ +{ + "status_code": 200, + "data": { + "Results": [], + "QueryInfo": { + "SelectFields": [ + { + "Name": "resourceId" + }, + { + "Name": "configuration" + }, + { + "Name": "supplementaryConfiguration" + } + ] + }, + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_ecs_task_def_config/config.GetResourceConfigHistory_1.json b/tests/data/placebo/test_ecs_task_def_config/config.GetResourceConfigHistory_1.json new file mode 100644 index 00000000000..25bdd674262 --- /dev/null +++ b/tests/data/placebo/test_ecs_task_def_config/config.GetResourceConfigHistory_1.json @@ -0,0 +1,37 @@ +{ + "status_code": 200, + "data": { + "configurationItems": [ + { + "version": "1.3", + "accountId": "644160558196", + "configurationItemCaptureTime": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 8, + "hour": 0, + "minute": 57, + "second": 12, + "microsecond": 720000 + }, + "configurationItemStatus": "OK", + "configurationStateId": "1615183032720", + "configurationItemMD5Hash": "", + "arn": "arn:aws:ecs:us-east-1:644160558196:task-definition/TEST:1", + "resourceType": "AWS::ECS::TaskDefinition", + "resourceId": "TEST:1", + "resourceName": "TEST:1", + "awsRegion": "us-east-1", + "availabilityZone": "Regional", + "tags": {}, + "relatedEvents": [], + "relationships": [], + "configuration": "{\"ContainerDefinitions\":[{\"Name\":\"dwcqwc\",\"Image\":\"qwcqwc.comwqe\",\"Cpu\":0,\"Links\":[],\"PortMappings\":[],\"Essential\":true,\"EntryPoint\":[],\"Command\":[],\"Environment\":[],\"EnvironmentFiles\":[],\"MountPoints\":[],\"VolumesFrom\":[],\"Secrets\":[],\"DependsOn\":[],\"DnsServers\":[],\"DnsSearchDomains\":[],\"ExtraHosts\":[],\"DockerSecurityOptions\":[],\"DockerLabels\":{},\"Ulimits\":[],\"LogConfiguration\":{\"LogDriver\":\"awslogs\",\"Options\":{\"awslogs-group\":\"/ecs/TEST\",\"awslogs-region\":\"us-east-1\",\"awslogs-stream-prefix\":\"ecs\"},\"SecretOptions\":[]},\"SystemControls\":[],\"ResourceRequirements\":[]}],\"Cpu\":\"256\",\"ExecutionRoleArn\":\"arn:aws:iam::644160558196:role/ecsTaskExecutionRole\",\"Family\":\"TEST\",\"InferenceAccelerators\":[],\"Memory\":\"512\",\"NetworkMode\":\"awsvpc\",\"PlacementConstraints\":[],\"RequiresCompatibilities\":[\"FARGATE\"],\"Status\":\"INACTIVE\",\"Tags\":[],\"TaskDefinitionArn\":\"arn:aws:ecs:us-east-1:644160558196:task-definition/TEST:1\",\"TaskRoleArn\":\"arn:aws:iam::644160558196:role/ecsTaskExecutionRole\",\"Volumes\":[]}", + "supplementaryConfiguration": {} + } + ], + "nextToken": "eyJlbmNyeXB0ZWREYXRhIjpbMzYsLTgsNzYsLTY0LC05NCwtNzYsMTIzLDQ0LDE2LC04OCwtMTYsMTI2LDI2LC0xMDgsNzUsNzAsNDYsMTAyLC0xLC00NywtODQsLTM3LC00Nyw2MiwxMSw0NywtNCw0OCw3MCwtMTA1LDU5LDEyNiw5MCwxMjAsLTkzLC00MSwtMTIsNDQsMjEsMTEsMjEsLTU0LC0xNywtMTIyLDMyLC03NSw4MywyMCwyNiwtMTI1LDEwNSwxOSw5MiwtNjAsLTksMTE2LC0xMDUsLTM5LDExMSwtMTQsLTI1LDY1LC00NiwtMzEsLTIyLC01MywtOTEsNjQsLTcxLC0xMDUsMjYsMTAxLC0yNCwzNSwtODQsMTIyLC0xNSw1MCwtMTIyLDUsLTM5LC00LC0xOCwtNjUsMTE3LDExNCwxMDcsLTk5LC0xMDgsLTcwLC00NiwtNzksLTc5LDEzLC0zNyw4OSwzNCwtNDIsLTk5LDIxLC0xMDMsMzksMzAsLTczLC0xMTUsLTk2LDcsODUsLTgzLC0xMjcsLTE4LC0yNSwzMSwzMywxMTQsMTA4LDMxLDUyLDAsLTEyMCw4Nyw0MiwtNzMsLTgxLDUyLDQ3LDYxLDkzLDc1LDQ3LDksMiwtMSwzMyw5MywxNSwtMTI0LC0xMTAsLTkwLC00OCwtODEsODgsMTEsMjQsLTMzLDU5LC05OCwtNjIsLTgyLC03MCwtNDgsNDcsLTQwLC0xMDAsMjEsLTExMCwtMjMsNDksLTQxLDExNyw4OCwtODcsLTc4LC0xOSwyMiwtMTE0XSwibWF0ZXJpYWxTZXRTZXJpYWxOdW1iZXIiOjEsIml2UGFyYW1ldGVyU3BlYyI6eyJpdiI6WzYsLTI5LDMsLTUsLTEwMiwtMTIxLC0zOCwyNiwxMDcsLTEwMCwtNjEsOTIsOCwtNzEsNzcsLTc3XX19", + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_ecs_task_def_config/config.GetResourceConfigHistory_2.json b/tests/data/placebo/test_ecs_task_def_config/config.GetResourceConfigHistory_2.json new file mode 100644 index 00000000000..24096c96823 --- /dev/null +++ b/tests/data/placebo/test_ecs_task_def_config/config.GetResourceConfigHistory_2.json @@ -0,0 +1,39 @@ +{ + "status_code": 200, + "data": { + "configurationItems": [ + { + "version": "1.3", + "accountId": "644160558196", + "configurationItemCaptureTime": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 9, + "hour": 6, + "minute": 33, + "second": 56, + "microsecond": 616000 + }, + "configurationItemStatus": "OK", + "configurationStateId": "1615289636616", + "configurationItemMD5Hash": "", + "arn": "arn:aws:ecs:us-east-1:644160558196:task-definition/app-fargate-task:2", + "resourceType": "AWS::ECS::TaskDefinition", + "resourceId": "app-fargate-task:2", + "resourceName": "app-fargate-task:2", + "awsRegion": "us-east-1", + "availabilityZone": "Regional", + "tags": { + "test": "name" + }, + "relatedEvents": [], + "relationships": [], + "configuration": "{\"ContainerDefinitions\":[{\"Name\":\"fargate-app-2\",\"Image\":\"httpd:2.4\",\"Cpu\":0,\"Links\":[],\"PortMappings\":[{\"ContainerPort\":80,\"HostPort\":80,\"Protocol\":\"tcp\"}],\"Essential\":true,\"EntryPoint\":[\"sh\",\"-c\"],\"Command\":[\"/bin/sh -c \\\"echo \\u0027\\u003chtml\\u003e \\u003chead\\u003e \\u003ctitle\\u003eAmazon ECS Sample App\\u003c/title\\u003e \\u003cstyle\\u003ebody {margin-top: 40px; background-color: #333;} \\u003c/style\\u003e \\u003c/head\\u003e\\u003cbody\\u003e \\u003cdiv style\\u003dcolor:white;text-align:center\\u003e \\u003ch1\\u003eAmazon ECS Sample App\\u003c/h1\\u003e \\u003ch2\\u003eCongratulations!\\u003c/h2\\u003e \\u003cp\\u003eYour application is now running on a container in Amazon ECS.\\u003c/p\\u003e \\u003c/div\\u003e\\u003c/body\\u003e\\u003c/html\\u003e\\u0027 \\u003e /usr/local/apache2/htdocs/index.html \\u0026\\u0026 httpd-foreground\\\"\"],\"Environment\":[],\"EnvironmentFiles\":[],\"MountPoints\":[],\"VolumesFrom\":[],\"Secrets\":[],\"DependsOn\":[],\"DnsServers\":[],\"DnsSearchDomains\":[],\"ExtraHosts\":[],\"DockerSecurityOptions\":[],\"DockerLabels\":{},\"Ulimits\":[],\"SystemControls\":[],\"ResourceRequirements\":[]}],\"Cpu\":\"256\",\"Family\":\"app-fargate-task\",\"InferenceAccelerators\":[],\"Memory\":\"512\",\"NetworkMode\":\"awsvpc\",\"PlacementConstraints\":[],\"RequiresCompatibilities\":[\"FARGATE\"],\"Status\":\"ACTIVE\",\"Tags\":[{\"Key\":\"test\",\"Value\":\"name\"}],\"TaskDefinitionArn\":\"arn:aws:ecs:us-east-1:644160558196:task-definition/app-fargate-task:2\",\"Volumes\":[]}", + "supplementaryConfiguration": {} + } + ], + "nextToken": "eyJlbmNyeXB0ZWREYXRhIjpbMTAzLC03MiwxMjEsOTMsOTEsNjMsLTc5LC0zOSwtNDUsLTE4LDExMCwtMTA0LC02NSw5MiwtNDcsNzMsMjksMTksLTEsMCw1OCw5MywyMCwxOCwtOTYsLTc3LDI5LC05NCwxMTMsNzksLTEyMywxMjUsLTkxLC01MSwtODYsOTEsOTUsMzcsLTE0LC05LDU5LC0xMTAsLTk1LDM1LDEyLC02Miw2OCwyNywtMTE3LC0zNiwtMTAyLC0yNywzNSw1MSw4MCw4MCw5MCw0NCwxMTUsLTYzLC0xMjAsLTEyNCwtOTYsLTkxLDg5LDEyNiwtNzgsMTI1LC01OSw5OSwtMzcsLTcwLC0zMyw0MCwtOTAsLTg1LC0yNCwxMjIsLTEyMiw1MywtMTksLTgxLDM2LC01LC05MiwxMjIsLTkwLC00MCwxMjIsNzYsMTcsLTUsNDgsNTMsOTcsNDAsLTQsNzgsMTEzLC0xMDUsMTIwLC0xOCwxMDgsODgsMTEyLC0xMDYsLTU4LDI3LC0zNiwzLDEwMSwxMTgsMjksLTExNCwzOCwxMTYsMzUsLTIwLDk4LC0xMTcsNTEsODQsLTkzLDcxLDEzLC0xLDg3LDQ0LC0xMDAsOTIsLTQ3LDY1LC03OCwtMTUsLTc5LC05NSw0MiwtNTYsLTgsNiw3OCwtMTA4LC0zNCwtOSw3NCwtMTE4LC0yLDEyNSwtMTcsMjIsLTQsMjUsLTYwLC0xMDEsOTgsLTUxLDI2LC0xMTgsNTYsOTgsLTE4LC0xMjAsNzUsNDgsLTQsLTJdLCJtYXRlcmlhbFNldFNlcmlhbE51bWJlciI6MSwiaXZQYXJhbWV0ZXJTcGVjIjp7Iml2IjpbLTYzLDEyNywyNywtOTIsLTQxLC0xMTMsMTE5LDI2LC00NCwxNywyOCwtNzIsLTQzLC0xMTQsLTEwMiw1OF19fQ==", + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_ecs_task_def_config/config.ListDiscoveredResources_1.json b/tests/data/placebo/test_ecs_task_def_config/config.ListDiscoveredResources_1.json new file mode 100644 index 00000000000..5733680d087 --- /dev/null +++ b/tests/data/placebo/test_ecs_task_def_config/config.ListDiscoveredResources_1.json @@ -0,0 +1,18 @@ +{ + "status_code": 200, + "data": { + "resourceIdentifiers": [ + { + "resourceType": "AWS::ECS::TaskDefinition", + "resourceId": "TEST:1", + "resourceName": "TEST:1" + }, + { + "resourceType": "AWS::ECS::TaskDefinition", + "resourceId": "app-fargate-task:2", + "resourceName": "app-fargate-task:2" + } + ], + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_ecs_task_def_config/config.SelectResourceConfig_1.json b/tests/data/placebo/test_ecs_task_def_config/config.SelectResourceConfig_1.json new file mode 100644 index 00000000000..b9cb87638b8 --- /dev/null +++ b/tests/data/placebo/test_ecs_task_def_config/config.SelectResourceConfig_1.json @@ -0,0 +1,20 @@ +{ + "status_code": 200, + "data": { + "Results": [], + "QueryInfo": { + "SelectFields": [ + { + "Name": "resourceId" + }, + { + "Name": "configuration" + }, + { + "Name": "supplementaryConfiguration" + } + ] + }, + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_ecs_task_def_config/ecs.ListTagsForResource_1.json b/tests/data/placebo/test_ecs_task_def_config/ecs.ListTagsForResource_1.json new file mode 100644 index 00000000000..c42bb257a30 --- /dev/null +++ b/tests/data/placebo/test_ecs_task_def_config/ecs.ListTagsForResource_1.json @@ -0,0 +1,7 @@ +{ + "status_code": 200, + "data": { + "tags": [], + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_ecs_task_def_config/ecs.UntagResource_1.json b/tests/data/placebo/test_ecs_task_def_config/ecs.UntagResource_1.json new file mode 100644 index 00000000000..5b2170a073c --- /dev/null +++ b/tests/data/placebo/test_ecs_task_def_config/ecs.UntagResource_1.json @@ -0,0 +1,6 @@ +{ + "status_code": 200, + "data": { + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_eks_config/config.GetResourceConfigHistory_1.json b/tests/data/placebo/test_eks_config/config.GetResourceConfigHistory_1.json new file mode 100644 index 00000000000..48c8c42c644 --- /dev/null +++ b/tests/data/placebo/test_eks_config/config.GetResourceConfigHistory_1.json @@ -0,0 +1,37 @@ +{ + "status_code": 200, + "data": { + "configurationItems": [ + { + "version": "1.3", + "accountId": "644160558196", + "configurationItemCaptureTime": { + "__class__": "datetime", + "year": 2021, + "month": 4, + "day": 3, + "hour": 15, + "minute": 21, + "second": 34, + "microsecond": 701000 + }, + "configurationItemStatus": "ResourceDiscovered", + "configurationStateId": "1617477694701", + "configurationItemMD5Hash": "", + "arn": "arn:aws:eks:us-east-2:644160558196:cluster/kapil-dev", + "resourceType": "AWS::EKS::Cluster", + "resourceId": "kapil-dev", + "resourceName": "kapil-dev", + "awsRegion": "us-east-2", + "availabilityZone": "Regional", + "tags": {}, + "relatedEvents": [], + "relationships": [], + "configuration": "{\"Arn\":\"arn:aws:eks:us-east-2:644160558196:cluster/kapil-dev\",\"CertificateAuthorityData\":\"LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJeE1EUXdNekU1TVRVME5sb1hEVE14TURRd01URTVNVFUwTmxvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTEE0CjdYN3h0dHVSQzdNQVpGQWxMQnIxYWo5SVJ3UWFWVjE5c0x2RDRJNzRCZzRjTmxDYTlCNTVLcVlPNHVnMk5nZC8KU3YxS0ZrZ2hEM1pXdlZHd3NHVjl1RjQ3SGRsc1ovN1N4NkRuZkdyZGVCQnQxTis3aS9TYWh1c2RTYTFPUW5aMgo5cmdyWi84dlhYUnlSalFpdUx0Lzd3dVUwQ2RVejhwQTZFQWFZWXNVdkpCTGhwWUU2RzVHS3owNENIM1ZLa1F0CitGWXo1RDMxNTBGOTBSbnAwOFB4REVIYWRmRFNQenVpd094cXFLWWhrY1F1dkNTOHByYVRkcjZ3U25WTXhaTVMKVWduZzV5bWU1eGM5VjBTRkZ2ZmdTWFRiNTZPWFF2M0JyUjlEcGZRRzZmSGRJR3hhcjZ4UEg2eFdaYWpySU5iTgpzSmZuR2UzY1ZZSUIwUGdYaENzQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFFMDhpSHBhZjQxeDlNeXZQTGI1YUhTK0lFdEMKeWFxaktoZWFIbDNJMHcxWXhQZmordU5vaExnamQxZTY2SE1xbWhTQ2FpRkppOE1wTDdmZnUwTXFRaHdoZkprbApiV2lTSlJmMWhWek4wbFhPQy9JTEFxdUQ1VVY2M2F1QVROdnc2Rm1oVnd2L3dCKzZzNWxOVGVDS1ZnRUNnQ3p5CjQ4Ui80SFFqcWtKekwvRkFKcW11WDB6cW9NL1NNNVh2VUJzS3ZCRWlFd1JmSnZWYVJZTjZBL3p1YnZhQmNOVGIKVHAxTFNnbzE4NmdCRE9wNHp1bHV3emZiTG9weFFpTWE3WThTSm1PdEhGejdrQmRVYkE4UWcrSEh6Sy9ocDVhdgo4Y0g1bFQzL05TVEZvNlRJbjVoSUhHZGtGRXJjM3oxOVM1ckkrYlJDY0VONm91dGN1RmRaenlkWi9Nbz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo\\u003d\",\"Endpoint\":\"https://C14FFAA56074291F46DD0987C6C1BA14.gr7.us-east-2.eks.amazonaws.com\",\"Name\":\"kapil-dev\",\"ResourcesVpcConfig\":{\"SecurityGroupIds\":[\"sg-0f3863656b1ca8068\"],\"SubnetIds\":[\"subnet-05b873ed614f61c42\",\"subnet-0bc174a1c1bcb2a86\",\"subnet-025a6f66a50cd9554\",\"subnet-0ad5ce0a5d8b73777\",\"subnet-0749aa840c9f962e3\",\"subnet-075a3a6c7547c41eb\"]},\"RoleArn\":\"arn:aws:iam::644160558196:role/eksctl-kapil-dev-cluster-ServiceRole-1N32U4UXOOS7Z\",\"Version\":\"1.18\"}", + "supplementaryConfiguration": {} + } + ], + "nextToken": "eyJlbmNyeXB0ZWREYXRhIjpbLTYzLDI3LC02OCwtMywyMCw4NCwtMTIsNjQsMTIxLDg4LDM4LC0xMjIsLTIsLTEyOCwtNSwxMDgsLTc1LDEsLTYsMTExLC0xMDIsMTI2LC01NSwtMTMsMTYsLTEyNiwtMTE5LC02NSw1OSwtNzUsNzEsLTEwNyw4Myw0MSw1NSwtOCwxMTUsOCw3LC0xMTMsLTQ2LDEsMTE5LC05MSwtNzYsLTEwLC03NCw5NywxMTksLTgxLDE4LDI4LDMxLDEwOCwtNDEsLTEwNiwtODIsMTI1LC0yLDEyNywtODYsOTksLTI0LC00LDExLC01MywtODgsNTgsLTcyLC0xOCwtMTA2LDExLC01MiwtMTA2LDEyLDEwOCwtMzMsLTEwMyw1MywtMTE1LDQ2LC0xMTksMTA1LC0zNyw2MCwtNDEsMzEsLTEyNCwtNyw1Nyw4OSwtOTgsLTM5LC03MiwtODYsMTE3LC0zMCwtNDEsNTIsNzEsLTI0LDExNiw0OCwtNDgsLTEwMCwtMzQsLTIyLC00MSwtNCw0NCw0LDExMywtNTUsODMsNjIsLTc1LDQzLDUxLDEwMiwtNDMsLTYzLC0zLC0zOCw5MywtMTEyLC03MSwtOCwxMTMsNDUsMTYsNjQsLTEyLC0yMSwtNzksLTEwOSwxMDksNTUsLTYzLDE0LC03OSwtMTIxLDg4LDgwLDUzLDExOSwtNTksMTA0LC03MSwtNSw5MCwtNDYsLTExNCwtMTI3LC0xMjEsMTExLC0yLC03MSwxMjEsLTgyLDg1LC0zNCwtMTEyLDEwNCwtMTQsLTEwMSw3OF0sIm1hdGVyaWFsU2V0U2VyaWFsTnVtYmVyIjoxLCJpdlBhcmFtZXRlclNwZWMiOnsiaXYiOlstOTAsMTQsODcsNjMsMzYsNjksNDgsOTgsLTY5LC0xMjAsLTEyNywtMTcsLTMsNTEsLTc2LDk3XX19", + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_eks_config/config.ListDiscoveredResources_1.json b/tests/data/placebo/test_eks_config/config.ListDiscoveredResources_1.json new file mode 100644 index 00000000000..154a44e7400 --- /dev/null +++ b/tests/data/placebo/test_eks_config/config.ListDiscoveredResources_1.json @@ -0,0 +1,13 @@ +{ + "status_code": 200, + "data": { + "resourceIdentifiers": [ + { + "resourceType": "AWS::EKS::Cluster", + "resourceId": "kapil-dev", + "resourceName": "kapil-dev" + } + ], + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_eks_config/config.SelectResourceConfig_1.json b/tests/data/placebo/test_eks_config/config.SelectResourceConfig_1.json new file mode 100644 index 00000000000..b9cb87638b8 --- /dev/null +++ b/tests/data/placebo/test_eks_config/config.SelectResourceConfig_1.json @@ -0,0 +1,20 @@ +{ + "status_code": 200, + "data": { + "Results": [], + "QueryInfo": { + "SelectFields": [ + { + "Name": "resourceId" + }, + { + "Name": "configuration" + }, + { + "Name": "supplementaryConfiguration" + } + ] + }, + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_hsm_deprecated/cloudhsm.ListHsms_1.json b/tests/data/placebo/test_hsm_deprecated/cloudhsm.ListHsms_1.json new file mode 100644 index 00000000000..397ee02d1a8 --- /dev/null +++ b/tests/data/placebo/test_hsm_deprecated/cloudhsm.ListHsms_1.json @@ -0,0 +1,12 @@ +{ + "status_code": 400, + "data": { + "Error": { + "Message": "This service is unavailable. Please see https://aws.amazon.com/cloudhsm/faqs-classic/", + "Code": "CloudHsmServiceException" + }, + "ResponseMetadata": {}, + "message": "This service is unavailable. Please see https://aws.amazon.com/cloudhsm/faqs-classic/", + "retryable": false + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_kinesis_analyticsv2_app_delete/ec2.DescribeSubnets_1.json b/tests/data/placebo/test_kinesis_analyticsv2_app_delete/ec2.DescribeSubnets_1.json new file mode 100644 index 00000000000..a59d1bcbd1b --- /dev/null +++ b/tests/data/placebo/test_kinesis_analyticsv2_app_delete/ec2.DescribeSubnets_1.json @@ -0,0 +1,30 @@ +{ + "status_code": 200, + "data": { + "Subnets": [ + { + "AvailabilityZone": "us-east-1b", + "AvailabilityZoneId": "use1-az6", + "AvailableIpAddressCount": 251, + "CidrBlock": "10.0.0.0/24", + "DefaultForAz": false, + "MapPublicIpOnLaunch": false, + "MapCustomerOwnedIpOnLaunch": false, + "State": "available", + "SubnetId": "subnet-05b58b4afe5124322", + "VpcId": "vpc-0a59f94e3fca9fbc0", + "OwnerId": "644160558196", + "AssignIpv6AddressOnCreation": false, + "Ipv6CidrBlockAssociationSet": [], + "Tags": [ + { + "Key": "Name", + "Value": "implied" + } + ], + "SubnetArn": "arn:aws:ec2:us-east-1:644160558196:subnet/subnet-05b58b4afe5124322" + } + ], + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_kinesis_analyticsv2_app_delete/kinesisanalytics.DeleteApplication_1.json b/tests/data/placebo/test_kinesis_analyticsv2_app_delete/kinesisanalytics.DeleteApplication_1.json new file mode 100644 index 00000000000..5b2170a073c --- /dev/null +++ b/tests/data/placebo/test_kinesis_analyticsv2_app_delete/kinesisanalytics.DeleteApplication_1.json @@ -0,0 +1,6 @@ +{ + "status_code": 200, + "data": { + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_kinesis_analyticsv2_app_delete/kinesisanalytics.DescribeApplication_1.json b/tests/data/placebo/test_kinesis_analyticsv2_app_delete/kinesisanalytics.DescribeApplication_1.json new file mode 100644 index 00000000000..ffb7bce5424 --- /dev/null +++ b/tests/data/placebo/test_kinesis_analyticsv2_app_delete/kinesisanalytics.DescribeApplication_1.json @@ -0,0 +1,59 @@ +{ + "status_code": 200, + "data": { + "ApplicationDetail": { + "ApplicationARN": "arn:aws:kinesisanalytics:us-east-1:644160558196:application/test1", + "ApplicationName": "test1", + "RuntimeEnvironment": "FLINK-1_6", + "ServiceExecutionRole": "arn:aws:iam::644160558196:role/service-role/kinesis-analytics-test2-us-east-1", + "ApplicationStatus": "READY", + "ApplicationVersionId": 1, + "CreateTimestamp": { + "__class__": "datetime", + "year": 2020, + "month": 8, + "day": 19, + "hour": 17, + "minute": 43, + "second": 36, + "microsecond": 0 + }, + "LastUpdateTimestamp": { + "__class__": "datetime", + "year": 2020, + "month": 8, + "day": 19, + "hour": 17, + "minute": 43, + "second": 36, + "microsecond": 0 + }, + "ApplicationConfigurationDescription": { + "FlinkApplicationConfigurationDescription": { + "CheckpointConfigurationDescription": { + "ConfigurationType": "DEFAULT", + "CheckpointingEnabled": true, + "CheckpointInterval": 60000, + "MinPauseBetweenCheckpoints": 5000 + }, + "MonitoringConfigurationDescription": { + "ConfigurationType": "DEFAULT", + "MetricsLevel": "APPLICATION", + "LogLevel": "INFO" + }, + "ParallelismConfigurationDescription": { + "ConfigurationType": "DEFAULT", + "Parallelism": 1, + "ParallelismPerKPU": 1, + "CurrentParallelism": 1, + "AutoScalingEnabled": true + } + }, + "ApplicationSnapshotConfigurationDescription": { + "SnapshotsEnabled": true + } + } + }, + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_kinesis_analyticsv2_app_delete/kinesisanalytics.DescribeApplication_2.json b/tests/data/placebo/test_kinesis_analyticsv2_app_delete/kinesisanalytics.DescribeApplication_2.json new file mode 100644 index 00000000000..34cb25104d3 --- /dev/null +++ b/tests/data/placebo/test_kinesis_analyticsv2_app_delete/kinesisanalytics.DescribeApplication_2.json @@ -0,0 +1,82 @@ +{ + "status_code": 200, + "data": { + "ApplicationDetail": { + "ApplicationARN": "arn:aws:kinesisanalytics:us-east-1:644160558196:application/test2", + "ApplicationName": "test2", + "RuntimeEnvironment": "FLINK-1_8", + "ServiceExecutionRole": "arn:aws:iam::644160558196:role/service-role/kinesis-analytics-test2-us-east-1", + "ApplicationStatus": "READY", + "ApplicationVersionId": 3, + "CreateTimestamp": { + "__class__": "datetime", + "year": 2020, + "month": 8, + "day": 18, + "hour": 12, + "minute": 58, + "second": 47, + "microsecond": 0 + }, + "LastUpdateTimestamp": { + "__class__": "datetime", + "year": 2020, + "month": 8, + "day": 18, + "hour": 13, + "minute": 4, + "second": 14, + "microsecond": 0 + }, + "ApplicationConfigurationDescription": { + "ApplicationCodeConfigurationDescription": { + "CodeContentType": "ZIPFILE", + "CodeContentDescription": { + "CodeMD5": "c4031c4997af1d0a77ac5623c3c0ee4e", + "CodeSize": 22218709, + "S3ApplicationCodeLocationDescription": { + "BucketARN": "arn:aws:s3:::repela", + "FileKey": "kd.jar" + } + } + }, + "FlinkApplicationConfigurationDescription": { + "CheckpointConfigurationDescription": { + "ConfigurationType": "DEFAULT", + "CheckpointingEnabled": true, + "CheckpointInterval": 60000, + "MinPauseBetweenCheckpoints": 5000 + }, + "MonitoringConfigurationDescription": { + "ConfigurationType": "DEFAULT", + "MetricsLevel": "APPLICATION", + "LogLevel": "INFO" + }, + "ParallelismConfigurationDescription": { + "ConfigurationType": "DEFAULT", + "Parallelism": 1, + "ParallelismPerKPU": 1, + "CurrentParallelism": 1, + "AutoScalingEnabled": true + } + }, + "ApplicationSnapshotConfigurationDescription": { + "SnapshotsEnabled": true + }, + "VpcConfigurationDescriptions": [ + { + "VpcConfigurationId": "3.1", + "VpcId": "vpc-0a59f94e3fca9fbc0", + "SubnetIds": [ + "subnet-05b58b4afe5124322" + ], + "SecurityGroupIds": [ + "sg-05b111f88a2aefa2c" + ] + } + ] + } + }, + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_kinesis_analyticsv2_app_delete/kinesisanalytics.DescribeApplication_3.json b/tests/data/placebo/test_kinesis_analyticsv2_app_delete/kinesisanalytics.DescribeApplication_3.json new file mode 100644 index 00000000000..6d8d2725c4a --- /dev/null +++ b/tests/data/placebo/test_kinesis_analyticsv2_app_delete/kinesisanalytics.DescribeApplication_3.json @@ -0,0 +1,82 @@ +{ + "status_code": 200, + "data": { + "ApplicationDetail": { + "ApplicationARN": "arn:aws:kinesisanalytics:us-east-1:644160558196:application/test2", + "ApplicationName": "test2", + "RuntimeEnvironment": "FLINK-1_8", + "ServiceExecutionRole": "arn:aws:iam::644160558196:role/service-role/kinesis-analytics-test2-us-east-1", + "ApplicationStatus": "DELETING", + "ApplicationVersionId": 3, + "CreateTimestamp": { + "__class__": "datetime", + "year": 2020, + "month": 8, + "day": 18, + "hour": 12, + "minute": 58, + "second": 47, + "microsecond": 0 + }, + "LastUpdateTimestamp": { + "__class__": "datetime", + "year": 2021, + "month": 5, + "day": 18, + "hour": 0, + "minute": 55, + "second": 30, + "microsecond": 0 + }, + "ApplicationConfigurationDescription": { + "ApplicationCodeConfigurationDescription": { + "CodeContentType": "ZIPFILE", + "CodeContentDescription": { + "CodeMD5": "c4031c4997af1d0a77ac5623c3c0ee4e", + "CodeSize": 22218709, + "S3ApplicationCodeLocationDescription": { + "BucketARN": "arn:aws:s3:::repela", + "FileKey": "kd.jar" + } + } + }, + "FlinkApplicationConfigurationDescription": { + "CheckpointConfigurationDescription": { + "ConfigurationType": "DEFAULT", + "CheckpointingEnabled": true, + "CheckpointInterval": 60000, + "MinPauseBetweenCheckpoints": 5000 + }, + "MonitoringConfigurationDescription": { + "ConfigurationType": "DEFAULT", + "MetricsLevel": "APPLICATION", + "LogLevel": "INFO" + }, + "ParallelismConfigurationDescription": { + "ConfigurationType": "DEFAULT", + "Parallelism": 1, + "ParallelismPerKPU": 1, + "CurrentParallelism": 1, + "AutoScalingEnabled": true + } + }, + "ApplicationSnapshotConfigurationDescription": { + "SnapshotsEnabled": true + }, + "VpcConfigurationDescriptions": [ + { + "VpcConfigurationId": "3.1", + "VpcId": "vpc-0a59f94e3fca9fbc0", + "SubnetIds": [ + "subnet-05b58b4afe5124322" + ], + "SecurityGroupIds": [ + "sg-05b111f88a2aefa2c" + ] + } + ] + } + }, + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_kinesis_analyticsv2_app_delete/kinesisanalytics.ListApplications_1.json b/tests/data/placebo/test_kinesis_analyticsv2_app_delete/kinesisanalytics.ListApplications_1.json new file mode 100644 index 00000000000..8621d94236e --- /dev/null +++ b/tests/data/placebo/test_kinesis_analyticsv2_app_delete/kinesisanalytics.ListApplications_1.json @@ -0,0 +1,22 @@ +{ + "status_code": 200, + "data": { + "ApplicationSummaries": [ + { + "ApplicationName": "test1", + "ApplicationARN": "arn:aws:kinesisanalytics:us-east-1:644160558196:application/test1", + "ApplicationStatus": "READY", + "ApplicationVersionId": 1, + "RuntimeEnvironment": "FLINK-1_6" + }, + { + "ApplicationName": "test2", + "ApplicationARN": "arn:aws:kinesisanalytics:us-east-1:644160558196:application/test2", + "ApplicationStatus": "READY", + "ApplicationVersionId": 3, + "RuntimeEnvironment": "FLINK-1_8" + } + ], + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_kinesis_analyticsv2_app_delete/tagging.GetResources_1.json b/tests/data/placebo/test_kinesis_analyticsv2_app_delete/tagging.GetResources_1.json new file mode 100644 index 00000000000..c4ffa3fc67f --- /dev/null +++ b/tests/data/placebo/test_kinesis_analyticsv2_app_delete/tagging.GetResources_1.json @@ -0,0 +1,18 @@ +{ + "status_code": 200, + "data": { + "PaginationToken": "", + "ResourceTagMappingList": [ + { + "ResourceARN": "arn:aws:kinesisanalytics:us-east-1:644160558196:application/test2", + "Tags": [ + { + "Key": "hello", + "Value": "pratyush" + } + ] + } + ], + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_kms_access_denied/kms.DescribeKey_1.json b/tests/data/placebo/test_kms_access_denied/kms.DescribeKey_1.json new file mode 100644 index 00000000000..d5118063748 --- /dev/null +++ b/tests/data/placebo/test_kms_access_denied/kms.DescribeKey_1.json @@ -0,0 +1,10 @@ +{ + "status_code": 400, + "data": { + "Error": { + "Message": "User: arn:aws:sts::644160558196:assumed-role/custodian-readonly/botocore-session-1621534440 is not authorized to perform: kms:DescribeKey on resource: arn:aws:kms:us-west-1:644160558196:key/d01ee9b3-ce85-4622-8e1c-ce85b8cdc89d", + "Code": "AccessDeniedException" + }, + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_kms_access_denied/kms.DescribeKey_2.json b/tests/data/placebo/test_kms_access_denied/kms.DescribeKey_2.json new file mode 100644 index 00000000000..05a7a66002c --- /dev/null +++ b/tests/data/placebo/test_kms_access_denied/kms.DescribeKey_2.json @@ -0,0 +1,31 @@ +{ + "status_code": 200, + "data": { + "KeyMetadata": { + "AWSAccountId": "644160558196", + "KeyId": "fb019403-0594-4a97-b987-8e493fb76181", + "Arn": "arn:aws:kms:us-west-1:644160558196:key/fb019403-0594-4a97-b987-8e493fb76181", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 5, + "day": 20, + "hour": 13, + "minute": 43, + "second": 8, + "microsecond": 989000 + }, + "Enabled": true, + "Description": "Access testing - permissive policy", + "KeyUsage": "ENCRYPT_DECRYPT", + "KeyState": "Enabled", + "Origin": "AWS_KMS", + "KeyManager": "CUSTOMER", + "CustomerMasterKeySpec": "SYMMETRIC_DEFAULT", + "EncryptionAlgorithms": [ + "SYMMETRIC_DEFAULT" + ] + }, + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_kms_access_denied/kms.ListAliases_1.json b/tests/data/placebo/test_kms_access_denied/kms.ListAliases_1.json new file mode 100644 index 00000000000..9be715e56c0 --- /dev/null +++ b/tests/data/placebo/test_kms_access_denied/kms.ListAliases_1.json @@ -0,0 +1,103 @@ +{ + "status_code": 200, + "data": { + "Aliases": [ + { + "AliasName": "alias/aws/dynamodb", + "AliasArn": "arn:aws:kms:us-west-1:644160558196:alias/aws/dynamodb" + }, + { + "AliasName": "alias/aws/ebs", + "AliasArn": "arn:aws:kms:us-west-1:644160558196:alias/aws/ebs" + }, + { + "AliasName": "alias/aws/elasticfilesystem", + "AliasArn": "arn:aws:kms:us-west-1:644160558196:alias/aws/elasticfilesystem" + }, + { + "AliasName": "alias/aws/es", + "AliasArn": "arn:aws:kms:us-west-1:644160558196:alias/aws/es" + }, + { + "AliasName": "alias/aws/glue", + "AliasArn": "arn:aws:kms:us-west-1:644160558196:alias/aws/glue" + }, + { + "AliasName": "alias/aws/kinesisvideo", + "AliasArn": "arn:aws:kms:us-west-1:644160558196:alias/aws/kinesisvideo" + }, + { + "AliasName": "alias/aws/rds", + "AliasArn": "arn:aws:kms:us-west-1:644160558196:alias/aws/rds" + }, + { + "AliasName": "alias/aws/redshift", + "AliasArn": "arn:aws:kms:us-west-1:644160558196:alias/aws/redshift" + }, + { + "AliasName": "alias/aws/s3", + "AliasArn": "arn:aws:kms:us-west-1:644160558196:alias/aws/s3" + }, + { + "AliasName": "alias/aws/ssm", + "AliasArn": "arn:aws:kms:us-west-1:644160558196:alias/aws/ssm" + }, + { + "AliasName": "alias/aws/xray", + "AliasArn": "arn:aws:kms:us-west-1:644160558196:alias/aws/xray" + }, + { + "AliasName": "alias/test-kms-permissive", + "AliasArn": "arn:aws:kms:us-west-1:644160558196:alias/test-kms-permissive", + "TargetKeyId": "fb019403-0594-4a97-b987-8e493fb76181", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 5, + "day": 20, + "hour": 13, + "minute": 43, + "second": 9, + "microsecond": 274000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 5, + "day": 20, + "hour": 13, + "minute": 43, + "second": 9, + "microsecond": 274000 + } + }, + { + "AliasName": "alias/test-kms-restrictive", + "AliasArn": "arn:aws:kms:us-west-1:644160558196:alias/test-kms-restrictive", + "TargetKeyId": "d01ee9b3-ce85-4622-8e1c-ce85b8cdc89d", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 5, + "day": 20, + "hour": 13, + "minute": 42, + "second": 23, + "microsecond": 374000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 5, + "day": 20, + "hour": 13, + "minute": 42, + "second": 23, + "microsecond": 374000 + } + } + ], + "Truncated": false, + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_kms_access_denied/kms.ListKeys_1.json b/tests/data/placebo/test_kms_access_denied/kms.ListKeys_1.json new file mode 100644 index 00000000000..f76c86a9ce3 --- /dev/null +++ b/tests/data/placebo/test_kms_access_denied/kms.ListKeys_1.json @@ -0,0 +1,17 @@ +{ + "status_code": 200, + "data": { + "Keys": [ + { + "KeyId": "d01ee9b3-ce85-4622-8e1c-ce85b8cdc89d", + "KeyArn": "arn:aws:kms:us-west-1:644160558196:key/d01ee9b3-ce85-4622-8e1c-ce85b8cdc89d" + }, + { + "KeyId": "fb019403-0594-4a97-b987-8e493fb76181", + "KeyArn": "arn:aws:kms:us-west-1:644160558196:key/fb019403-0594-4a97-b987-8e493fb76181" + } + ], + "Truncated": false, + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_kms_access_denied/tagging.GetResources_1.json b/tests/data/placebo/test_kms_access_denied/tagging.GetResources_1.json new file mode 100644 index 00000000000..16a3a959989 --- /dev/null +++ b/tests/data/placebo/test_kms_access_denied/tagging.GetResources_1.json @@ -0,0 +1,27 @@ +{ + "status_code": 200, + "data": { + "PaginationToken": "", + "ResourceTagMappingList": [ + { + "ResourceARN": "arn:aws:kms:us-west-1:644160558196:key/d01ee9b3-ce85-4622-8e1c-ce85b8cdc89d", + "Tags": [ + { + "Key": "AccessTesting", + "Value": "restrictive" + } + ] + }, + { + "ResourceARN": "arn:aws:kms:us-west-1:644160558196:key/fb019403-0594-4a97-b987-8e493fb76181", + "Tags": [ + { + "Key": "AccessTesting", + "Value": "permissive" + } + ] + } + ], + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_kms_config_source/config.SelectResourceConfig_1.json b/tests/data/placebo/test_kms_config_source/config.SelectResourceConfig_1.json new file mode 100644 index 00000000000..a696e006304 --- /dev/null +++ b/tests/data/placebo/test_kms_config_source/config.SelectResourceConfig_1.json @@ -0,0 +1,22 @@ +{ + "status_code": 200, + "data": { + "Results": [ + "{\"resourceId\":\"9975ba19-f8ff-444b-9c21-8d42cc6dc45b\",\"configuration\":{\"customerMasterKeySpec\":\"SYMMETRIC_DEFAULT\",\"keyState\":\"Enabled\",\"origin\":\"AWS_KMS\",\"encryptionAlgorithms\":[\"SYMMETRIC_DEFAULT\"],\"keyId\":\"9975ba19-f8ff-444b-9c21-8d42cc6dc45b\",\"description\":\"For testing the KMS config source\",\"creationDate\":\"2021-05-20T18:12:43.927Z\",\"signingAlgorithms\":[],\"enabled\":true,\"keyManager\":\"CUSTOMER\",\"keyUsage\":\"ENCRYPT_DECRYPT\",\"arn\":\"arn:aws:kms:us-east-2:644160558196:key/9975ba19-f8ff-444b-9c21-8d42cc6dc45b\",\"awsaccountId\":\"644160558196\"},\"supplementaryConfiguration\":{\"Policy\":\"{\\n \\\"Version\\\" : \\\"2012-10-17\\\",\\n \\\"Id\\\" : \\\"key-consolepolicy-3\\\",\\n \\\"Statement\\\" : [ {\\n \\\"Sid\\\" : \\\"Enable IAM User Permissions\\\",\\n \\\"Effect\\\" : \\\"Allow\\\",\\n \\\"Principal\\\" : {\\n \\\"AWS\\\" : \\\"arn:aws:iam::644160558196:root\\\"\\n },\\n \\\"Action\\\" : \\\"kms:*\\\",\\n \\\"Resource\\\" : \\\"*\\\"\\n } ]\\n}\",\"KeyRotationStatus\":false,\"Tags\":[{\"tagValue\":\"Test\",\"tagKey\":\"ConfigTesting\"}]}}" + ], + "QueryInfo": { + "SelectFields": [ + { + "Name": "resourceId" + }, + { + "Name": "configuration" + }, + { + "Name": "supplementaryConfiguration" + } + ] + }, + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_kms_config_source/kms.ListAliases_1.json b/tests/data/placebo/test_kms_config_source/kms.ListAliases_1.json new file mode 100644 index 00000000000..e18f079f587 --- /dev/null +++ b/tests/data/placebo/test_kms_config_source/kms.ListAliases_1.json @@ -0,0 +1,579 @@ +{ + "status_code": 200, + "data": { + "Aliases": [ + { + "AliasName": "alias/ajsbx-assetdb/collector-queue-key", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/ajsbx-assetdb/collector-queue-key", + "TargetKeyId": "e20acd0d-6141-490a-94ea-84da6c0df7bb", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 19, + "hour": 11, + "minute": 57, + "second": 26, + "microsecond": 953000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 19, + "hour": 11, + "minute": 57, + "second": 26, + "microsecond": 953000 + } + }, + { + "AliasName": "alias/ajtest", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/ajtest", + "TargetKeyId": "ed3055d0-f4a0-4076-9edf-d3dac4115778", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 16, + "hour": 20, + "minute": 42, + "second": 4, + "microsecond": 787000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 16, + "hour": 20, + "minute": 42, + "second": 4, + "microsecond": 787000 + } + }, + { + "AliasName": "alias/ajts-stacklet-timestream", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/ajts-stacklet-timestream", + "TargetKeyId": "1460439c-76bd-48c1-a9f5-6ff99672c0f0", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 5, + "day": 6, + "hour": 21, + "minute": 39, + "second": 24, + "microsecond": 693000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 5, + "day": 6, + "hour": 21, + "minute": 39, + "second": 24, + "microsecond": 693000 + } + }, + { + "AliasName": "alias/aws/acm", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/aws/acm", + "TargetKeyId": "7eedf654-e50d-4f97-9910-e4e8d9c9453f", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 4, + "day": 5, + "hour": 21, + "minute": 33, + "second": 5, + "microsecond": 637000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 4, + "day": 5, + "hour": 21, + "minute": 33, + "second": 5, + "microsecond": 637000 + } + }, + { + "AliasName": "alias/aws/dms", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/aws/dms", + "TargetKeyId": "4ee976ae-e290-4d17-b7b9-0c2e2afe3d7f", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 4, + "day": 12, + "hour": 16, + "minute": 23, + "second": 32, + "microsecond": 285000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 4, + "day": 12, + "hour": 16, + "minute": 23, + "second": 32, + "microsecond": 285000 + } + }, + { + "AliasName": "alias/aws/dynamodb", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/aws/dynamodb", + "TargetKeyId": "5e5a443e-2d24-4829-ab38-bcf9a39c9fe7", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 17, + "hour": 13, + "minute": 12, + "second": 8, + "microsecond": 609000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 17, + "hour": 13, + "minute": 12, + "second": 8, + "microsecond": 609000 + } + }, + { + "AliasName": "alias/aws/ebs", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/aws/ebs", + "TargetKeyId": "70eea358-509b-42e5-928b-7beea7c77f05", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 10, + "hour": 16, + "minute": 44, + "second": 49, + "microsecond": 828000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 10, + "hour": 16, + "minute": 44, + "second": 49, + "microsecond": 828000 + } + }, + { + "AliasName": "alias/aws/elasticfilesystem", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/aws/elasticfilesystem" + }, + { + "AliasName": "alias/aws/es", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/aws/es", + "TargetKeyId": "e0706ac4-e9c7-4685-9e75-be4e221d1e5a", + "CreationDate": { + "__class__": "datetime", + "year": 2020, + "month": 11, + "day": 29, + "hour": 21, + "minute": 33, + "second": 0, + "microsecond": 683000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2020, + "month": 11, + "day": 29, + "hour": 21, + "minute": 33, + "second": 0, + "microsecond": 683000 + } + }, + { + "AliasName": "alias/aws/glue", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/aws/glue" + }, + { + "AliasName": "alias/aws/kinesis", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/aws/kinesis", + "TargetKeyId": "e9bf7905-409f-4fe7-84e9-e42b8ca36085", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 5, + "day": 10, + "hour": 14, + "minute": 45, + "second": 35, + "microsecond": 673000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 5, + "day": 10, + "hour": 14, + "minute": 45, + "second": 35, + "microsecond": 673000 + } + }, + { + "AliasName": "alias/aws/kinesisvideo", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/aws/kinesisvideo" + }, + { + "AliasName": "alias/aws/lambda", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/aws/lambda", + "TargetKeyId": "e51d2b0a-0c93-4025-8d88-a31c48e904fd", + "CreationDate": { + "__class__": "datetime", + "year": 2020, + "month": 11, + "day": 23, + "hour": 14, + "minute": 0, + "second": 22, + "microsecond": 609000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2020, + "month": 11, + "day": 23, + "hour": 14, + "minute": 0, + "second": 22, + "microsecond": 609000 + } + }, + { + "AliasName": "alias/aws/rds", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/aws/rds", + "TargetKeyId": "72c87446-729b-4624-9faa-137b26402e0f", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 1, + "day": 19, + "hour": 9, + "minute": 22, + "second": 14, + "microsecond": 777000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 1, + "day": 19, + "hour": 9, + "minute": 22, + "second": 14, + "microsecond": 777000 + } + }, + { + "AliasName": "alias/aws/redshift", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/aws/redshift" + }, + { + "AliasName": "alias/aws/s3", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/aws/s3", + "TargetKeyId": "07bd728e-3a76-42d7-a0cb-6f8ce54707f2", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 17, + "hour": 13, + "minute": 12, + "second": 8, + "microsecond": 628000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 17, + "hour": 13, + "minute": 12, + "second": 8, + "microsecond": 628000 + } + }, + { + "AliasName": "alias/aws/secretsmanager", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/aws/secretsmanager", + "TargetKeyId": "431e5ce7-648a-4be9-a7cc-a98fd0853bce", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 19, + "hour": 10, + "minute": 49, + "second": 38, + "microsecond": 164000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 19, + "hour": 10, + "minute": 49, + "second": 38, + "microsecond": 164000 + } + }, + { + "AliasName": "alias/aws/sqs", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/aws/sqs", + "TargetKeyId": "10454d3b-0713-4cc2-968b-a6caa83577ca", + "CreationDate": { + "__class__": "datetime", + "year": 2020, + "month": 11, + "day": 24, + "hour": 12, + "minute": 53, + "second": 6, + "microsecond": 299000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2020, + "month": 11, + "day": 24, + "hour": 12, + "minute": 53, + "second": 6, + "microsecond": 299000 + } + }, + { + "AliasName": "alias/aws/ssm", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/aws/ssm", + "TargetKeyId": "29d5b40f-5d73-455b-87d1-21fa5ee9311a", + "CreationDate": { + "__class__": "datetime", + "year": 2020, + "month": 12, + "day": 18, + "hour": 17, + "minute": 25, + "second": 56, + "microsecond": 699000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2020, + "month": 12, + "day": 18, + "hour": 17, + "minute": 25, + "second": 56, + "microsecond": 699000 + } + }, + { + "AliasName": "alias/aws/timestream", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/aws/timestream", + "TargetKeyId": "ed51b641-7bd6-4058-9f47-d97c37552fdd", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 2, + "day": 6, + "hour": 0, + "minute": 29, + "second": 6, + "microsecond": 98000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 2, + "day": 6, + "hour": 0, + "minute": 29, + "second": 6, + "microsecond": 98000 + } + }, + { + "AliasName": "alias/aws/xray", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/aws/xray" + }, + { + "AliasName": "alias/cloudtrail_logs", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/cloudtrail_logs", + "TargetKeyId": "809a3a47-3d0d-4cb0-baa1-c81585439e79", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 10, + "hour": 10, + "minute": 41, + "second": 9, + "microsecond": 511000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 3, + "day": 10, + "hour": 10, + "minute": 41, + "second": 9, + "microsecond": 511000 + } + }, + { + "AliasName": "alias/config-source-testing", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/config-source-testing", + "TargetKeyId": "9975ba19-f8ff-444b-9c21-8d42cc6dc45b", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 5, + "day": 20, + "hour": 14, + "minute": 12, + "second": 44, + "microsecond": 201000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 5, + "day": 20, + "hour": 14, + "minute": 12, + "second": 44, + "microsecond": 201000 + } + }, + { + "AliasName": "alias/dev-stacklet-lambda", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/dev-stacklet-lambda", + "TargetKeyId": "09f0115a-e7ec-4cad-aaf8-7d8e64d70654", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 4, + "day": 5, + "hour": 13, + "minute": 22, + "second": 50, + "microsecond": 148000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 4, + "day": 5, + "hour": 13, + "minute": 22, + "second": 50, + "microsecond": 148000 + } + }, + { + "AliasName": "alias/test", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/test", + "TargetKeyId": "4d93263b-dd48-4b77-a5f0-35938446c8fc", + "CreationDate": { + "__class__": "datetime", + "year": 2020, + "month": 12, + "day": 18, + "hour": 17, + "minute": 19, + "second": 21, + "microsecond": 882000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2020, + "month": 12, + "day": 18, + "hour": 17, + "minute": 19, + "second": 21, + "microsecond": 882000 + } + }, + { + "AliasName": "alias/test-kms-permissive", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/test-kms-permissive", + "TargetKeyId": "e6169efe-ef2d-4bc0-9788-018ac286e28b", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 5, + "day": 20, + "hour": 10, + "minute": 44, + "second": 6, + "microsecond": 469000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 5, + "day": 20, + "hour": 10, + "minute": 44, + "second": 6, + "microsecond": 469000 + } + }, + { + "AliasName": "alias/test-kms-restricted", + "AliasArn": "arn:aws:kms:us-east-2:644160558196:alias/test-kms-restricted", + "TargetKeyId": "00cce74f-b46f-4edc-ae88-854b172321f3", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 5, + "day": 20, + "hour": 10, + "minute": 43, + "second": 38, + "microsecond": 404000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 5, + "day": 20, + "hour": 10, + "minute": 43, + "second": 38, + "microsecond": 404000 + } + } + ], + "Truncated": false, + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_kms_key_related/config.SelectResourceConfig_1.json b/tests/data/placebo/test_kms_key_related/config.SelectResourceConfig_1.json new file mode 100644 index 00000000000..4ac73145856 --- /dev/null +++ b/tests/data/placebo/test_kms_key_related/config.SelectResourceConfig_1.json @@ -0,0 +1,24 @@ +{ + "status_code": 200, + "data": { + "Results": [ + "{\"resourceId\":\"https://sqs.us-east-1.amazonaws.com/644160558196/test-kms-alias\",\"configuration\":{\"ReceiveMessageWaitTimeSeconds\":0.0,\"CreatedTimestamp\":\"1618263401\",\"KmsMasterKeyId\":\"alias/aws/sqs\",\"DelaySeconds\":0.0,\"MessageRetentionPeriod\":345600.0,\"MaximumMessageSize\":262144.0,\"VisibilityTimeout\":30.0,\"KmsDataKeyReusePeriodSeconds\":\"300\",\"LastModifiedTimestamp\":\"1618263620\",\"QueueArn\":\"arn:aws:sqs:us-east-1:644160558196:test-kms-alias\"},\"supplementaryConfiguration\":{\"Tags\":{}}}", + "{\"resourceId\":\"https://sqs.us-east-1.amazonaws.com/644160558196/test-kms-id\",\"configuration\":{\"ReceiveMessageWaitTimeSeconds\":0.0,\"CreatedTimestamp\":\"1618307699\",\"KmsMasterKeyId\":\"arn:aws:kms:us-east-1:644160558196:key/5a4af27f-a9e6-40fb-a2ed-fc3fbfdb34a5\",\"DelaySeconds\":0.0,\"MessageRetentionPeriod\":345600.0,\"MaximumMessageSize\":262144.0,\"VisibilityTimeout\":30.0,\"KmsDataKeyReusePeriodSeconds\":\"300\",\"LastModifiedTimestamp\":\"1618307719\",\"QueueArn\":\"arn:aws:sqs:us-east-1:644160558196:test-kms-id\"},\"supplementaryConfiguration\":{\"Tags\":{}}}", + "{\"resourceId\":\"https://sqs.us-east-1.amazonaws.com/644160558196/test-kms-no-alias\",\"configuration\":{\"ReceiveMessageWaitTimeSeconds\":0.0,\"CreatedTimestamp\":\"1618263408\",\"KmsMasterKeyId\":\"arn:aws:kms:us-east-1:644160558196:key/4d327245-234d-4bf9-8c26-afd6ee1a65c8\",\"DelaySeconds\":0.0,\"MessageRetentionPeriod\":345600.0,\"MaximumMessageSize\":262144.0,\"VisibilityTimeout\":30.0,\"KmsDataKeyReusePeriodSeconds\":\"300\",\"LastModifiedTimestamp\":\"1618263592\",\"QueueArn\":\"arn:aws:sqs:us-east-1:644160558196:test-kms-no-alias\"},\"supplementaryConfiguration\":{\"Tags\":{}}}" + ], + "QueryInfo": { + "SelectFields": [ + { + "Name": "resourceId" + }, + { + "Name": "configuration" + }, + { + "Name": "supplementaryConfiguration" + } + ] + }, + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_kms_key_related/dms.DescribeReplicationInstances_1.json b/tests/data/placebo/test_kms_key_related/dms.DescribeReplicationInstances_1.json deleted file mode 100644 index 503596506b4..00000000000 --- a/tests/data/placebo/test_kms_key_related/dms.DescribeReplicationInstances_1.json +++ /dev/null @@ -1,93 +0,0 @@ -{ - "status_code": 200, - "data": { - "ReplicationInstances": [ - { - "ReplicationInstanceIdentifier": "test-dms", - "ReplicationInstanceClass": "dms.t2.medium", - "ReplicationInstanceStatus": "available", - "AllocatedStorage": 50, - "InstanceCreateTime": { - "__class__": "datetime", - "year": 2018, - "month": 9, - "day": 5, - "hour": 10, - "minute": 41, - "second": 26, - "microsecond": 502000 - }, - "VpcSecurityGroups": [ - { - "VpcSecurityGroupId": "sg-6c7fa917", - "Status": "active" - } - ], - "AvailabilityZone": "us-east-1b", - "ReplicationSubnetGroup": { - "ReplicationSubnetGroupIdentifier": "default-vpc-d2d616b5", - "ReplicationSubnetGroupDescription": "default group created by console for vpc id vpc-d2d616b5", - "VpcId": "vpc-d2d616b5", - "SubnetGroupStatus": "Complete", - "Subnets": [ - { - "SubnetIdentifier": "subnet-3a334610", - "SubnetAvailabilityZone": { - "Name": "us-east-1d" - }, - "SubnetStatus": "Active" - }, - { - "SubnetIdentifier": "subnet-efbcccb7", - "SubnetAvailabilityZone": { - "Name": "us-east-1b" - }, - "SubnetStatus": "Active" - }, - { - "SubnetIdentifier": "subnet-e3b194de", - "SubnetAvailabilityZone": { - "Name": "us-east-1e" - }, - "SubnetStatus": "Active" - }, - { - "SubnetIdentifier": "subnet-914763e7", - "SubnetAvailabilityZone": { - "Name": "us-east-1a" - }, - "SubnetStatus": "Active" - } - ] - }, - "PreferredMaintenanceWindow": "wed:15:53-wed:16:23", - "PendingModifiedValues": {}, - "MultiAZ": false, - "EngineVersion": "2.4.3", - "AutoMinorVersionUpgrade": true, - "KmsKeyId": "arn:aws:kms:us-east-1:644160558196:key/f1f33a6b-91aa-4b0a-904c-f2a0378277f0", - "ReplicationInstanceArn": "arn:aws:dms:us-east-1:644160558196:rep:J2Z2RGHH2OMXBSLEYYLTSTN5GY", - "ReplicationInstancePublicIpAddress": "18.208.93.93", - "ReplicationInstancePrivateIpAddress": "172.31.23.77", - "ReplicationInstancePublicIpAddresses": [ - "18.208.93.93" - ], - "ReplicationInstancePrivateIpAddresses": [ - "172.31.23.77" - ], - "PubliclyAccessible": true - } - ], - "ResponseMetadata": { - "RequestId": "1b74fa16-b124-11e8-90f3-7d85d937d6c0", - "HTTPStatusCode": 200, - "HTTPHeaders": { - "x-amzn-requestid": "1b74fa16-b124-11e8-90f3-7d85d937d6c0", - "content-type": "application/x-amz-json-1.1", - "content-length": "1811", - "date": "Wed, 05 Sep 2018 15:55:26 GMT" - }, - "RetryAttempts": 0 - } - } -} \ No newline at end of file diff --git a/tests/data/placebo/test_kms_key_related/dms.ListTagsForResource_1.json b/tests/data/placebo/test_kms_key_related/dms.ListTagsForResource_1.json deleted file mode 100644 index 96a78ea2bde..00000000000 --- a/tests/data/placebo/test_kms_key_related/dms.ListTagsForResource_1.json +++ /dev/null @@ -1,22 +0,0 @@ -{ - "status_code": 200, - "data": { - "TagList": [ - { - "Key": "description", - "Value": "for testing" - } - ], - "ResponseMetadata": { - "RequestId": "1ba9ecc9-b124-11e8-90f3-7d85d937d6c0", - "HTTPStatusCode": 200, - "HTTPHeaders": { - "x-amzn-requestid": "1ba9ecc9-b124-11e8-90f3-7d85d937d6c0", - "content-type": "application/x-amz-json-1.1", - "content-length": "57", - "date": "Wed, 05 Sep 2018 15:55:27 GMT" - }, - "RetryAttempts": 0 - } - } -} \ No newline at end of file diff --git a/tests/data/placebo/test_kms_key_related/kms.DescribeKey_1.json b/tests/data/placebo/test_kms_key_related/kms.DescribeKey_1.json index 0a83b8fbef4..0a8134f0637 100644 --- a/tests/data/placebo/test_kms_key_related/kms.DescribeKey_1.json +++ b/tests/data/placebo/test_kms_key_related/kms.DescribeKey_1.json @@ -3,34 +3,29 @@ "data": { "KeyMetadata": { "AWSAccountId": "644160558196", - "KeyId": "f1f33a6b-91aa-4b0a-904c-f2a0378277f0", - "Arn": "arn:aws:kms:us-east-1:644160558196:key/f1f33a6b-91aa-4b0a-904c-f2a0378277f0", + "KeyId": "4d327245-234d-4bf9-8c26-afd6ee1a65c8", + "Arn": "arn:aws:kms:us-east-1:644160558196:key/4d327245-234d-4bf9-8c26-afd6ee1a65c8", "CreationDate": { "__class__": "datetime", - "year": 2017, - "month": 10, - "day": 31, - "hour": 5, - "minute": 2, - "second": 54, - "microsecond": 335000 + "year": 2021, + "month": 4, + "day": 12, + "hour": 17, + "minute": 37, + "second": 42, + "microsecond": 624000 }, "Enabled": true, - "Description": "Default master key that protects my DMS replication instance volumes when no other key is defined", + "Description": "", "KeyUsage": "ENCRYPT_DECRYPT", "KeyState": "Enabled", "Origin": "AWS_KMS", - "KeyManager": "AWS" + "KeyManager": "CUSTOMER", + "CustomerMasterKeySpec": "SYMMETRIC_DEFAULT", + "EncryptionAlgorithms": [ + "SYMMETRIC_DEFAULT" + ] }, - "ResponseMetadata": { - "RequestId": "3dd71770-1cfe-47cd-8290-2423a492424c", - "HTTPStatusCode": 200, - "HTTPHeaders": { - "x-amzn-requestid": "3dd71770-1cfe-47cd-8290-2423a492424c", - "content-type": "application/x-amz-json-1.1", - "content-length": "427" - }, - "RetryAttempts": 0 - } + "ResponseMetadata": {} } } \ No newline at end of file diff --git a/tests/data/placebo/test_kms_key_related/kms.DescribeKey_2.json b/tests/data/placebo/test_kms_key_related/kms.DescribeKey_2.json index 30f814818dd..5541f9cc084 100644 --- a/tests/data/placebo/test_kms_key_related/kms.DescribeKey_2.json +++ b/tests/data/placebo/test_kms_key_related/kms.DescribeKey_2.json @@ -3,34 +3,29 @@ "data": { "KeyMetadata": { "AWSAccountId": "644160558196", - "KeyId": "f1f33a6b-91aa-4b0a-904c-f2a0378277f0", - "Arn": "arn:aws:kms:us-east-1:644160558196:key/f1f33a6b-91aa-4b0a-904c-f2a0378277f0", + "KeyId": "5a4af27f-a9e6-40fb-a2ed-fc3fbfdb34a5", + "Arn": "arn:aws:kms:us-east-1:644160558196:key/5a4af27f-a9e6-40fb-a2ed-fc3fbfdb34a5", "CreationDate": { "__class__": "datetime", - "year": 2017, - "month": 10, - "day": 31, + "year": 2021, + "month": 4, + "day": 13, "hour": 5, - "minute": 2, - "second": 54, - "microsecond": 335000 + "minute": 47, + "second": 15, + "microsecond": 826000 }, "Enabled": true, - "Description": "Default master key that protects my DMS replication instance volumes when no other key is defined", + "Description": "Default master key that protects my SQS messages when no other key is defined", "KeyUsage": "ENCRYPT_DECRYPT", "KeyState": "Enabled", "Origin": "AWS_KMS", - "KeyManager": "AWS" + "KeyManager": "AWS", + "CustomerMasterKeySpec": "SYMMETRIC_DEFAULT", + "EncryptionAlgorithms": [ + "SYMMETRIC_DEFAULT" + ] }, - "ResponseMetadata": { - "RequestId": "752ee81c-6334-48d2-838f-ee9406bdf233", - "HTTPStatusCode": 200, - "HTTPHeaders": { - "x-amzn-requestid": "752ee81c-6334-48d2-838f-ee9406bdf233", - "content-type": "application/x-amz-json-1.1", - "content-length": "427" - }, - "RetryAttempts": 0 - } + "ResponseMetadata": {} } } \ No newline at end of file diff --git a/tests/data/placebo/test_kms_key_related/kms.DescribeKey_3.json b/tests/data/placebo/test_kms_key_related/kms.DescribeKey_3.json new file mode 100644 index 00000000000..5541f9cc084 --- /dev/null +++ b/tests/data/placebo/test_kms_key_related/kms.DescribeKey_3.json @@ -0,0 +1,31 @@ +{ + "status_code": 200, + "data": { + "KeyMetadata": { + "AWSAccountId": "644160558196", + "KeyId": "5a4af27f-a9e6-40fb-a2ed-fc3fbfdb34a5", + "Arn": "arn:aws:kms:us-east-1:644160558196:key/5a4af27f-a9e6-40fb-a2ed-fc3fbfdb34a5", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 4, + "day": 13, + "hour": 5, + "minute": 47, + "second": 15, + "microsecond": 826000 + }, + "Enabled": true, + "Description": "Default master key that protects my SQS messages when no other key is defined", + "KeyUsage": "ENCRYPT_DECRYPT", + "KeyState": "Enabled", + "Origin": "AWS_KMS", + "KeyManager": "AWS", + "CustomerMasterKeySpec": "SYMMETRIC_DEFAULT", + "EncryptionAlgorithms": [ + "SYMMETRIC_DEFAULT" + ] + }, + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_kms_key_related/kms.DescribeKey_4.json b/tests/data/placebo/test_kms_key_related/kms.DescribeKey_4.json new file mode 100644 index 00000000000..5541f9cc084 --- /dev/null +++ b/tests/data/placebo/test_kms_key_related/kms.DescribeKey_4.json @@ -0,0 +1,31 @@ +{ + "status_code": 200, + "data": { + "KeyMetadata": { + "AWSAccountId": "644160558196", + "KeyId": "5a4af27f-a9e6-40fb-a2ed-fc3fbfdb34a5", + "Arn": "arn:aws:kms:us-east-1:644160558196:key/5a4af27f-a9e6-40fb-a2ed-fc3fbfdb34a5", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 4, + "day": 13, + "hour": 5, + "minute": 47, + "second": 15, + "microsecond": 826000 + }, + "Enabled": true, + "Description": "Default master key that protects my SQS messages when no other key is defined", + "KeyUsage": "ENCRYPT_DECRYPT", + "KeyState": "Enabled", + "Origin": "AWS_KMS", + "KeyManager": "AWS", + "CustomerMasterKeySpec": "SYMMETRIC_DEFAULT", + "EncryptionAlgorithms": [ + "SYMMETRIC_DEFAULT" + ] + }, + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_kms_key_related/kms.ListAliases_1.json b/tests/data/placebo/test_kms_key_related/kms.ListAliases_1.json index 6de949215d0..1f8aa64a8b0 100644 --- a/tests/data/placebo/test_kms_key_related/kms.ListAliases_1.json +++ b/tests/data/placebo/test_kms_key_related/kms.ListAliases_1.json @@ -3,21 +3,32 @@ "data": { "Aliases": [ { - "AliasName": "alias/aws/dms", - "AliasArn": "arn:aws:kms:us-east-1:644160558196:alias/aws/dms", - "TargetKeyId": "f1f33a6b-91aa-4b0a-904c-f2a0378277f0" + "AliasName": "alias/aws/sqs", + "AliasArn": "arn:aws:kms:us-east-1:644160558196:alias/aws/sqs", + "TargetKeyId": "5a4af27f-a9e6-40fb-a2ed-fc3fbfdb34a5", + "CreationDate": { + "__class__": "datetime", + "year": 2021, + "month": 4, + "day": 13, + "hour": 5, + "minute": 47, + "second": 16, + "microsecond": 8000 + }, + "LastUpdatedDate": { + "__class__": "datetime", + "year": 2021, + "month": 4, + "day": 13, + "hour": 5, + "minute": 47, + "second": 16, + "microsecond": 8000 + } } ], "Truncated": false, - "ResponseMetadata": { - "RequestId": "4442dd45-958d-47fd-8863-8660756b5b58", - "HTTPStatusCode": 200, - "HTTPHeaders": { - "x-amzn-requestid": "4442dd45-958d-47fd-8863-8660756b5b58", - "content-type": "application/x-amz-json-1.1", - "content-length": "192" - }, - "RetryAttempts": 0 - } + "ResponseMetadata": {} } } \ No newline at end of file diff --git a/tests/data/placebo/test_kms_key_related/kms.ListAliases_2.json b/tests/data/placebo/test_kms_key_related/kms.ListAliases_2.json deleted file mode 100644 index 8452650788a..00000000000 --- a/tests/data/placebo/test_kms_key_related/kms.ListAliases_2.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "status_code": 200, - "data": { - "Aliases": [ - { - "AliasName": "alias/aws/dms", - "AliasArn": "arn:aws:kms:us-east-1:644160558196:alias/aws/dms", - "TargetKeyId": "f1f33a6b-91aa-4b0a-904c-f2a0378277f0" - } - ], - "Truncated": false, - "ResponseMetadata": { - "RequestId": "178d84fa-d708-4ecd-a2ff-4a70836c8108", - "HTTPStatusCode": 200, - "HTTPHeaders": { - "x-amzn-requestid": "178d84fa-d708-4ecd-a2ff-4a70836c8108", - "content-type": "application/x-amz-json-1.1", - "content-length": "192" - }, - "RetryAttempts": 0 - } - } -} \ No newline at end of file diff --git a/tests/data/placebo/test_kms_key_related/kms.ListKeys_1.json b/tests/data/placebo/test_kms_key_related/kms.ListKeys_1.json deleted file mode 100644 index 0c9917759fc..00000000000 --- a/tests/data/placebo/test_kms_key_related/kms.ListKeys_1.json +++ /dev/null @@ -1,22 +0,0 @@ -{ - "status_code": 200, - "data": { - "Keys": [ - { - "KeyId": "f1f33a6b-91aa-4b0a-904c-f2a0378277f0", - "KeyArn": "arn:aws:kms:us-east-1:644160558196:key/f1f33a6b-91aa-4b0a-904c-f2a0378277f0" - } - ], - "Truncated": false, - "ResponseMetadata": { - "RequestId": "914e407d-a3ef-4546-8e31-ccf46776114a", - "HTTPStatusCode": 200, - "HTTPHeaders": { - "x-amzn-requestid": "914e407d-a3ef-4546-8e31-ccf46776114a", - "content-type": "application/x-amz-json-1.1", - "content-length": "3306" - }, - "RetryAttempts": 0 - } - } -} \ No newline at end of file diff --git a/tests/data/placebo/test_kms_key_related/tagging.GetResources_1.json b/tests/data/placebo/test_kms_key_related/tagging.GetResources_1.json index 268e16d9cf9..8b704d1852a 100644 --- a/tests/data/placebo/test_kms_key_related/tagging.GetResources_1.json +++ b/tests/data/placebo/test_kms_key_related/tagging.GetResources_1.json @@ -2,45 +2,7 @@ "status_code": 200, "data": { "PaginationToken": "", - "ResourceTagMappingList": [ - { - "ResourceARN": "arn:aws:kms:us-east-1:644160558196:key/3f2ab3af-cc4e-427b-b96d-d4356f9764c4", - "Tags": [ - { - "Key": "Test", - "Value": "Test" - } - ] - }, - { - "ResourceARN": "arn:aws:kms:us-east-1:644160558196:key/75d1e7ba-f9c5-46b9-97bc-28e6c834aa49", - "Tags": [ - { - "Key": "Name", - "Value": "c7n/sagemaker" - } - ] - }, - { - "ResourceARN": "arn:aws:kms:us-east-1:644160558196:key/a476e533-b970-4c74-a341-707420ecf59b", - "Tags": [ - { - "Key": "Name", - "Value": "CMK-Rotation-Test" - } - ] - } - ], - "ResponseMetadata": { - "RequestId": "1c08fc57-b124-11e8-b504-f92a1abec32a", - "HTTPStatusCode": 200, - "HTTPHeaders": { - "x-amzn-requestid": "1c08fc57-b124-11e8-b504-f92a1abec32a", - "content-type": "application/x-amz-json-1.1", - "content-length": "470", - "date": "Wed, 05 Sep 2018 15:55:27 GMT" - }, - "RetryAttempts": 0 - } + "ResourceTagMappingList": [], + "ResponseMetadata": {} } } \ No newline at end of file diff --git a/tests/data/placebo/test_ml_depecrated/machinelearning.DescribeMLModels_1.json b/tests/data/placebo/test_ml_depecrated/machinelearning.DescribeMLModels_1.json new file mode 100644 index 00000000000..7067a59ff56 --- /dev/null +++ b/tests/data/placebo/test_ml_depecrated/machinelearning.DescribeMLModels_1.json @@ -0,0 +1,10 @@ +{ + "status_code": 403, + "data": { + "Error": { + "Message": "Thank you for your interest in Amazon Machine Learning. AmazonML is no longer available to new customers. Please consider using Amazon SageMaker.", + "Code": "AccessDeniedException" + }, + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_network_firewall/network-firewall.DescribeFirewall_1.json b/tests/data/placebo/test_network_firewall/network-firewall.DescribeFirewall_1.json new file mode 100644 index 00000000000..435220ba5c5 --- /dev/null +++ b/tests/data/placebo/test_network_firewall/network-firewall.DescribeFirewall_1.json @@ -0,0 +1,67 @@ +{ + "status_code": 200, + "data": { + "UpdateToken": "062f41d7-1389-450f-9a9a-041736d3f677", + "Firewall": { + "FirewallName": "unicron", + "FirewallArn": "arn:aws:network-firewall:us-east-2:644160558196:firewall/unicron", + "FirewallPolicyArn": "arn:aws:network-firewall:us-east-2:644160558196:firewall-policy/policya", + "VpcId": "vpc-0517fa6f2b78569ac", + "SubnetMappings": [ + { + "SubnetId": "subnet-0419cca2069994f38" + }, + { + "SubnetId": "subnet-060031dd8ac95c297" + } + ], + "DeleteProtection": false, + "SubnetChangeProtection": false, + "FirewallPolicyChangeProtection": false, + "FirewallId": "f80c47ff-8cd0-46f9-aeb7-e4093414f0ed", + "Tags": [ + { + "Key": "App", + "Value": "CustodianDev" + }, + { + "Key": "Owner", + "Value": "Kapil" + } + ] + }, + "FirewallStatus": { + "Status": "READY", + "ConfigurationSyncStateSummary": "IN_SYNC", + "SyncStates": { + "us-east-2a": { + "Attachment": { + "SubnetId": "subnet-0419cca2069994f38", + "EndpointId": "vpce-0720b9b5e9a7d611e", + "Status": "READY" + }, + "Config": { + "arn:aws:network-firewall:us-east-2:644160558196:firewall-policy/policya": { + "SyncStatus": "IN_SYNC", + "UpdateToken": "9e6f07c6-c057-4d62-8136-ab2bba025cfa" + } + } + }, + "us-east-2c": { + "Attachment": { + "SubnetId": "subnet-060031dd8ac95c297", + "EndpointId": "vpce-053a673424ec2b82f", + "Status": "READY" + }, + "Config": { + "arn:aws:network-firewall:us-east-2:644160558196:firewall-policy/policya": { + "SyncStatus": "IN_SYNC", + "UpdateToken": "9e6f07c6-c057-4d62-8136-ab2bba025cfa" + } + } + } + } + }, + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_network_firewall/network-firewall.ListFirewalls_1.json b/tests/data/placebo/test_network_firewall/network-firewall.ListFirewalls_1.json new file mode 100644 index 00000000000..bd9e12ca97f --- /dev/null +++ b/tests/data/placebo/test_network_firewall/network-firewall.ListFirewalls_1.json @@ -0,0 +1,12 @@ +{ + "status_code": 200, + "data": { + "Firewalls": [ + { + "FirewallName": "unicron", + "FirewallArn": "arn:aws:network-firewall:us-east-2:644160558196:firewall/unicron" + } + ], + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_network_firewall_config/config.GetResourceConfigHistory_1.json b/tests/data/placebo/test_network_firewall_config/config.GetResourceConfigHistory_1.json new file mode 100644 index 00000000000..9dbbc87580d --- /dev/null +++ b/tests/data/placebo/test_network_firewall_config/config.GetResourceConfigHistory_1.json @@ -0,0 +1,67 @@ +{ + "status_code": 200, + "data": { + "configurationItems": [ + { + "version": "1.3", + "accountId": "644160558196", + "configurationItemCaptureTime": { + "__class__": "datetime", + "year": 2021, + "month": 4, + "day": 4, + "hour": 9, + "minute": 47, + "second": 58, + "microsecond": 331000 + }, + "configurationItemStatus": "ResourceDiscovered", + "configurationStateId": "1617544078331", + "configurationItemMD5Hash": "", + "arn": "arn:aws:network-firewall:us-east-2:644160558196:firewall/unicron", + "resourceType": "AWS::NetworkFirewall::Firewall", + "resourceId": "f80c47ff-8cd0-46f9-aeb7-e4093414f0ed", + "resourceName": "unicron", + "awsRegion": "us-east-2", + "availabilityZone": "Multiple Availability Zones", + "resourceCreationTime": { + "__class__": "datetime", + "year": 2021, + "month": 4, + "day": 4, + "hour": 9, + "minute": 47, + "second": 58, + "microsecond": 124000 + }, + "tags": { + "App": "CustodianDev", + "Owner": "Kapil" + }, + "relatedEvents": [], + "relationships": [ + { + "resourceType": "AWS::EC2::Subnet", + "resourceId": "subnet-0419cca2069994f38", + "relationshipName": "Is attached to " + }, + { + "resourceType": "AWS::EC2::Subnet", + "resourceId": "subnet-060031dd8ac95c297", + "relationshipName": "Is attached to " + }, + { + "resourceType": "AWS::NetworkFirewall::FirewallPolicy", + "resourceId": "b9481eeb-8a8d-4e60-83ef-18daab0a8487", + "resourceName": "policya", + "relationshipName": "Is associated with " + } + ], + "configuration": "{\"firewall\":{\"deleteProtection\":false,\"firewallArn\":\"arn:aws:network-firewall:us-east-2:644160558196:firewall/unicron\",\"firewallId\":\"f80c47ff-8cd0-46f9-aeb7-e4093414f0ed\",\"firewallName\":\"unicron\",\"firewallPolicyArn\":\"arn:aws:network-firewall:us-east-2:644160558196:firewall-policy/policya\",\"firewallPolicyChangeProtection\":false,\"subnetChangeProtection\":false,\"subnetMappings\":[{\"subnetId\":\"subnet-0419cca2069994f38\"},{\"subnetId\":\"subnet-060031dd8ac95c297\"}],\"tags\":[{\"key\":\"App\",\"value\":\"CustodianDev\"},{\"key\":\"Owner\",\"value\":\"Kapil\"}],\"vpcId\":\"vpc-0517fa6f2b78569ac\"},\"updateToken\":\"062f41d7-1389-450f-9a9a-041736d3f677\"}", + "supplementaryConfiguration": {} + } + ], + "nextToken": "eyJlbmNyeXB0ZWREYXRhIjpbLTk5LC0xMDMsLTkyLC0xMTgsLTc5LDc4LC0xNiwxMTksLTEyNSwtMyw1NywxMDQsLTk5LDc5LDMsLTQ2LDIxLC0zNCw1LC00MiwtMTI3LC02MSwtNCwtMjEsMjQsLTY4LC01Miw1NSwtNDgsMzMsMTIxLC0xMDEsMzQsNjYsOSwtOTMsLTY1LDkxLDI2LDc4LDY5LC01NSw4OSwxMTksLTMsLTc2LC0zOCwtMTA3LC04MiwxMDMsMzQsLTcxLDEwMywtNDgsLTk3LC0xMTMsLTcsLTgsLTExNyw3MywtMTEwLDEyNCw3NiwyMCwtMjYsLTMsODQsLTU4LC0xMCwtMjgsLTM4LC0yOCwtOTEsNiwtNjUsMTE4LC0yOCwtMzEsOCwtODQsLTksLTgyLDExNSw1MCw1MCwtMTE4LDkyLC04NywxMjUsMjcsLTUyLC0yNyw5Nyw1OSw2Niw0MiwyNywtMjAsLTY4LC04LC0yOCwtOTAsODAsLTg4LDYyLC03OSwtNTUsNzksMzksOCwtNjUsMTA0LC0zLC0xMTEsLTU3LC0xMjAsLTYyLC0yNywxMTAsODMsLTMwLC0zMywxMDYsNTIsMTEsLTMzLC05OSwtNzcsLTEyNSwxMTksMSw5MCwtNjIsLTExOSwyMywtMTYsLTEwNSwtMTE5LDEyMyw2Myw2NSwtODYsODQsLTEzLC01LC05NywtNiw3NiwxMTUsLTEyMywtMTksMzMsMSwtOTQsLTE4LDExLC02OSw4MiwtMjYsLTMxLC0zMiwtMTEyLC00MCw3LDEwMiwxMDBdLCJtYXRlcmlhbFNldFNlcmlhbE51bWJlciI6MSwiaXZQYXJhbWV0ZXJTcGVjIjp7Iml2IjpbNTMsNTAsODcsNTIsLTQzLC04NiwtMjIsOTEsLTM5LDQsNTksLTEyNCw5LC01NCwtMzYsMThdfX0=", + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_network_firewall_config/config.ListDiscoveredResources_1.json b/tests/data/placebo/test_network_firewall_config/config.ListDiscoveredResources_1.json new file mode 100644 index 00000000000..c3f48660a28 --- /dev/null +++ b/tests/data/placebo/test_network_firewall_config/config.ListDiscoveredResources_1.json @@ -0,0 +1,13 @@ +{ + "status_code": 200, + "data": { + "resourceIdentifiers": [ + { + "resourceType": "AWS::NetworkFirewall::Firewall", + "resourceId": "f80c47ff-8cd0-46f9-aeb7-e4093414f0ed", + "resourceName": "unicron" + } + ], + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/data/placebo/test_network_firewall_config/config.SelectResourceConfig_1.json b/tests/data/placebo/test_network_firewall_config/config.SelectResourceConfig_1.json new file mode 100644 index 00000000000..b9cb87638b8 --- /dev/null +++ b/tests/data/placebo/test_network_firewall_config/config.SelectResourceConfig_1.json @@ -0,0 +1,20 @@ +{ + "status_code": 200, + "data": { + "Results": [], + "QueryInfo": { + "SelectFields": [ + { + "Name": "resourceId" + }, + { + "Name": "configuration" + }, + { + "Name": "supplementaryConfiguration" + } + ] + }, + "ResponseMetadata": {} + } +} \ No newline at end of file diff --git a/tests/terraform/aws_asg_update/main.tf b/tests/terraform/aws_asg_update/main.tf new file mode 100644 index 00000000000..6b3a98e05da --- /dev/null +++ b/tests/terraform/aws_asg_update/main.tf @@ -0,0 +1,47 @@ +data "aws_ami" "ubuntu" { + most_recent = true + + filter { + name = "name" + values = ["ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*"] + } + + filter { + name = "virtualization-type" + values = ["hvm"] + } + + owners = ["099720109477"] # Canonical +} + +data "aws_availability_zones" "available" { + state = "available" +} + +resource "aws_launch_template" "foobar" { + name_prefix = "foobar" + image_id = data.aws_ami.ubuntu.id + instance_type = "t3.micro" + + metadata_options { + http_endpoint = "enabled" + http_tokens = "required" + } +} + +resource "aws_autoscaling_group" "bar" { + availability_zones = [data.aws_availability_zones.available.names[0]] + desired_capacity = 1 + max_size = 1 + min_size = 1 + + launch_template { + id = aws_launch_template.foobar.id + version = "$Latest" + } + tag { + key = "App" + value = "Testing" + propagate_at_launch = true + } +} diff --git a/tests/terraform/aws_asg_update/tf_resources.json b/tests/terraform/aws_asg_update/tf_resources.json new file mode 100644 index 00000000000..d819cc6c2f2 --- /dev/null +++ b/tests/terraform/aws_asg_update/tf_resources.json @@ -0,0 +1,213 @@ +{ + "pytest-terraform": 1, + "outputs": {}, + "resources": { + "aws_ami": { + "ubuntu": { + "architecture": "x86_64", + "arn": "arn:aws:ec2:us-west-2::image/ami-0a62a78cfedc09d76", + "block_device_mappings": [ + { + "device_name": "/dev/sda1", + "ebs": { + "delete_on_termination": "true", + "encrypted": "false", + "iops": "0", + "snapshot_id": "snap-0eaef1b981c163e61", + "throughput": "0", + "volume_size": "8", + "volume_type": "gp2" + }, + "no_device": "", + "virtual_name": "" + }, + { + "device_name": "/dev/sdb", + "ebs": {}, + "no_device": "", + "virtual_name": "ephemeral0" + }, + { + "device_name": "/dev/sdc", + "ebs": {}, + "no_device": "", + "virtual_name": "ephemeral1" + } + ], + "creation_date": "2021-03-25T23:31:16.000Z", + "description": "Canonical, Ubuntu, 20.04 LTS, amd64 focal image build on 2021-03-25", + "ena_support": true, + "executable_users": null, + "filter": [ + { + "name": "name", + "values": [ + "ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*" + ] + }, + { + "name": "virtualization-type", + "values": [ + "hvm" + ] + } + ], + "hypervisor": "xen", + "id": "ami-0a62a78cfedc09d76", + "image_id": "ami-0a62a78cfedc09d76", + "image_location": "644160558196/ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20210325", + "image_owner_alias": null, + "image_type": "machine", + "kernel_id": null, + "most_recent": true, + "name": "ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20210325", + "name_regex": null, + "owner_id": "644160558196", + "owners": [ + "644160558196" + ], + "platform": null, + "platform_details": "Linux/UNIX", + "product_codes": [], + "public": true, + "ramdisk_id": null, + "root_device_name": "/dev/sda1", + "root_device_type": "ebs", + "root_snapshot_id": "snap-0eaef1b981c163e61", + "sriov_net_support": "simple", + "state": "available", + "state_reason": { + "code": "UNSET", + "message": "UNSET" + }, + "tags": {}, + "usage_operation": "RunInstances", + "virtualization_type": "hvm" + } + }, + "aws_availability_zones": { + "available": { + "all_availability_zones": null, + "exclude_names": null, + "exclude_zone_ids": null, + "filter": null, + "group_names": [ + "us-west-2" + ], + "id": "us-west-2", + "names": [ + "us-west-2a", + "us-west-2b", + "us-west-2c", + "us-west-2d" + ], + "state": "available", + "zone_ids": [ + "usw2-az1", + "usw2-az2", + "usw2-az3", + "usw2-az4" + ] + } + }, + "aws_autoscaling_group": { + "bar": { + "arn": "arn:aws:autoscaling:us-west-2:644160558196:autoScalingGroup:f92d4ea4-ba11-42ab-8c34-696ed8047010:autoScalingGroupName/tf-asg-20210406161729306300000003", + "availability_zones": [ + "us-west-2a" + ], + "capacity_rebalance": false, + "default_cooldown": 300, + "desired_capacity": 1, + "enabled_metrics": null, + "force_delete": false, + "health_check_grace_period": 300, + "health_check_type": "EC2", + "id": "tf-asg-20210406161729306300000003", + "initial_lifecycle_hook": [], + "instance_refresh": [], + "launch_configuration": "", + "launch_template": [ + { + "id": "lt-007e80764a20763ae", + "name": "foobar20210406161728176600000001", + "version": "$Latest" + } + ], + "load_balancers": null, + "max_instance_lifetime": 0, + "max_size": 1, + "metrics_granularity": "1Minute", + "min_elb_capacity": null, + "min_size": 1, + "mixed_instances_policy": [], + "name": "tf-asg-20210406161729306300000003", + "name_prefix": null, + "placement_group": "", + "protect_from_scale_in": false, + "service_linked_role_arn": "arn:aws:iam::644160558196:role/aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling", + "suspended_processes": null, + "tag": [ + { + "key": "App", + "propagate_at_launch": true, + "value": "Testing" + } + ], + "tags": null, + "target_group_arns": null, + "termination_policies": null, + "timeouts": null, + "vpc_zone_identifier": [], + "wait_for_capacity_timeout": "10m", + "wait_for_elb_capacity": null + } + }, + "aws_launch_template": { + "foobar": { + "arn": "arn:aws:ec2:us-west-2:644160558196:launch-template/lt-007e80764a20763ae", + "block_device_mappings": [], + "capacity_reservation_specification": [], + "cpu_options": [], + "credit_specification": [], + "default_version": 1, + "description": "", + "disable_api_termination": false, + "ebs_optimized": "", + "elastic_gpu_specifications": [], + "elastic_inference_accelerator": [], + "enclave_options": [], + "hibernation_options": [], + "iam_instance_profile": [], + "id": "lt-007e80764a20763ae", + "image_id": "ami-0a62a78cfedc09d76", + "instance_initiated_shutdown_behavior": "", + "instance_market_options": [], + "instance_type": "t3.micro", + "kernel_id": "", + "key_name": "", + "latest_version": 1, + "license_specification": [], + "metadata_options": [ + { + "http_endpoint": "enabled", + "http_put_response_hop_limit": 0, + "http_tokens": "required" + } + ], + "monitoring": [], + "name": "foobar20210406161728176600000001", + "name_prefix": "foobar", + "network_interfaces": [], + "placement": [], + "ram_disk_id": "", + "security_group_names": null, + "tag_specifications": [], + "tags": null, + "update_default_version": null, + "user_data": "", + "vpc_security_group_ids": null + } + } + } +} \ No newline at end of file diff --git a/tests/test_asg.py b/tests/test_asg.py index b41d6dc45b8..b65ddfc2ce2 100644 --- a/tests/test_asg.py +++ b/tests/test_asg.py @@ -8,6 +8,7 @@ from .common import BaseTest +from c7n.exceptions import PolicyValidationError from c7n.resources.asg import LaunchInfo from c7n.resources.aws import shape_validate @@ -131,6 +132,56 @@ def test_asg_propagate_tag_action(test, aws_asg): assert itags['Owner'] == 'Kapil' +@terraform("aws_asg_update") +def test_aws_asg_update(test, aws_asg_update): + factory = test.replay_flight_data("test_aws_asg_update") + p = test.load_policy( + { + "name": "asg-update", + "resource": "aws.asg", + "filters": [{ + "AutoScalingGroupName": aws_asg_update["aws_autoscaling_group.bar.id"] + }], + "actions": [{ + "type": "update", + "default-cooldown": 600, + "max-instance-lifetime": 604800, + "new-instances-protected-from-scale-in": True, + "capacity-rebalance": True, + }], + }, + session_factory=factory, + ) + resources = p.run() + test.assertEqual(len(resources), 1) + + client = factory().client("autoscaling") + result = client.describe_auto_scaling_groups( + AutoScalingGroupNames=[resources[0]["AutoScalingGroupName"]] + )[ + "AutoScalingGroups" + ].pop() + test.assertEqual(result["DefaultCooldown"], 600) + test.assertEqual(result["MaxInstanceLifetime"], 604800) + test.assertTrue(result["NewInstancesProtectedFromScaleIn"]) + test.assertTrue(result["CapacityRebalance"]) + + +def test_aws_asg_update_no_settings(test): + factory = test.replay_flight_data("test_aws_asg_update") + with test.assertRaises(PolicyValidationError): + test.load_policy( + { + "name": "asg-update", + "resource": "aws.asg", + "actions": [{ + "type": "update", + }], + }, + session_factory=factory, + ) + + class AutoScalingTest(BaseTest): def get_ec2_tags(self, ec2, instance_id): diff --git a/tests/test_cwa.py b/tests/test_cwa.py index a36b2fa4039..b701e423ee9 100644 --- a/tests/test_cwa.py +++ b/tests/test_cwa.py @@ -35,3 +35,44 @@ def test_delete(self): self.assertEqual( client.describe_alarms(AlarmNames=[alarm_name])["MetricAlarms"], [] ) + + def test_filter_tags(self): + factory = self.replay_flight_data("test_alarm_tags_filter") + p = self.load_policy( + { + "name": "filter-alarm-tags", + "resource": "alarm", + "filters": [ + { + 'type': 'value', + 'key': 'tag:some-tag', + 'value': 'some-value', + 'op': 'eq' + } + ], + }, + session_factory=factory, + ) + + resources = p.run() + self.assertEqual(len(resources), 1) + self.assertEqual(resources[0].get('c7n:MatchedFilters'), ['tag:some-tag']) + + def test_add_alarm_tags(self): + factory = self.replay_flight_data("test_alarm_add_tags") + p = self.load_policy( + { + "name": "add-alarm-tags", + "resource": "alarm", + "actions": [{ + "type": "tag", + "key": "OwnerName", + "value": "SomeName" + }], + }, + session_factory=factory, + ) + + resources = p.run() + self.assertEqual(len(resources), 1) + self.assertTrue({'Key': 'OwnerName', 'Value': 'SomeName'} in resources[0].get('Tags')) diff --git a/tests/test_ecs.py b/tests/test_ecs.py index fe5d0ddabf8..15da588ae95 100644 --- a/tests/test_ecs.py +++ b/tests/test_ecs.py @@ -25,6 +25,17 @@ def test_ecs_cluster_tag_augment(self): [{'Key': 'Env', 'Value': 'Dev'}, {'Key': 'Data', 'Value': 'Magic'}]) + def test_ecs_service_config(self): + session_factory = self.replay_flight_data( + 'test_ecs_service_config') + p = self.load_policy({ + 'name': 'ctags', 'resource': 'ecs-service', 'source': 'config'}, + session_factory=session_factory) + resources = p.run() + assert len(resources) == 1 + assert resources[0]['name'] == 'queue-processor' + assert resources[0]['clusterArn'].endswith('cluster/dev') + def test_ecs_service_tag_augment(self): session_factory = self.replay_flight_data( 'test_ecs_service_tag_augment') @@ -307,6 +318,53 @@ def test_ecs_task_def_tags(self): resourceArn=resources[0]["taskDefinitionArn"]).get("tags")} self.assertEqual(tags, {"TestKey": "TestValue", "c7n-tag": "present"}) + def test_ecs_task_def_config(self): + session_factory = self.replay_flight_data("test_ecs_task_def_config") + p = self.load_policy( + { + "name": "ecs-task-def-config-tag", + "resource": "ecs-task-definition", + "source": "config", + "filters": [ + {"tag:test": "name"} + ], + "actions": [ + {"type": "remove-tag", "tags": ["test"]} + ], + }, + session_factory=session_factory, + ) + resources = p.run() + self.assertEqual(len(resources), 1) + assert resources[0]['containerDefinitions'] == [ + {'command': ['/bin/sh -c "echo \' ' + 'Amazon ECS Sample App ' + ' ' + '
' + '

Amazon ECS Sample App

' + '

Congratulations!

Your ' + 'application is now running on a ' + 'container in Amazon ECS.

' + "
' > " + '/usr/local/apache2/htdocs/index.html ' + '&& httpd-foreground"'], + 'cpu': 0, + 'entryPoint': ['sh', '-c'], + 'essential': True, + 'image': 'httpd:2.4', + 'mountPoints': [], + 'name': 'fargate-app-2', + 'portMappings': [{'containerPort': 80, + 'hostPort': 80, + 'protocol': 'tcp'}], + 'volumesFrom': []}] + assert resources[0]['Tags'] == [{'Key': 'test', 'Value': 'name'}] + client = session_factory().client("ecs") + self.assertEqual(len(client.list_tags_for_resource( + resourceArn=resources[0]["taskDefinitionArn"]).get("tags")), 0) + class TestEcsTask(BaseTest): diff --git a/tests/test_eks.py b/tests/test_eks.py index c0573977b77..a1acbb9f5ee 100644 --- a/tests/test_eks.py +++ b/tests/test_eks.py @@ -6,6 +6,15 @@ class EKS(BaseTest): + def test_config(self): + factory = self.replay_flight_data('test_eks_config') + p = self.load_policy( + {"name": "eks", "source": "config", "resource": "eks"}, + session_factory=factory, + config={'region': 'us-east-2'}) + resources = p.run() + assert resources[0]['name'] == 'kapil-dev' + def test_query_with_subnet_sg_filter(self): factory = self.replay_flight_data("test_eks_query") p = self.load_policy( diff --git a/tests/test_emr.py b/tests/test_emr.py index 7391f36561c..5ee868d5ed9 100644 --- a/tests/test_emr.py +++ b/tests/test_emr.py @@ -35,7 +35,7 @@ def test_consolidate_query_filter(self): {"Values": ["val3"], "Name": "tag:bar"}, # default query { - "Values": ["WAITING", "RUNNING", "BOOTSTRAPPING"], + "Values": ["WAITING", "BOOTSTRAPPING", "RUNNING", "STARTING"], "Name": "ClusterStates", }, ], diff --git a/tests/test_filters.py b/tests/test_filters.py index 822f4863f99..2457a3d608f 100644 --- a/tests/test_filters.py +++ b/tests/test_filters.py @@ -210,6 +210,8 @@ def test_value_type(self): def test_value_type_expr(self): resource = {'a': 1, 'b': 1} + + # test explicit op vf = filters.factory({ "type": "value", "value": "b", @@ -218,6 +220,14 @@ def test_value_type_expr(self): "key": "a"}) self.assertTrue(vf.match(resource)) + # test implicit/fallback op + vf = filters.factory({ + "type": "value", + "value": "b", + "value_type": "expr", + "key": "a"}) + self.assertTrue(vf.match(resource)) + def test_value_match(self): resource = {"a": 1, "Tags": [{"Key": "xtra", "Value": "hello"}]} vf = filters.factory({"type": "value", "value": None, "key": "tag:xtra"}) diff --git a/tests/test_firewall.py b/tests/test_firewall.py new file mode 100644 index 00000000000..183739ef0b7 --- /dev/null +++ b/tests/test_firewall.py @@ -0,0 +1,29 @@ +# Copyright The Cloud Custodian Authors. +# SPDX-License-Identifier: Apache-2.0 +from .common import BaseTest + + +class NetworkFirewallTest(BaseTest): + + def test_firewall(self): + factory = self.replay_flight_data("test_network_firewall") + p = self.load_policy({ + 'name': 'firewall-get', + 'resource': 'aws.firewall'}, + session_factory=factory, + config={'region': 'us-east-2'}) + resources = p.run() + self.assertEqual(len(resources), 1) + assert resources[0]['FirewallName'] == 'unicron' + + def test_firewall_config(self): + factory = self.replay_flight_data('test_network_firewall_config') + p = self.load_policy({ + 'name': 'firewall-config', + 'source': 'config', + 'resource': 'aws.firewall'}, + session_factory=factory, + config={'region': 'us-east-2'}) + resources = p.run() + self.assertEqual(len(resources), 1) + assert resources[0]['FirewallName'] == 'unicron' diff --git a/tests/test_glue.py b/tests/test_glue.py index a662c559691..a69af9bb9a5 100644 --- a/tests/test_glue.py +++ b/tests/test_glue.py @@ -71,6 +71,19 @@ def test_connection_delete(self): connections = client.get_connections()["ConnectionList"] self.assertFalse(connections) + def test_connection_password_hidden(self): + session_factory = self.replay_flight_data("test_connection_password_hidden") + p = self.load_policy( + { + "name": "glue-connection", + "resource": "glue-connection", + }, + session_factory=session_factory, + ) + resources = p.run() + self.assertEqual(len(resources), 1) + self.assertEqual('PASSWORD' in resources[0].get('ConnectionProperties'), False) + class TestGlueDevEndpoints(BaseTest): diff --git a/tests/test_hsm.py b/tests/test_hsm.py index cf61dc60dd0..cfb0031b3f4 100644 --- a/tests/test_hsm.py +++ b/tests/test_hsm.py @@ -6,6 +6,18 @@ class CloudHSMClusterTest(BaseTest): + def test_clouhsm_deprecated(self): + factory = self.replay_flight_data("test_hsm_deprecated") + p = self.load_policy( + { + "name": "cloudhsm", + "resource": "hsm" + }, + session_factory=factory, + ) + resources = p.run() + assert len(resources) == 0 + def test_cloudhsm(self): factory = self.replay_flight_data("test_cloudhsm") client = factory().client("cloudhsmv2") diff --git a/tests/test_kinesis.py b/tests/test_kinesis.py index 61863990e06..d11e57ddf62 100644 --- a/tests/test_kinesis.py +++ b/tests/test_kinesis.py @@ -259,3 +259,30 @@ def test_kinesis_video_kms_key(self): self.assertTrue(len(resources), 1) self.assertEqual(resources[0]['KmsKeyId'], 'arn:aws:kms:us-east-1:123456789012:key/0d543df5-915c-42a1-afa1-c9c5f1f97955') + + +class KinesisAnalyticsAppV2(BaseTest): + + def test_kinesis_analyticsv2_app_delete(self): + factory = self.replay_flight_data("test_kinesis_analyticsv2_app_delete") + p = self.load_policy( + { + "name": "kapp", + "resource": "kinesis-analyticsv2", + "filters": [{"type": "subnet", "key": "tag:Name", "value": "implied", "op": "eq"}], + "actions": ["delete"], + }, + session_factory=factory, + ) + resources = p.run() + self.assertEqual(len(resources), 1) + self.assertEqual( + factory().client("kinesisanalyticsv2").describe_application( + ApplicationName=resources[0]['ApplicationName'] + )[ + "ApplicationDetail" + ][ + "ApplicationStatus" + ], + "DELETING", + ) diff --git a/tests/test_kms.py b/tests/test_kms.py index 9d357b27a48..444f1fb4371 100644 --- a/tests/test_kms.py +++ b/tests/test_kms.py @@ -90,6 +90,51 @@ def test_set_key_rotation(self): key = client.get_key_rotation_status(KeyId=resources[0]["KeyId"]) self.assertEqual(key["KeyRotationEnabled"], True) + def test_kms_config_source(self): + session_factory = self.replay_flight_data("test_kms_config_source") + p = self.load_policy( + { + "name": "kms-config-source", + "resource": "kms-key", + "source": "config", + "query": [ + {"clause": "configuration.description = 'For testing the KMS config source'"} + ], + "filters": [ + {"AliasNames[0]": "alias/config-source-testing"}, + {"tag:ConfigTesting": "present"} + ], + }, + session_factory=session_factory, + config={"region": "us-east-2"} + ) + resources = p.run() + self.assertEqual(len(resources), 1) + + def test_kms_access_denied(self): + session_factory = self.replay_flight_data("test_kms_access_denied") + p = self.load_policy( + { + "name": "survive-access-denied", + "resource": "kms-key", + "filters": [ + {"type": "value", + "key": "AliasNames[0]", + "op": "glob", + "value": "alias/test-kms*"} + ], + }, + session_factory=session_factory, + config={"region": "us-west-1"} + ) + resources = p.run() + self.assertEqual(len(resources), 2) + + # Restrictive key policies may prevent us from loading detailed + # key information, but we should always have an Arn + self.assertFalse(all('KeyState' in r for r in resources)) + self.assertTrue(all('Arn' in r for r in resources)) + @functional def test_kms_remove_matched(self): session_factory = self.replay_flight_data("test_kms_remove_matched") @@ -283,15 +328,20 @@ def test_kms_key_remove_tag(self): def test_kms_key_related(self): session_factory = self.replay_flight_data("test_kms_key_related") + key_alias = "alias/aws/sqs" p = self.load_policy( { - "name": "dms-instance-kms-key-related", - "resource": 'dms-instance', + "name": "sqs-kms-key-related", + "resource": "sqs", + "source": "config", + "query": [ + {"clause": "resourceName like 'test-kms%'"} + ], "filters": [ { "type": "kms-key", "key": "c7n:AliasName", - "value": "alias/aws/dms", + "value": key_alias, "op": "eq" } ] @@ -300,15 +350,12 @@ def test_kms_key_related(self): ) resources = p.run() client = session_factory().client("kms") - self.assertEqual(len(resources), 1) - resource_kms_key = resources[0]['KmsKeyId'] - aliases = client.list_aliases(KeyId=resource_kms_key) - target_key_arn = None - if aliases['Aliases'][0]['AliasName'] == 'alias/aws/dms': - target_key_id = aliases['Aliases'][0].get('TargetKeyId') - target_key_arn = client.describe_key( - KeyId=target_key_id).get('KeyMetadata').get('Arn') - self.assertEqual(resources[0]['KmsKeyId'], target_key_arn) + self.assertEqual(len(resources), 2) + target_key = client.describe_key(KeyId=key_alias) + self.assertTrue(all( + res['KmsMasterKeyId'] in (key_alias, target_key['KeyMetadata']['Arn']) + for res in resources + )) def test_kms_post_finding(self): factory = self.replay_flight_data('test_kms_post_finding') diff --git a/tests/test_mlmodel.py b/tests/test_mlmodel.py index fbf1d7086dc..3b08296192a 100644 --- a/tests/test_mlmodel.py +++ b/tests/test_mlmodel.py @@ -5,6 +5,15 @@ class TestMLModel(BaseTest): + def test_ml_deprecated(self): + factory = self.replay_flight_data("test_ml_depecrated") + p = self.load_policy( + {"name": "get-ml-model", "resource": "ml-model"}, + session_factory=factory + ) + resources = p.run() + self.assertEqual(len(resources), 0) + def test_query_models(self): factory = self.replay_flight_data("test_ml_model_query") p = self.load_policy( diff --git a/tests/test_mu.py b/tests/test_mu.py index 14978e48c91..3f9ec7013f8 100644 --- a/tests/test_mu.py +++ b/tests/test_mu.py @@ -208,6 +208,19 @@ def test_phd_account_mode(self): self.assertEqual(len(resources), 1) self.assertTrue('c7n:HealthEvent' in resources[0]) + def test_phd_mode_sans_details(self): + factory = self.replay_flight_data('test_phd_event_mode') + p = self.load_policy( + {'name': 'ec2-retire', + 'resource': 'account', + 'mode': {'type': 'phd'}}, session_factory=factory) + p_lambda = PolicyLambda(p) + events = p_lambda.get_events(factory) + self.assertEqual( + json.loads(events[0].render_event_pattern()), + {'source': ['aws.health']} + ) + def test_phd_mode(self): factory = self.replay_flight_data('test_phd_event_mode') p = self.load_policy( diff --git a/tests/test_notify.py b/tests/test_notify.py index 7e53c9ee558..3a05c671d38 100644 --- a/tests/test_notify.py +++ b/tests/test_notify.py @@ -84,6 +84,44 @@ def cleanup(): }, ) + def test_resource_prep_owners(self): + session_factory = self.record_flight_data("test_notify_resource_prep") + policy = self.load_policy( + {"name": "notify-sns", + "resource": "ec2", + "actions": [ + {"type": "notify", "to": ["slack://owners"], + "transport": {"type": "sns", "topic": "zebra"}}]}, + session_factory=session_factory) + self.assertEqual( + policy.resource_manager.actions[0].prepare_resources( + [{'c7n:user-data': 'xyz', 'Id': 'i-123'}]), + [{'Id': 'i-123'}]) + + policy = self.load_policy( + {"name": "notify-sns", + "resource": "launch-config", + "actions": [ + {"type": "notify", "to": ["slack://owners"], + "transport": {"type": "sns", "topic": "zebra"}}]}, + session_factory=session_factory) + self.assertEqual( + policy.resource_manager.actions[0].prepare_resources( + [{'UserData': 'xyz', 'Id': 'l-123'}]), + [{'Id': 'l-123'}]) + + policy = self.load_policy( + {"name": "notify-sns", + "resource": "asg", + "actions": [ + {"type": "notify", "to": ["slack://owners"], + "transport": {"type": "sns", "topic": "zebra"}}]}, + session_factory=session_factory) + self.assertEqual( + policy.resource_manager.actions[0].prepare_resources( + [{'c7n:user-data': 'xyz', 'Id': 'a-123'}]), + [{'Id': 'a-123'}]) + def test_resource_prep(self): session_factory = self.record_flight_data("test_notify_resource_prep") policy = self.load_policy( diff --git a/tests/test_offhours.py b/tests/test_offhours.py index d5f1e3906cb..97539883bee 100644 --- a/tests/test_offhours.py +++ b/tests/test_offhours.py @@ -320,6 +320,17 @@ def test_offhours_get_value(self): self.assertTrue(off.parser.keys_are_valid(off.get_tag_value(i))) self.assertEqual(off.parser.raw_data(off.get_tag_value(i)), {"tz": "pt"}) + def test_offhours_get_value_fallback(self): + sched = "off=[(S,1)];on=[(M,6)];tz=pst" + off = OffHour({"default_tz": "ct", "fallback-schedule": sched}) + i = instance(Tags=[]) + self.assertEqual(off.get_tag_value(i), sched.lower()) + self.assertTrue(off.parser.has_resource_schedule(off.get_tag_value(i), "off")) + self.assertTrue(off.parser.has_resource_schedule(off.get_tag_value(i), "on")) + self.assertTrue(off.parser.keys_are_valid(off.get_tag_value(i))) + self.assertEqual(off.parser.raw_data(off.get_tag_value(i)), + {'off': '[(s,1)]', 'on': '[(m,6)]', 'tz': 'pst'}) + def test_offhours(self): t = datetime.datetime( year=2015, diff --git a/tests/test_packaging.py b/tests/test_packaging.py index cc42a4e32e0..9b71831b4ae 100644 --- a/tests/test_packaging.py +++ b/tests/test_packaging.py @@ -8,7 +8,7 @@ @pytest.mark.parametrize("package", [ "c7n", "c7n_azure", "c7n_gcp", "c7n_kube", "c7n_org", - "c7n_mailer", "policystream", "c7n_trailcreator", + "c7n_mailer", "policystream", "c7n_trailcreator", "c7n_terraform", "c7n_logexporter", "c7n_sphinxext", "c7n_openstack"]) def test_package_metadata(package): try: @@ -32,6 +32,7 @@ def test_package_metadata(package): assert md.get('license') == 'Apache-2.0' assert md.get('authors') == ['Cloud Custodian Project'] assert md.get('classifiers', []) == [ + 'License :: OSI Approved :: Apache Software License', 'Topic :: System :: Systems Administration', 'Topic :: System :: Distributed Computing'] assert md.get('readme', '').endswith('md') diff --git a/tests/test_policy.py b/tests/test_policy.py index 4f9c359d4e5..52ad64d0ddf 100644 --- a/tests/test_policy.py +++ b/tests/test_policy.py @@ -200,6 +200,16 @@ def test_resource_name(self): if names: self.fail("%s dont have resource name for reporting" % (", ".join(names))) + def test_ec2_id_prefix(self): + missing_prefix = [] + for k, v in manager.resources.items(): + if v.resource_type.service != 'ec2': + continue + if v.resource_type.id_prefix is None: + missing_prefix.append(k) + if missing_prefix: + self.fail('ec2 resources missing id prefix %s' % (', '.join(missing_prefix))) + def test_cfn_resource_validity(self): # for resources which are annotated with cfn_type ensure that it is # a valid type. @@ -267,6 +277,7 @@ def test_config_resource_support(self): # for several of these we express support as filter or action instead # of a resource. whitelist = { + 'AWS::Config::ConformancePackCompliance', 'AWS::NetworkFirewall::FirewallPolicy', 'AWS::NetworkFirewall::Firewall', 'AWS::NetworkFirewall::RuleGroup', @@ -274,6 +285,7 @@ def test_config_resource_support(self): 'AWS::EC2::EgressOnlyInternetGateway', 'AWS::EC2::VPCEndpointService', 'AWS::EC2::FlowLog', + 'AWS::ECS::TaskDefinition', 'AWS::RDS::DBSecurityGroup', 'AWS::RDS::EventSubscription', 'AWS::S3::AccountPublicAccessBlock', @@ -323,7 +335,15 @@ def test_config_resource_support(self): raise AssertionError( "Missing config types \n %s" % ('\n'.join(missing))) + # config service can't be bothered to update their sdk correctly + invalid_ignore = { + 'AWS::EKS::Cluster', + 'AWS::ECS::Service', + 'AWS::ECS::TaskDefinition', + 'AWS::NetworkFirewall::Firewall' + } bad_types = resource_config_types.difference(config_types) + bad_types = bad_types.difference(invalid_ignore) if bad_types: raise AssertionError( "Invalid config types \n %s" % ('\n'.join(bad_types))) diff --git a/tests/test_report.py b/tests/test_report.py index 4f18357efbc..907af42f40e 100644 --- a/tests/test_report.py +++ b/tests/test_report.py @@ -1,6 +1,6 @@ # Copyright The Cloud Custodian Authors. # SPDX-License-Identifier: Apache-2.0 -from c7n.reports.csvout import Formatter +from c7n.reports.csvout import Formatter, strip_output_path from .common import BaseTest, load_data @@ -129,3 +129,20 @@ def test_csv(self): recs = list(map(lambda x: self.records[x], rec_ids)) rows = list(map(lambda x: self.rows[x], row_ids)) self.assertEqual(formatter.to_csv(recs), rows) + + def test_s3_base_output_path(self): + """When searching S3 to populate a report, the base output path + should end with the policy name.""" + + policy_name = "my_c7n_policy" + output_paths = [ + f"logs/{policy_name}", + f"/logs/{policy_name}", + f"logs/{policy_name}/2021/01/01/01/", + f"/logs/{policy_name}/with/more/extra/path/segments", + ] + + self.assertTrue(all( + strip_output_path(p, policy_name) == f"logs/{policy_name}" + for p in output_paths + )) diff --git a/tools/c7n_azure/c7n_azure/__init__.py b/tools/c7n_azure/c7n_azure/__init__.py index 924f632d017..71f5f96942e 100644 --- a/tools/c7n_azure/c7n_azure/__init__.py +++ b/tools/c7n_azure/c7n_azure/__init__.py @@ -9,6 +9,7 @@ logging.getLogger("msrest").setLevel(logging.ERROR) logging.getLogger("keyring").setLevel(logging.WARNING) logging.getLogger("azure.storage.common.storageclient").setLevel(logging.WARNING) +logging.getLogger("azure.cosmosdb.table.common.storageclient").setLevel(logging.WARNING) # This logger is spamming INFO with a bunch of requests data logging.getLogger('azure.identity').setLevel(logging.WARNING) diff --git a/tools/c7n_azure/c7n_azure/actions/delete.py b/tools/c7n_azure/c7n_azure/actions/delete.py index e1977c64938..17b5a049e32 100644 --- a/tools/c7n_azure/c7n_azure/actions/delete.py +++ b/tools/c7n_azure/c7n_azure/actions/delete.py @@ -62,7 +62,7 @@ def _prepare_processing(self,): def _process_resource(self, resource): if is_resource_group(resource): - self.client.resource_groups.delete(resource['name']) + self.client.resource_groups.begin_delete(resource['name']) else: self.client.resources.begin_delete_by_id( resource['id'], diff --git a/tools/c7n_azure/c7n_azure/constants.py b/tools/c7n_azure/c7n_azure/constants.py index f970174df69..2b1d75430a9 100644 --- a/tools/c7n_azure/c7n_azure/constants.py +++ b/tools/c7n_azure/c7n_azure/constants.py @@ -48,18 +48,18 @@ ENV_TENANT_ID = 'AZURE_TENANT_ID' ENV_CLIENT_ID = 'AZURE_CLIENT_ID' ENV_SUB_ID = 'AZURE_SUBSCRIPTION_ID' -ENV_CLIENT_SECRET = 'AZURE_CLIENT_SECRET' +ENV_CLIENT_SECRET = 'AZURE_CLIENT_SECRET' # nosec ENV_KEYVAULT_CLIENT_ID = 'AZURE_KEYVAULT_CLIENT_ID' -ENV_KEYVAULT_SECRET_ID = 'AZURE_KEYVAULT_SECRET' +ENV_KEYVAULT_SECRET_ID = 'AZURE_KEYVAULT_SECRET' # nosec -ENV_ACCESS_TOKEN = 'AZURE_ACCESS_TOKEN' +ENV_ACCESS_TOKEN = 'AZURE_ACCESS_TOKEN' # nosec ENV_USE_MSI = 'AZURE_USE_MSI' ENV_FUNCTION_TENANT_ID = 'AZURE_FUNCTION_TENANT_ID' ENV_FUNCTION_CLIENT_ID = 'AZURE_FUNCTION_CLIENT_ID' -ENV_FUNCTION_CLIENT_SECRET = 'AZURE_FUNCTION_CLIENT_SECRET' +ENV_FUNCTION_CLIENT_SECRET = 'AZURE_FUNCTION_CLIENT_SECRET' # nosec ENV_FUNCTION_SUB_ID = 'AZURE_FUNCTION_SUBSCRIPTION_ID' ENV_FUNCTION_MANAGEMENT_GROUP_NAME = 'AZURE_FUNCTION_MANAGEMENT_GROUP_NAME' diff --git a/tools/c7n_azure/c7n_azure/handler.py b/tools/c7n_azure/c7n_azure/handler.py index cd8b397cdb2..768b330ae9d 100644 --- a/tools/c7n_azure/c7n_azure/handler.py +++ b/tools/c7n_azure/c7n_azure/handler.py @@ -62,7 +62,7 @@ def run(event, context, subscription_id=None): def get_tmp_output_dir(): - output_dir = '/tmp/' + str(uuid.uuid4()) + output_dir = '/tmp/' + str(uuid.uuid4()) # nosec if not os.path.exists(output_dir): try: os.mkdir(output_dir) diff --git a/tools/c7n_azure/c7n_azure/provider.py b/tools/c7n_azure/c7n_azure/provider.py index 76923246fb3..4280f314402 100644 --- a/tools/c7n_azure/c7n_azure/provider.py +++ b/tools/c7n_azure/c7n_azure/provider.py @@ -47,10 +47,17 @@ def initialize_policies(self, policy_collection, options): return policy_collection def get_session_factory(self, options): + cloud_endpoint = self.cloud_endpoints + + # c7n-org will have a region set to either global or the specified region + region = options.get('region') + if region: + cloud_endpoint = self.region_to_cloud.get(region, AZURE_PUBLIC_CLOUD) + return partial(Session, subscription_id=options.account_id, authorization_file=options.authorization_file, - cloud_endpoints=self.cloud_endpoints) + cloud_endpoints=cloud_endpoint) def _get_cloud_endpoints(self, options): cloud_list = options.get('regions') diff --git a/tools/c7n_azure/c7n_azure/query.py b/tools/c7n_azure/c7n_azure/query.py index b40048c8195..b8186047a1b 100644 --- a/tools/c7n_azure/c7n_azure/query.py +++ b/tools/c7n_azure/c7n_azure/query.py @@ -100,9 +100,6 @@ def validate(self): % self.manager.data['resource']) def get_resources(self, _): - log.warning('The Azure Resource Graph source ' - 'should not be used in production scenarios at this time.') - session = self.manager.get_session() client = session.client('azure.mgmt.resourcegraph.ResourceGraphClient') diff --git a/tools/c7n_azure/c7n_azure/resources/appserviceplan.py b/tools/c7n_azure/c7n_azure/resources/appserviceplan.py index fe8f897d2ba..f30a5388a1e 100644 --- a/tools/c7n_azure/c7n_azure/resources/appserviceplan.py +++ b/tools/c7n_azure/c7n_azure/resources/appserviceplan.py @@ -121,7 +121,6 @@ class ResizePlan(AzureBaseAction): }, 'additionalProperties': False } - schema_alias = True def _prepare_processing(self): self.client = self.manager.get_client() # type azure.mgmt.web.WebSiteManagementClient diff --git a/tools/c7n_azure/c7n_azure/resources/container_registry.py b/tools/c7n_azure/c7n_azure/resources/container_registry.py index b17b4a4fe3b..09ee05d6535 100644 --- a/tools/c7n_azure/c7n_azure/resources/container_registry.py +++ b/tools/c7n_azure/c7n_azure/resources/container_registry.py @@ -5,7 +5,7 @@ from c7n_azure.resources.arm import ArmResourceManager -@resources.register('containerregistry') +@resources.register('container-registry', aliases=['containerregistry']) class ContainerRegistry(ArmResourceManager): """Container Registry Resource @@ -17,7 +17,7 @@ class ContainerRegistry(ArmResourceManager): policies: - name: get-container-registry - resource: azure.containerregistry + resource: azure.container-registry filters: - type: value key: name diff --git a/tools/c7n_azure/c7n_azure/resources/cosmos_db.py b/tools/c7n_azure/c7n_azure/resources/cosmos_db.py index c156b29b8e0..1700e6b767c 100644 --- a/tools/c7n_azure/c7n_azure/resources/cosmos_db.py +++ b/tools/c7n_azure/c7n_azure/resources/cosmos_db.py @@ -35,7 +35,7 @@ '52.176.6.30', '52.169.50.45', '52.187.184.26'] -AZURE_CLOUD_IPS = ['0.0.0.0'] +AZURE_CLOUD_IPS = ['0.0.0.0'] # nosec @resources.register('cosmosdb') @@ -368,7 +368,6 @@ class CosmosDBOfferFilter(ValueFilter): """ schema = type_schema('offer', rinherit=ValueFilter.schema) - schema_alias = True def process(self, resources, event=None): return OfferHelper.execute_in_parallel_grouped_by_account( diff --git a/tools/c7n_azure/c7n_azure/resources/network_interface.py b/tools/c7n_azure/c7n_azure/resources/network_interface.py index 3b43b1a3d65..b4880c03a02 100644 --- a/tools/c7n_azure/c7n_azure/resources/network_interface.py +++ b/tools/c7n_azure/c7n_azure/resources/network_interface.py @@ -68,7 +68,6 @@ class EffectiveRouteTableFilter(ValueFilter): - VirtualAppliance """ schema = type_schema('effective-route-table', rinherit=ValueFilter.schema) - schema_alias = False def process(self, resources, event=None): diff --git a/tools/c7n_azure/c7n_azure/resources/postgresql_server.py b/tools/c7n_azure/c7n_azure/resources/postgresql_server.py index f7b714f2afd..42372c237d1 100644 --- a/tools/c7n_azure/c7n_azure/resources/postgresql_server.py +++ b/tools/c7n_azure/c7n_azure/resources/postgresql_server.py @@ -6,7 +6,7 @@ from c7n_azure.filters import FirewallRulesFilter from netaddr import IPRange, IPSet -AZURE_SERVICES = IPRange('0.0.0.0', '0.0.0.0') +AZURE_SERVICES = IPRange('0.0.0.0', '0.0.0.0') # nosec @resources.register('postgresql-server') diff --git a/tools/c7n_azure/c7n_azure/resources/resource_map.py b/tools/c7n_azure/c7n_azure/resources/resource_map.py index 088d3fdcd48..1b1e030822f 100644 --- a/tools/c7n_azure/c7n_azure/resources/resource_map.py +++ b/tools/c7n_azure/c7n_azure/resources/resource_map.py @@ -10,6 +10,7 @@ "azure.cognitiveservice": "c7n_azure.resources.cognitive_service.CognitiveService", "azure.container-group": "c7n_azure.resources.aci.ContainerGroup", "azure.containerregistry": "c7n_azure.resources.container_registry.ContainerRegistry", + "azure.container-registry": "c7n_azure.resources.container_registry.ContainerRegistry", "azure.containerservice": "c7n_azure.resources.container_service.ContainerService", "azure.cosmosdb": "c7n_azure.resources.cosmos_db.CosmosDB", "azure.cosmosdb-collection": "c7n_azure.resources.cosmos_db.CosmosDBCollection", diff --git a/tools/c7n_azure/c7n_azure/resources/sqldatabase.py b/tools/c7n_azure/c7n_azure/resources/sqldatabase.py index 8a994dfa521..9f1fd4c0726 100644 --- a/tools/c7n_azure/c7n_azure/resources/sqldatabase.py +++ b/tools/c7n_azure/c7n_azure/resources/sqldatabase.py @@ -29,7 +29,7 @@ from c7n_azure.provider import resources from c7n_azure.query import ChildTypeInfo from c7n_azure.resources.arm import ChildArmResourceManager -from c7n_azure.utils import ResourceIdParser, RetentionPeriod, ThreadHelper +from c7n_azure.utils import ResourceIdParser, RetentionPeriod, ThreadHelper, StringUtils log = logging.getLogger('custodian.azure.sqldatabase') @@ -38,7 +38,7 @@ class SqlDatabase(ChildArmResourceManager): """SQL Server Database Resource - The ``azure.sqldatabase`` resource is a child resource of the SQL Server resource, + The ``azure.sql-database`` resource is a child resource of the SQL Server resource, and the SQL Server parent id is available as the ``c7n:parent-id`` property. :example: @@ -49,7 +49,7 @@ class SqlDatabase(ChildArmResourceManager): policies: - name: find-all-sql-databases - resource: azure.sqldatabase + resource: azure.sql-database """ class resource_type(ChildArmResourceManager.resource_type): @@ -74,6 +74,162 @@ def extra_args(cls, parent_resource): 'server_name': parent_resource['name']} +@SqlDatabase.filter_registry.register('transparent-data-encryption') +class TransparentDataEncryptionFilter(Filter): + """ + Filter by the current Transparent Data Encryption + configuration for this database. + + :example: + + Find SQL databases with TDE disabled + + .. code-block:: yaml + + policies: + - name: sql-database-no-tde + resource: azure.sql-database + filters: + - type: transparent-data-encryption + enabled: false + + """ + + schema = type_schema( + 'transparent-data-encryption', + required=['type', 'enabled'], + **{ + 'enabled': {"type": "boolean"}, + } + ) + + log = logging.getLogger('custodian.azure.sqldatabase.transparent-data-encryption-filter') + + def __init__(self, data, manager=None): + super(TransparentDataEncryptionFilter, self).__init__(data, manager) + self.enabled = self.data['enabled'] + + def process(self, resources, event=None): + resources, exceptions = ThreadHelper.execute_in_parallel( + resources=resources, + event=event, + execution_method=self._process_resource_set, + executor_factory=self.executor_factory, + log=log + ) + if exceptions: + raise exceptions[0] + return resources + + def _process_resource_set(self, resources, event=None): + client = self.manager.get_client() + result = [] + for resource in resources: + if 'transparentDataEncryption' not in resource['properties']: + server_id = resource[ChildTypeInfo.parent_key] + server_name = ResourceIdParser.get_resource_name(server_id) + + tde = client.transparent_data_encryptions.get( + resource['resourceGroup'], + server_name, + resource['name'], + "current") + + resource['properties']['transparentDataEncryption'] = \ + tde.serialize(True).get('properties', {}) + + required_status = 'Enabled' if self.enabled else 'Disabled' + + if StringUtils.equal( + resource['properties']['transparentDataEncryption'].get('status'), + required_status): + result.append(resource) + + return result + + +@SqlDatabase.filter_registry.register('data-masking-policy') +class DataMaskingPolicyFilter(Filter): + """ + Filter by the current data masking policy + configuration for this database. + + This filter will exclude the `master` database + because data masking can not be configured on it. + + :example: + + Find SQL databases with data masking disabled + + .. code-block:: yaml + + policies: + - name: sql-database-masking + resource: azure.sql-database + filters: + - type: data-masking-policy + enabled: false + + """ + + schema = type_schema( + 'data-masking-policy', + required=['type', 'enabled'], + **{ + 'enabled': {"type": "boolean"}, + } + ) + + log = logging.getLogger('custodian.azure.sqldatabase.data-masking-policy-filter') + + def __init__(self, data, manager=None): + super(DataMaskingPolicyFilter, self).__init__(data, manager) + self.enabled = self.data['enabled'] + + def process(self, resources, event=None): + resources, exceptions = ThreadHelper.execute_in_parallel( + resources=resources, + event=event, + execution_method=self._process_resource_set, + executor_factory=self.executor_factory, + log=log + ) + if exceptions: + raise exceptions[0] + return resources + + def _process_resource_set(self, resources, event=None): + client = self.manager.get_client() + result = [] + for resource in resources: + database_name = resource['name'] + if StringUtils.equal(database_name, "master"): + continue + + if 'c7n:data-masking-policy' not in resource: + server_id = resource[ChildTypeInfo.parent_key] + server_name = ResourceIdParser.get_resource_name(server_id) + + dmr = client.data_masking_policies.get( + resource['resourceGroup'], + server_name, + database_name) + + if dmr: + resource['c7n:data-masking-policy'] = dmr.serialize(True).get('properties', {}) + else: + resource['c7n:data-masking-policy'] = {} + + required_status = 'Enabled' if self.enabled else 'Disabled' + + if StringUtils.equal( + resource['c7n:data-masking-policy'].get('dataMaskingState'), + required_status): + result.append(resource) + + return result + + class BackupRetentionPolicyHelper: SHORT_TERM_SQL_OPERATIONS = 'backup_short_term_retention_policies' diff --git a/tools/c7n_azure/c7n_azure/resources/sqlserver.py b/tools/c7n_azure/c7n_azure/resources/sqlserver.py index abcc28557af..5cec3c968fe 100644 --- a/tools/c7n_azure/c7n_azure/resources/sqlserver.py +++ b/tools/c7n_azure/c7n_azure/resources/sqlserver.py @@ -7,11 +7,13 @@ from c7n_azure.filters import FirewallRulesFilter, FirewallBypassFilter from c7n_azure.provider import resources from c7n_azure.resources.arm import ArmResourceManager +from c7n_azure.utils import ThreadHelper from netaddr import IPRange, IPSet, IPNetwork, IPAddress from c7n.utils import type_schema +from c7n.filters.core import ValueFilter, Filter -AZURE_SERVICES = IPRange('0.0.0.0', '0.0.0.0') +AZURE_SERVICES = IPRange('0.0.0.0', '0.0.0.0') # nosec log = logging.getLogger('custodian.azure.sql-server') @@ -82,6 +84,130 @@ class resource_type(ArmResourceManager.resource_type): ) +@SqlServer.filter_registry.register('azure-ad-administrators') +class AzureADAdministratorsFilter(ValueFilter): + """ + Provides a value filter targetting the Azure AD Administrator of this + SQL Server. + + Here is an example of the available fields: + + .. code-block:: json + + "administratorType": "ActiveDirectory", + "login": "bob@contoso.com", + "sid": "00000011-1111-2222-2222-123456789111", + "tenantId": "00000011-1111-2222-2222-123456789111", + "azureADOnlyAuthentication": true + + :examples: + + Find SQL Servers without AD Administrator + + .. code-block:: yaml + + policies: + - name: sqlserver-no-ad-admin + resource: azure.sqlserver + filters: + - type: azure-ad-administrators + key: login + value: absent + + """ + + schema = type_schema('azure-ad-administrators', rinherit=ValueFilter.schema) + + def __call__(self, i): + if 'administrators' not in i['properties']: + client = self.manager.get_client() + administrators = list( + client.server_azure_ad_administrators + .list_by_server(i['resourceGroup'], i['name']) + ) + + # This matches the expanded schema, and despite the name + # there can only be a single administrator, not an array. + if administrators: + i['properties']['administrators'] = \ + administrators[0].serialize(True).get('properties', {}) + else: + i['properties']['administrators'] = {} + + return super(AzureADAdministratorsFilter, self).__call__(i['properties']['administrators']) + + +@SqlServer.filter_registry.register('vulnerability-assessment') +class VulnerabilityAssessmentFilter(Filter): + """ + Filter sql servers by whether they have recurring vulnerability scans + enabled. + + :example: + + Find SQL servers without vulnerability assessments enabled. + + .. code-block:: yaml + + policies: + - name: sql-server-no-va + resource: azure.sql-server + filters: + - type: vulnerability-assessment + enabled: false + + """ + + schema = type_schema( + 'vulnerability-assessment', + required=['type', 'enabled'], + **{ + 'enabled': {"type": "boolean"}, + } + ) + + log = logging.getLogger('custodian.azure.sqldatabase.vulnerability-assessment-filter') + + def __init__(self, data, manager=None): + super(VulnerabilityAssessmentFilter, self).__init__(data, manager) + self.enabled = self.data['enabled'] + + def process(self, resources, event=None): + resources, exceptions = ThreadHelper.execute_in_parallel( + resources=resources, + event=event, + execution_method=self._process_resource_set, + executor_factory=self.executor_factory, + log=log + ) + if exceptions: + raise exceptions[0] + return resources + + def _process_resource_set(self, resources, event=None): + client = self.manager.get_client() + result = [] + for resource in resources: + if 'c7n:vulnerability_assessment' not in resource['properties']: + va = list(client.server_vulnerability_assessments.list_by_server( + resource['resourceGroup'], + resource['name'])) + + # there can only be a single instance named "Default". + if va: + resource['c7n:vulnerability_assessment'] = \ + va[0].serialize(True).get('properties', {}) + else: + resource['c7n:vulnerability_assessment'] = {} + + if resource['c7n:vulnerability_assessment']\ + .get('recurringScans', {})\ + .get('isEnabled', False) == self.enabled: + result.append(resource) + + return result + + @SqlServer.filter_registry.register('firewall-rules') class SqlServerFirewallRulesFilter(FirewallRulesFilter): def _query_rules(self, resource): @@ -131,7 +257,7 @@ def _query_bypass(self, resource): resource['name']) for r in query: - if r.start_ip_address == '0.0.0.0' and r.end_ip_address == '0.0.0.0': + if r.start_ip_address == '0.0.0.0' and r.end_ip_address == '0.0.0.0': # nosec return ['AzureServices'] return [] diff --git a/tools/c7n_azure/c7n_azure/resources/storage.py b/tools/c7n_azure/c7n_azure/resources/storage.py index 02bcf6f9a33..5c19564fc0e 100644 --- a/tools/c7n_azure/c7n_azure/resources/storage.py +++ b/tools/c7n_azure/c7n_azure/resources/storage.py @@ -1,10 +1,8 @@ # Copyright The Cloud Custodian Authors. # SPDX-License-Identifier: Apache-2.0 -import json import logging -import jsonpickle from azure.cosmosdb.table import TableService from azure.mgmt.storage.models import (IPRule, NetworkRuleSet, StorageAccountUpdateParameters, @@ -24,7 +22,7 @@ from c7n_azure.provider import resources from c7n_azure.resources.arm import ArmResourceManager from c7n_azure.storage_utils import StorageUtilities -from c7n_azure.utils import ThreadHelper +from c7n_azure.utils import ThreadHelper, serialize from netaddr import IPSet @@ -354,7 +352,7 @@ def _get_settings(self, storage_account, session=None): if not (storage_prefix_property in storage_account): settings = StorageSettingsUtilities.get_settings( self.storage_type, storage_account, session) - storage_account[storage_prefix_property] = json.loads(jsonpickle.encode(settings)) + storage_account[storage_prefix_property] = serialize(settings) return storage_account[storage_prefix_property] diff --git a/tools/c7n_azure/c7n_azure/resources/storage_container.py b/tools/c7n_azure/c7n_azure/resources/storage_container.py index 08bb181fed3..794379e2c7b 100644 --- a/tools/c7n_azure/c7n_azure/resources/storage_container.py +++ b/tools/c7n_azure/c7n_azure/resources/storage_container.py @@ -98,8 +98,6 @@ class StorageContainerSetPublicAccessAction(AzureBaseAction): } ) - schema_alias = True - def _prepare_processing(self): self.client = self.manager.get_client() diff --git a/tools/c7n_azure/c7n_azure/resources/vm.py b/tools/c7n_azure/c7n_azure/resources/vm.py index 2603411cc2f..285d77e3578 100644 --- a/tools/c7n_azure/c7n_azure/resources/vm.py +++ b/tools/c7n_azure/c7n_azure/resources/vm.py @@ -166,7 +166,6 @@ class resource_type(ArmResourceManager.resource_type): @VirtualMachine.filter_registry.register('instance-view') class InstanceViewFilter(ValueFilter): schema = type_schema('instance-view', rinherit=ValueFilter.schema) - schema_alias = True def __call__(self, i): if 'instanceView' not in i: @@ -181,6 +180,87 @@ def __call__(self, i): return super(InstanceViewFilter, self).__call__(i['instanceView']) +@VirtualMachine.filter_registry.register('vm-extensions') +class VMExtensionsFilter(ValueFilter): + """ + Provides a value filter targetting the virtual machine + extensions array. Requires an additional API call per + virtual machine to retrieve the extensions. + + Here is an example of the data returned: + + .. code-block:: json + + [{ + "id": "/subscriptions/...", + "name": "CustomScript", + "type": "Microsoft.Compute/virtualMachines/extensions", + "location": "centralus", + "properties": { + "publisher": "Microsoft.Azure.Extensions", + "type": "CustomScript", + "typeHandlerVersion": "2.0", + "autoUpgradeMinorVersion": true, + "settings": { + "fileUris": [] + }, + "provisioningState": "Succeeded" + } + }] + + :examples: + + Find VM's with Custom Script extensions + + .. code-block:: yaml + + policies: + - name: vm-with-customscript + description: | + Find all virtual machines with a custom + script extension installed. + resource: azure.vm + filters: + - type: vm-extensions + op: in + key: "[].properties.type" + value: CustomScript + value_type: swap + + + Find VM's without the OMS agent installed + + .. code-block:: yaml + + policies: + - name: vm-without-oms + description: | + Find all virtual machines without the + OMS agent installed. + resource: azure.vm + filters: + - type: vm-extensions + op: not-in + key: "[].properties.type" + value: OmsAgentForLinux + value_type: swap + + """ + schema = type_schema('vm-extensions', rinherit=ValueFilter.schema) + annotate = False # cannot annotate arrays + + def __call__(self, i): + if 'c7n:vm-extensions' not in i: + client = self.manager.get_client() + extensions = ( + client.virtual_machine_extensions + .list(i['resourceGroup'], i['name']) + ) + i['c7n:vm-extensions'] = [e.serialize(True) for e in extensions.value] + + return super(VMExtensionsFilter, self).__call__(i['c7n:vm-extensions']) + + @VirtualMachine.filter_registry.register('network-interface') class NetworkInterfaceFilter(RelatedResourceFilter): diff --git a/tools/c7n_azure/c7n_azure/resources/web_app.py b/tools/c7n_azure/c7n_azure/resources/web_app.py index 8633c35ac28..e8d9abcedef 100644 --- a/tools/c7n_azure/c7n_azure/resources/web_app.py +++ b/tools/c7n_azure/c7n_azure/resources/web_app.py @@ -84,7 +84,6 @@ class resource_type(ArmResourceManager.resource_type): @WebApp.filter_registry.register('configuration') class ConfigurationFilter(ValueFilter): schema = type_schema('configuration', rinherit=ValueFilter.schema) - schema_alias = True def __call__(self, i): if 'c7n:configuration' not in i: diff --git a/tools/c7n_azure/c7n_azure/session.py b/tools/c7n_azure/c7n_azure/session.py index ebc6d09b82e..849c40a43f0 100644 --- a/tools/c7n_azure/c7n_azure/session.py +++ b/tools/c7n_azure/c7n_azure/session.py @@ -37,8 +37,6 @@ def __init__(self, cloud_endpoints, authorization_file=None, subscription_id_ove if authorization_file: with open(authorization_file) as json_file: self._auth_params = json.load(json_file) - if subscription_id_override is not None: - self._auth_params['subscription_id'] = subscription_id_override else: self._auth_params = { 'client_id': os.environ.get(constants.ENV_CLIENT_ID), @@ -46,8 +44,7 @@ def __init__(self, cloud_endpoints, authorization_file=None, subscription_id_ove 'access_token': os.environ.get(constants.ENV_ACCESS_TOKEN), 'tenant_id': os.environ.get(constants.ENV_TENANT_ID), 'use_msi': bool(os.environ.get(constants.ENV_USE_MSI)), - 'subscription_id': - subscription_id_override or os.environ.get(constants.ENV_SUB_ID), + 'subscription_id': os.environ.get(constants.ENV_SUB_ID), 'keyvault_client_id': os.environ.get(constants.ENV_KEYVAULT_CLIENT_ID), 'keyvault_secret_id': os.environ.get(constants.ENV_KEYVAULT_SECRET_ID), 'enable_cli_auth': True @@ -100,6 +97,9 @@ def __init__(self, cloud_endpoints, authorization_file=None, subscription_id_ove if error is not None: raise Exception('Unable to query TenantId and SubscriptionId') + if subscription_id_override is not None: + self._auth_params['subscription_id'] = subscription_id_override + self._subscription_id = self._auth_params['subscription_id'] self._tenant_id = self._auth_params['tenant_id'] log.info('Authenticated [%s | %s%s]', @@ -221,7 +221,8 @@ def client(self, client, vault_url=None): client_args = { 'credential': self.credentials, 'raw_response_hook': log_response_data, - 'retry_policy': C7nRetryPolicy() + 'retry_policy': C7nRetryPolicy(), + 'credential_scopes': [self.resource_endpoint + ".default"] } # TODO: remove when fixed: https://github.com/Azure/azure-sdk-for-python/issues/17351 diff --git a/tools/c7n_azure/c7n_azure/utils.py b/tools/c7n_azure/c7n_azure/utils.py index 1556ee0cdfc..1b4c37aeb03 100644 --- a/tools/c7n_azure/c7n_azure/utils.py +++ b/tools/c7n_azure/c7n_azure/utils.py @@ -593,9 +593,13 @@ def get_keyvault_auth_endpoint(cloud_endpoints): # This function is a workaround for Azure KeyVault objects that lack # standard serialization method. # These objects store variables with an underscore prefix, so we strip it. -def serialize(item): +def serialize(data): d = {} - for k, v in vars(item).items(): + if type(data) is dict: + items = data.items() + else: + items = vars(data).items() + for k, v in items: if not callable(v) and hasattr(v, '__dict__'): d[k.strip('_')] = serialize(v) elif callable(v): diff --git a/tools/c7n_azure/poetry.lock b/tools/c7n_azure/poetry.lock index 3e786a7f3a6..cff5f08d8e6 100644 --- a/tools/c7n_azure/poetry.lock +++ b/tools/c7n_azure/poetry.lock @@ -1,6 +1,6 @@ [[package]] name = "adal" -version = "1.2.6" +version = "1.2.7" description = "Note: This library is already replaced by MSAL Python, available here: https://pypi.org/project/msal/ .ADAL Python remains available here as a legacy. The ADAL for Python library makes it easy for python application to authenticate to Azure Active Directory (AAD) in order to access AAD protected web resources." category = "main" optional = false @@ -14,7 +14,7 @@ requests = ">=2.0.0,<3" [[package]] name = "applicationinsights" -version = "0.11.9" +version = "0.11.10" description = "This project extends the Application Insights API surface to support Python." category = "main" optional = false @@ -48,14 +48,14 @@ zookeeper = ["kazoo"] [[package]] name = "argcomplete" -version = "1.12.2" +version = "1.12.3" description = "Bash tab completion for argparse" category = "dev" optional = false python-versions = "*" [package.dependencies] -importlib-metadata = {version = ">=0.23,<4", markers = "python_version == \"3.6\" or python_version == \"3.7\""} +importlib-metadata = {version = ">=0.23,<5", markers = "python_version == \"3.6\" or python_version == \"3.7\""} [package.extras] test = ["coverage", "flake8", "pexpect", "wheel"] @@ -76,7 +76,7 @@ tests_no_zope = ["coverage[toml] (>=5.0.2)", "hypothesis", "pympler", "pytest (> [[package]] name = "azure-common" -version = "1.1.26" +version = "1.1.27" description = "Microsoft Azure Client Library for Python (Common)" category = "main" optional = false @@ -84,7 +84,7 @@ python-versions = "*" [[package]] name = "azure-core" -version = "1.12.0" +version = "1.13.0" description = "Microsoft Azure Core Library for Python" category = "main" optional = false @@ -134,7 +134,7 @@ requests = "*" [[package]] name = "azure-functions" -version = "1.6.0" +version = "1.7.0" description = "Azure Functions for Python" category = "main" optional = false @@ -343,7 +343,7 @@ msrest = ">=0.5.0" [[package]] name = "azure-mgmt-containerservice" -version = "15.0.0" +version = "15.1.0" description = "Microsoft Azure Container Service Management Client Library for Python" category = "main" optional = false @@ -352,7 +352,7 @@ python-versions = "*" [package.dependencies] azure-common = ">=1.1,<2.0" azure-mgmt-core = ">=1.2.0,<2.0.0" -msrest = ">=0.5.0" +msrest = ">=0.6.21" [[package]] name = "azure-mgmt-core" @@ -367,7 +367,7 @@ azure-core = ">=1.9.0,<2.0.0" [[package]] name = "azure-mgmt-cosmosdb" -version = "6.1.0" +version = "6.2.0" description = "Microsoft Azure Cosmos DB Management Client Library for Python" category = "main" optional = false @@ -376,7 +376,7 @@ python-versions = "*" [package.dependencies] azure-common = ">=1.1,<2.0" azure-mgmt-core = ">=1.2.0,<2.0.0" -msrest = ">=0.5.0" +msrest = ">=0.6.21" [[package]] name = "azure-mgmt-costmanagement" @@ -614,7 +614,7 @@ msrest = ">=0.5.0" [[package]] name = "azure-mgmt-resource" -version = "16.0.0" +version = "16.1.0" description = "Microsoft Azure Resource Management Client Library for Python" category = "main" optional = false @@ -623,7 +623,7 @@ python-versions = "*" [package.dependencies] azure-common = ">=1.1,<2.0" azure-mgmt-core = ">=1.2.0,<2.0.0" -msrest = ">=0.5.0" +msrest = ">=0.6.21" [[package]] name = "azure-mgmt-resourcegraph" @@ -666,7 +666,7 @@ msrest = ">=0.5.0" [[package]] name = "azure-mgmt-storage" -version = "17.0.0" +version = "17.1.0" description = "Microsoft Azure Storage Management Client Library for Python" category = "main" optional = false @@ -675,7 +675,7 @@ python-versions = "*" [package.dependencies] azure-common = ">=1.1,<2.0" azure-mgmt-core = ">=1.2.0,<2.0.0" -msrest = ">=0.5.0" +msrest = ">=0.6.21" [[package]] name = "azure-mgmt-subscription" @@ -713,7 +713,7 @@ python-versions = "*" [[package]] name = "azure-storage-blob" -version = "12.8.0" +version = "12.8.1" description = "Microsoft Azure Blob Storage Client Library for Python" category = "main" optional = false @@ -752,7 +752,7 @@ azure-storage-common = ">=2.1,<3.0" [[package]] name = "azure-storage-file-share" -version = "12.4.1" +version = "12.4.2" description = "Microsoft Azure Azure File Share Storage Client Library for Python" category = "main" optional = false @@ -765,7 +765,7 @@ msrest = ">=0.6.18" [[package]] name = "azure-storage-queue" -version = "12.1.5" +version = "12.1.6" description = "Microsoft Azure Azure Queue Storage Client Library for Python" category = "main" optional = false @@ -774,24 +774,24 @@ python-versions = "*" [package.dependencies] azure-core = ">=1.10.0,<2.0.0" cryptography = ">=2.1.4" -msrest = ">=0.6.10" +msrest = ">=0.6.18" [[package]] name = "boto3" -version = "1.17.33" +version = "1.17.57" description = "The AWS SDK for Python" category = "dev" optional = false python-versions = ">= 2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" [package.dependencies] -botocore = ">=1.20.33,<1.21.0" +botocore = ">=1.20.57,<1.21.0" jmespath = ">=0.7.1,<1.0.0" -s3transfer = ">=0.3.0,<0.4.0" +s3transfer = ">=0.4.0,<0.5.0" [[package]] name = "botocore" -version = "1.20.33" +version = "1.20.57" description = "Low-level, data-driven core of boto 3." category = "dev" optional = false @@ -803,11 +803,11 @@ python-dateutil = ">=2.1,<3.0.0" urllib3 = ">=1.25.4,<1.27" [package.extras] -crt = ["awscrt (==0.10.8)"] +crt = ["awscrt (==0.11.11)"] [[package]] name = "c7n" -version = "0.9.11" +version = "0.9.12" description = "Cloud Custodian - Policy Rules Engine" category = "dev" optional = false @@ -818,7 +818,6 @@ develop = true argcomplete = "^1.11.1" boto3 = "^1.12.31" importlib-metadata = ">1.7.0;python_version<3.8" -jsonpickle = "1.3" jsonschema = "^3.2.0" python-dateutil = "^2.8.1" pyyaml = "^5.3" @@ -865,7 +864,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" [[package]] name = "cryptography" -version = "3.4.6" +version = "3.4.7" description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers." category = "main" optional = false @@ -900,7 +899,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" [[package]] name = "importlib-metadata" -version = "3.7.3" +version = "4.0.1" description = "Read metadata from Python packages" category = "dev" optional = false @@ -912,7 +911,7 @@ zipp = ">=0.5" [package.extras] docs = ["sphinx", "jaraco.packaging (>=8.2)", "rst.linker (>=1.9)"] -testing = ["pytest (>=3.5,!=3.7.3)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pytest-cov", "pytest-enabler", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] +testing = ["pytest (>=4.6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-cov", "pytest-enabler (>=1.0.1)", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] [[package]] name = "importlib-resources" @@ -948,14 +947,6 @@ category = "main" optional = false python-versions = ">=2.6, !=3.0.*, !=3.1.*, !=3.2.*" -[[package]] -name = "jsonpickle" -version = "1.3" -description = "Python library for serializing any arbitrary object graph into JSON" -category = "main" -optional = false -python-versions = "*" - [[package]] name = "jsonschema" version = "3.2.0" @@ -976,7 +967,7 @@ format_nongpl = ["idna", "jsonpointer (>1.13)", "webcolors", "rfc3986-validator [[package]] name = "msal" -version = "1.10.0" +version = "1.11.0" description = "The Microsoft Authentication Library (MSAL) for Python library enables your app to access the Microsoft Cloud by supporting authentication of users with Microsoft Azure Active Directory accounts (AAD) and Microsoft Accounts (MSA) using industry standard OAuth2 and OpenID Connect." category = "main" optional = false @@ -1192,7 +1183,7 @@ rsa = ["oauthlib[signedtoken] (>=3.0.0)"] [[package]] name = "s3transfer" -version = "0.3.6" +version = "0.4.2" description = "An Amazon S3 Transfer Manager" category = "dev" optional = false @@ -1201,6 +1192,9 @@ python-versions = "*" [package.dependencies] botocore = ">=1.12.36,<2.0a.0" +[package.extras] +crt = ["botocore[crt] (>=1.20.29,<2.0a.0)"] + [[package]] name = "six" version = "1.15.0" @@ -1313,36 +1307,36 @@ testing = ["pytest (>=4.6)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pyt [metadata] lock-version = "1.1" python-versions = "^3.6" -content-hash = "1f75519ef4af8cfffd36ad9d6d141fc8f7a3c619c8c097ba00bc6d9b958dfd20" +content-hash = "294dd2288d2fba0ef266bb5968349edb413f3a5d07c7a41e0459fc7b42393acd" [metadata.files] adal = [ - {file = "adal-1.2.6-py2.py3-none-any.whl", hash = "sha256:9928f90e4003dc7a41c6995ccb5db79d9769a275cb365b10deb48471002642dc"}, - {file = "adal-1.2.6.tar.gz", hash = "sha256:08b94d30676ceb78df31bce9dd0f05f1bc2b6172e44c437cbf5b968a00ac6489"}, + {file = "adal-1.2.7-py2.py3-none-any.whl", hash = "sha256:2a7451ed7441ddbc57703042204a3e30ef747478eea022c70f789fc7f084bc3d"}, + {file = "adal-1.2.7.tar.gz", hash = "sha256:d74f45b81317454d96e982fd1c50e6fb5c99ac2223728aea8764433a39f566f1"}, ] applicationinsights = [ - {file = "applicationinsights-0.11.9-py2.py3-none-any.whl", hash = "sha256:b88bc5a41385d8e516489128d5e63f8c52efe597a3579b1718d1ab2f7cf150a2"}, - {file = "applicationinsights-0.11.9.tar.gz", hash = "sha256:30a11aafacea34f8b160fbdc35254c9029c7e325267874e3c68f6bdbcd6ed2c3"}, + {file = "applicationinsights-0.11.10-py2.py3-none-any.whl", hash = "sha256:e89a890db1c6906b6a7d0bcfd617dac83974773c64573147c8d6654f9cf2a6ea"}, + {file = "applicationinsights-0.11.10.tar.gz", hash = "sha256:0b761f3ef0680acf4731906dfc1807faa6f2a57168ae74592db0084a6099f7b3"}, ] apscheduler = [ {file = "APScheduler-3.7.0-py2.py3-none-any.whl", hash = "sha256:c06cc796d5bb9eb3c4f77727f6223476eb67749e7eea074d1587550702a7fbe3"}, {file = "APScheduler-3.7.0.tar.gz", hash = "sha256:1cab7f2521e107d07127b042155b632b7a1cd5e02c34be5a28ff62f77c900c6a"}, ] argcomplete = [ - {file = "argcomplete-1.12.2-py2.py3-none-any.whl", hash = "sha256:17f01a9b9b9ece3e6b07058eae737ad6e10de8b4e149105f84614783913aba71"}, - {file = "argcomplete-1.12.2.tar.gz", hash = "sha256:de0e1282330940d52ea92a80fea2e4b9e0da1932aaa570f84d268939d1897b04"}, + {file = "argcomplete-1.12.3-py2.py3-none-any.whl", hash = "sha256:291f0beca7fd49ce285d2f10e4c1c77e9460cf823eef2de54df0c0fec88b0d81"}, + {file = "argcomplete-1.12.3.tar.gz", hash = "sha256:2c7dbffd8c045ea534921e63b0be6fe65e88599990d8dc408ac8c542b72a5445"}, ] attrs = [ {file = "attrs-20.3.0-py2.py3-none-any.whl", hash = "sha256:31b2eced602aa8423c2aea9c76a724617ed67cf9513173fd3a4f03e3a929c7e6"}, {file = "attrs-20.3.0.tar.gz", hash = "sha256:832aa3cde19744e49938b91fea06d69ecb9e649c93ba974535d08ad92164f700"}, ] azure-common = [ - {file = "azure-common-1.1.26.zip", hash = "sha256:b2866238aea5d7492cfb0282fc8b8d5f6d06fb433872345864d45753c10b6e4f"}, - {file = "azure_common-1.1.26-py2.py3-none-any.whl", hash = "sha256:acd26b2adb3ea192d766b4f083805287da080adc7f316ce7e52ef0ea917fbe31"}, + {file = "azure-common-1.1.27.zip", hash = "sha256:9f3f5d991023acbd93050cf53c4e863c6973ded7e236c69e99c8ff5c7bad41ef"}, + {file = "azure_common-1.1.27-py2.py3-none-any.whl", hash = "sha256:426673962740dbe9aab052a4b52df39c07767decd3f25fdc87c9d4c566a04934"}, ] azure-core = [ - {file = "azure-core-1.12.0.zip", hash = "sha256:adf2b1c6ef150a92295b4b405f982a9d2c55c4846728cb14760ca592acbb09ec"}, - {file = "azure_core-1.12.0-py2.py3-none-any.whl", hash = "sha256:2d0ff1c446cc572f3e32a9a59809880d0d857754a06afe682bce8a6ea2201607"}, + {file = "azure-core-1.13.0.zip", hash = "sha256:624b46db407dbed9e03134ab65214efab5b5315949a1fbd6cd592c46fb272588"}, + {file = "azure_core-1.13.0-py2.py3-none-any.whl", hash = "sha256:3c886a5c6e0698360826c08b2685965d8c23e1292c32be9028ce2fa691005849"}, ] azure-cosmos = [ {file = "azure-cosmos-3.2.0.tar.gz", hash = "sha256:4f77cc558fecffac04377ba758ac4e23f076dc1c54e2cf2515f85bc15cbde5c6"}, @@ -1357,8 +1351,8 @@ azure-cosmosdb-table = [ {file = "azure_cosmosdb_table-1.0.6-py2.py3-none-any.whl", hash = "sha256:ee525233d6c8c016526593bf28f8a374275cfe204a00c41134b83a1736f7b5f7"}, ] azure-functions = [ - {file = "azure-functions-1.6.0.tar.gz", hash = "sha256:0e6491119ed3216654a90b4f48f2632d261d7c3af4d735ceb95af2e0c06ef4be"}, - {file = "azure_functions-1.6.0-py3-none-any.whl", hash = "sha256:0c5379eafc4c512931947636c45ddb73fb923d6e5f23d7da7e5fbd0e34949898"}, + {file = "azure-functions-1.7.0.tar.gz", hash = "sha256:8d6cb467736f4fad2d52470a21e84ea22b84623ba4728d741ceed3cd8cacd116"}, + {file = "azure_functions-1.7.0-py3-none-any.whl", hash = "sha256:96f985bcab59cb3b1ce3cccc9bd0703aa47eb26f4f28c24afcc2a80699e3302f"}, ] azure-graphrbac = [ {file = "azure-graphrbac-0.61.1.zip", hash = "sha256:53e98ae2ca7c19b349e9e9bb1b6a824aeae8dcfcbe17190d20fe69c0f185b2e2"}, @@ -1421,16 +1415,16 @@ azure-mgmt-containerregistry = [ {file = "azure_mgmt_containerregistry-8.0.0b1-py2.py3-none-any.whl", hash = "sha256:34d0a789a8f81e3c0e980cfed12ff09d5ee8be73807f7409c741c462d9a9867b"}, ] azure-mgmt-containerservice = [ - {file = "azure-mgmt-containerservice-15.0.0.zip", hash = "sha256:e205aada94bb630e1ba5ee57751849456e1535aec3f2173edf2cbf596b99c0d9"}, - {file = "azure_mgmt_containerservice-15.0.0-py2.py3-none-any.whl", hash = "sha256:69654f650dcf4b15af02072fa5c39c4841fbff56c5fcdb45135331cf25ebfeca"}, + {file = "azure-mgmt-containerservice-15.1.0.zip", hash = "sha256:51c64e01e614c9b88723b86b36b48f8417171610a098bf4690e39e71cefc32d9"}, + {file = "azure_mgmt_containerservice-15.1.0-py2.py3-none-any.whl", hash = "sha256:bdf45e58cb2f25d015837abe8935baedc09d1c2cee278d9827ecbdd4daf45470"}, ] azure-mgmt-core = [ {file = "azure-mgmt-core-1.2.2.zip", hash = "sha256:4246810996107f72482a9351cf918d380c257e90942144ec9c0c2abda1d0a312"}, {file = "azure_mgmt_core-1.2.2-py2.py3-none-any.whl", hash = "sha256:d36bd595dff6a1509ed52a89ee8dd88b83200320a6afa60fb4186afcb8978ce5"}, ] azure-mgmt-cosmosdb = [ - {file = "azure-mgmt-cosmosdb-6.1.0.zip", hash = "sha256:7eb28eae4354e0a68e098de314b380d92f6482f53b2947dc8a36913195bdfde0"}, - {file = "azure_mgmt_cosmosdb-6.1.0-py2.py3-none-any.whl", hash = "sha256:4aec41769c9abb83302edd7d445d7246296c54bce0e5e98c51519458bb00f985"}, + {file = "azure-mgmt-cosmosdb-6.2.0.zip", hash = "sha256:116b5bf9433ad89078c743b617c5b1c51f9ce1a1f128fb2e4bbafb5efb2d2c74"}, + {file = "azure_mgmt_cosmosdb-6.2.0-py2.py3-none-any.whl", hash = "sha256:31d1a9d0bb4fbd943de836860aa8fb9fcd4f7f6db3d0d6e9d0e26bca4b6837a1"}, ] azure-mgmt-costmanagement = [ {file = "azure-mgmt-costmanagement-1.0.0.zip", hash = "sha256:bf6d8fd5cddc330d7e2204157ea72b08c01580de4aa94c97709dc117b046f482"}, @@ -1505,8 +1499,8 @@ azure-mgmt-redis = [ {file = "azure_mgmt_redis-12.0.0-py2.py3-none-any.whl", hash = "sha256:5f1a559ab6d342a4b476d80830086435161f5739bc2a5c2ee564ee0668ee974e"}, ] azure-mgmt-resource = [ - {file = "azure-mgmt-resource-16.0.0.zip", hash = "sha256:0bdbdc9c1ed2ef975d8dff45f358d1e06dc6761eace5b6817f13993447e48a68"}, - {file = "azure_mgmt_resource-16.0.0-py2.py3-none-any.whl", hash = "sha256:79df0a7805b9f3d9e3d75b4bfbe3bace5408bb400a9dac21fd995fc164237f5a"}, + {file = "azure-mgmt-resource-16.1.0.zip", hash = "sha256:b814ee27b37f030fe69461ef6f514661340dc8b1f28736362541e1c0d31d90ae"}, + {file = "azure_mgmt_resource-16.1.0-py2.py3-none-any.whl", hash = "sha256:433cddfb737bbc894698a7c9b07e15b4e0872cf89a54eaf1301d5605b2c4118d"}, ] azure-mgmt-resourcegraph = [ {file = "azure-mgmt-resourcegraph-7.0.0.zip", hash = "sha256:871b1f657e230c23cec8e851f0bf633d67906cfd6616f5564f313fa65f594938"}, @@ -1521,8 +1515,8 @@ azure-mgmt-sql = [ {file = "azure_mgmt_sql-1.0.0-py2.py3-none-any.whl", hash = "sha256:8fae38fc88ba3388b15854f3a8a2c3f8aaeb9cb609ad37b6545abb8d3ae540e6"}, ] azure-mgmt-storage = [ - {file = "azure-mgmt-storage-17.0.0.zip", hash = "sha256:c0e3fd99028d98c80dddabe1c22dfeb3d694e5c1393c6de80766eb240739e4bc"}, - {file = "azure_mgmt_storage-17.0.0-py2.py3-none-any.whl", hash = "sha256:671a2c57bff42e32e18ea7891d2b81d6dcdbb454fe60dc7be7ab09b92c11fd01"}, + {file = "azure-mgmt-storage-17.1.0.zip", hash = "sha256:01acb8e988c8082174fa952e1638d700146185644fbe4b126e65843e63d44600"}, + {file = "azure_mgmt_storage-17.1.0-py2.py3-none-any.whl", hash = "sha256:884ca5bdcb23fc7aaca45dfb1f256155a17d1f632a857c7c5b4396f7b672deee"}, ] azure-mgmt-subscription = [ {file = "azure-mgmt-subscription-1.0.0.zip", hash = "sha256:22f606f298419f466a8149811fc762686c93da00a7dc15d3b7cdbf22b96cf5db"}, @@ -1538,8 +1532,8 @@ azure-nspkg = [ {file = "azure_nspkg-3.0.2-py3-none-any.whl", hash = "sha256:31a060caca00ed1ebd369fc7fe01a56768c927e404ebc92268f4d9d636435e28"}, ] azure-storage-blob = [ - {file = "azure-storage-blob-12.8.0.zip", hash = "sha256:36b85a3423379d4a93f663022487cf53aa3043a355f8414321dde878c00cb577"}, - {file = "azure_storage_blob-12.8.0-py2.py3-none-any.whl", hash = "sha256:46999df6e2cde8773739f7c3bd1eb5846d4b7dc1ef6e2161f3b6d1d0f21726ba"}, + {file = "azure-storage-blob-12.8.1.zip", hash = "sha256:eb37b50ddfb6e558b29f6c8c03b0666514e55d6170bf4624e7261a3af93c6401"}, + {file = "azure_storage_blob-12.8.1-py2.py3-none-any.whl", hash = "sha256:e74c2c49fd04b80225f5b9734f1dbd417d89f280abfedccced3ac21509e1659d"}, ] azure-storage-common = [ {file = "azure-storage-common-2.1.0.tar.gz", hash = "sha256:ccedef5c67227bc4d6670ffd37cec18fb529a1b7c3a5e53e4096eb0cf23dc73f"}, @@ -1550,20 +1544,20 @@ azure-storage-file = [ {file = "azure_storage_file-2.1.0-py2.py3-none-any.whl", hash = "sha256:07e01b6b1ccbac97946a3abab773fdc4904965577c3afa0151e786c463bd7260"}, ] azure-storage-file-share = [ - {file = "azure-storage-file-share-12.4.1.zip", hash = "sha256:7503d05882970abc977529ff5a4b81e79f62fd51b238fe306f72e13f57a522ca"}, - {file = "azure_storage_file_share-12.4.1-py2.py3-none-any.whl", hash = "sha256:c08365049e2f605541135be970493e6f92a35e617c3a9bc9916e0c35e4bba14e"}, + {file = "azure-storage-file-share-12.4.2.zip", hash = "sha256:6c458d1e3db38fdd502d8f77107c81e6859654f02c0e7f2a98214289d9e0dde2"}, + {file = "azure_storage_file_share-12.4.2-py2.py3-none-any.whl", hash = "sha256:170c6825ecdd463067d60f974dc24be7670bbb98d2812426f920cb2d967457de"}, ] azure-storage-queue = [ - {file = "azure-storage-queue-12.1.5.zip", hash = "sha256:f0f2f4064120c05a0b594cb504321b523cefd47329a047dd885bb30978100180"}, - {file = "azure_storage_queue-12.1.5-py2.py3-none-any.whl", hash = "sha256:038b3a0e4494e34a0a60a7bf9f98a77df65ed768b1db3c60e6ac2727ceb33469"}, + {file = "azure-storage-queue-12.1.6.zip", hash = "sha256:79e4ef589db6b5272f052309d5525960b20fffbfe61958a0007dc4e7a40b68e2"}, + {file = "azure_storage_queue-12.1.6-py2.py3-none-any.whl", hash = "sha256:54435c14278118275e4fc17989a1005b02d5ccb662b112ac8699eab4e5a8fc89"}, ] boto3 = [ - {file = "boto3-1.17.33-py2.py3-none-any.whl", hash = "sha256:3306dad87f993703b102a0a70ca19c549b7f41e7f70fa7b4c579735c9f79351d"}, - {file = "boto3-1.17.33.tar.gz", hash = "sha256:0cac2fffc1ba915f7bb5ecee539318532db51f218c928a228fafe3e501e9472e"}, + {file = "boto3-1.17.57-py2.py3-none-any.whl", hash = "sha256:2783947ec34dd84fc36093e8fc8a9a24679cf912a97bc9a0c47f4966ed059a29"}, + {file = "boto3-1.17.57.tar.gz", hash = "sha256:6b4a79691a48740816f03c4cb1e8ef46f8335ad2019d9c4a95da73eb5cb98f05"}, ] botocore = [ - {file = "botocore-1.20.33-py2.py3-none-any.whl", hash = "sha256:a33e862685259fe22d9790d9c9f3567feda8b824d44d3c62a3617af1133543a4"}, - {file = "botocore-1.20.33.tar.gz", hash = "sha256:e355305309699d3aca1e0050fc21d48595b40db046cb0d2491cd57ff5b26920b"}, + {file = "botocore-1.20.57-py2.py3-none-any.whl", hash = "sha256:fa430bc773363a3d332c11c55bd8c0c0a5819d576121eb6990528a1bdaa89bcd"}, + {file = "botocore-1.20.57.tar.gz", hash = "sha256:ae4ac72921f23d35ad54a5fb0989fc00c6fff8a39e24f26128b9315cc6209fec"}, ] c7n = [] certifi = [ @@ -1618,13 +1612,18 @@ click = [ {file = "click-7.1.2.tar.gz", hash = "sha256:d2b5255c7c6349bc1bd1e59e08cd12acbbd63ce649f2588755783aa94dfb6b1a"}, ] cryptography = [ - {file = "cryptography-3.4.6-cp36-abi3-macosx_10_10_x86_64.whl", hash = "sha256:57ad77d32917bc55299b16d3b996ffa42a1c73c6cfa829b14043c561288d2799"}, - {file = "cryptography-3.4.6-cp36-abi3-manylinux2010_x86_64.whl", hash = "sha256:93cfe5b7ff006de13e1e89830810ecbd014791b042cbe5eec253be11ac2b28f3"}, - {file = "cryptography-3.4.6-cp36-abi3-manylinux2014_aarch64.whl", hash = "sha256:5ecf2bcb34d17415e89b546dbb44e73080f747e504273e4d4987630493cded1b"}, - {file = "cryptography-3.4.6-cp36-abi3-manylinux2014_x86_64.whl", hash = "sha256:fec7fb46b10da10d9e1d078d1ff8ed9e05ae14f431fdbd11145edd0550b9a964"}, - {file = "cryptography-3.4.6-cp36-abi3-win32.whl", hash = "sha256:df186fcbf86dc1ce56305becb8434e4b6b7504bc724b71ad7a3239e0c9d14ef2"}, - {file = "cryptography-3.4.6-cp36-abi3-win_amd64.whl", hash = "sha256:66b57a9ca4b3221d51b237094b0303843b914b7d5afd4349970bb26518e350b0"}, - {file = "cryptography-3.4.6.tar.gz", hash = "sha256:2d32223e5b0ee02943f32b19245b61a62db83a882f0e76cc564e1cec60d48f87"}, + {file = "cryptography-3.4.7-cp36-abi3-macosx_10_10_x86_64.whl", hash = "sha256:3d8427734c781ea5f1b41d6589c293089704d4759e34597dce91014ac125aad1"}, + {file = "cryptography-3.4.7-cp36-abi3-macosx_11_0_arm64.whl", hash = "sha256:8e56e16617872b0957d1c9742a3f94b43533447fd78321514abbe7db216aa250"}, + {file = "cryptography-3.4.7-cp36-abi3-manylinux2010_x86_64.whl", hash = "sha256:37340614f8a5d2fb9aeea67fd159bfe4f5f4ed535b1090ce8ec428b2f15a11f2"}, + {file = "cryptography-3.4.7-cp36-abi3-manylinux2014_aarch64.whl", hash = "sha256:240f5c21aef0b73f40bb9f78d2caff73186700bf1bc6b94285699aff98cc16c6"}, + {file = "cryptography-3.4.7-cp36-abi3-manylinux2014_x86_64.whl", hash = "sha256:1e056c28420c072c5e3cb36e2b23ee55e260cb04eee08f702e0edfec3fb51959"}, + {file = "cryptography-3.4.7-cp36-abi3-win32.whl", hash = "sha256:0f1212a66329c80d68aeeb39b8a16d54ef57071bf22ff4e521657b27372e327d"}, + {file = "cryptography-3.4.7-cp36-abi3-win_amd64.whl", hash = "sha256:de4e5f7f68220d92b7637fc99847475b59154b7a1b3868fb7385337af54ac9ca"}, + {file = "cryptography-3.4.7-pp36-pypy36_pp73-manylinux2010_x86_64.whl", hash = "sha256:26965837447f9c82f1855e0bc8bc4fb910240b6e0d16a664bb722df3b5b06873"}, + {file = "cryptography-3.4.7-pp36-pypy36_pp73-manylinux2014_x86_64.whl", hash = "sha256:eb8cc2afe8b05acbd84a43905832ec78e7b3873fb124ca190f574dca7389a87d"}, + {file = "cryptography-3.4.7-pp37-pypy37_pp73-manylinux2010_x86_64.whl", hash = "sha256:7ec5d3b029f5fa2b179325908b9cd93db28ab7b85bb6c1db56b10e0b54235177"}, + {file = "cryptography-3.4.7-pp37-pypy37_pp73-manylinux2014_x86_64.whl", hash = "sha256:ee77aa129f481be46f8d92a1a7db57269a2f23052d5f2433b4621bb457081cc9"}, + {file = "cryptography-3.4.7.tar.gz", hash = "sha256:3d10de8116d25649631977cb37da6cbdd2d6fa0e0281d014a5b7d337255ca713"}, ] distlib = [ {file = "distlib-0.3.1-py2.py3-none-any.whl", hash = "sha256:8c09de2c67b3e7deef7184574fc060ab8a793e7adbb183d942c389c8b13c52fb"}, @@ -1635,8 +1634,8 @@ idna = [ {file = "idna-2.10.tar.gz", hash = "sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6"}, ] importlib-metadata = [ - {file = "importlib_metadata-3.7.3-py3-none-any.whl", hash = "sha256:b74159469b464a99cb8cc3e21973e4d96e05d3024d337313fedb618a6e86e6f4"}, - {file = "importlib_metadata-3.7.3.tar.gz", hash = "sha256:742add720a20d0467df2f444ae41704000f50e1234f46174b51f9c6031a1bd71"}, + {file = "importlib_metadata-4.0.1-py3-none-any.whl", hash = "sha256:d7eb1dea6d6a6086f8be21784cc9e3bcfa55872b52309bc5fad53a8ea444465d"}, + {file = "importlib_metadata-4.0.1.tar.gz", hash = "sha256:8c501196e49fb9df5df43833bdb1e4328f64847763ec8a50703148b73784d581"}, ] importlib-resources = [ {file = "importlib_resources-5.1.2-py3-none-any.whl", hash = "sha256:ebab3efe74d83b04d6bf5cd9a17f0c5c93e60fb60f30c90f56265fce4682a469"}, @@ -1650,17 +1649,13 @@ jmespath = [ {file = "jmespath-0.10.0-py2.py3-none-any.whl", hash = "sha256:cdf6525904cc597730141d61b36f2e4b8ecc257c420fa2f4549bac2c2d0cb72f"}, {file = "jmespath-0.10.0.tar.gz", hash = "sha256:b85d0567b8666149a93172712e68920734333c0ce7e89b78b3e987f71e5ed4f9"}, ] -jsonpickle = [ - {file = "jsonpickle-1.3-py2.py3-none-any.whl", hash = "sha256:efc6839cb341985f0c24f98650a4c1063a2877c236ffd3d7e1662f0c482bac93"}, - {file = "jsonpickle-1.3.tar.gz", hash = "sha256:71bca2b80ae28af4e3f86629ef247100af7f97032b5ca8d791c1f8725b411d95"}, -] jsonschema = [ {file = "jsonschema-3.2.0-py2.py3-none-any.whl", hash = "sha256:4e5b3cf8216f577bee9ce139cbe72eca3ea4f292ec60928ff24758ce626cd163"}, {file = "jsonschema-3.2.0.tar.gz", hash = "sha256:c8a85b28d377cc7737e46e2d9f2b4f44ee3c0e1deac6bf46ddefc7187d30797a"}, ] msal = [ - {file = "msal-1.10.0-py2.py3-none-any.whl", hash = "sha256:daffb9d21fb45b36419182735fa12a4f9d4071b427188aa114162bd623edd812"}, - {file = "msal-1.10.0.tar.gz", hash = "sha256:582e92e3b9fa68084dca6ecfd8db866ddc75cd9043de267c79d6b6277dd27f55"}, + {file = "msal-1.11.0-py2.py3-none-any.whl", hash = "sha256:4b1646e6b028db0e124cf4f49bccb67ccddd2a7dfec03e52ce9cd3d083642034"}, + {file = "msal-1.11.0.tar.gz", hash = "sha256:467af02bb94a87a1b695b51bf867667e828acc0dd3c1de5fa543f69002db49fa"}, ] msal-extensions = [ {file = "msal-extensions-0.3.0.tar.gz", hash = "sha256:5523dfa15da88297e90d2e73486c8ef875a17f61ea7b7e2953a300432c2e7861"}, @@ -1793,8 +1788,8 @@ requests-oauthlib = [ {file = "requests_oauthlib-1.3.0-py3.7.egg", hash = "sha256:fa6c47b933f01060936d87ae9327fead68768b69c6c9ea2109c48be30f2d4dbc"}, ] s3transfer = [ - {file = "s3transfer-0.3.6-py2.py3-none-any.whl", hash = "sha256:5d48b1fd2232141a9d5fb279709117aaba506cacea7f86f11bc392f06bfa8fc2"}, - {file = "s3transfer-0.3.6.tar.gz", hash = "sha256:c5dadf598762899d8cfaecf68eba649cd25b0ce93b6c954b156aaa3eed160547"}, + {file = "s3transfer-0.4.2-py2.py3-none-any.whl", hash = "sha256:9b3752887a2880690ce628bc263d6d13a3864083aeacff4890c1c9839a5eb0bc"}, + {file = "s3transfer-0.4.2.tar.gz", hash = "sha256:cb022f4b16551edebbb31a377d3f09600dbada7363d8c5db7976e7f47732e1b2"}, ] six = [ {file = "six-1.15.0-py2.py3-none-any.whl", hash = "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced"}, diff --git a/tools/c7n_azure/pyproject.toml b/tools/c7n_azure/pyproject.toml index 95201960cb0..53dbd7bc14c 100644 --- a/tools/c7n_azure/pyproject.toml +++ b/tools/c7n_azure/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "c7n_azure" -version = "0.7.10" +version = "0.7.11" description = "Cloud Custodian - Azure Support" readme = "readme.md" homepage="https://cloudcustodian.io" @@ -9,6 +9,7 @@ documentation="https://cloudcustodian.io/docs/" authors = ["Cloud Custodian Project"] license = "Apache-2.0" classifiers=[ + "License :: OSI Approved :: Apache Software License", "Topic :: System :: Systems Administration", "Topic :: System :: Distributed Computing" ] @@ -54,7 +55,6 @@ azure-cosmosdb-table = "^1.0.6" applicationinsights = "^0.11.9" apscheduler = "^3.6.3" distlib = "^0.3.0" -jsonpickle = "1.3" requests = "^2.22.0" PyJWT = "^1.7.1" adal = "^1.2.6" diff --git a/tools/c7n_azure/requirements.txt b/tools/c7n_azure/requirements.txt index 5b2f27c4446..cffb5981934 100644 --- a/tools/c7n_azure/requirements.txt +++ b/tools/c7n_azure/requirements.txt @@ -1,12 +1,12 @@ -adal==1.2.6 -applicationinsights==0.11.9 +adal==1.2.7 +applicationinsights==0.11.10 apscheduler==3.7.0; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.5.0" and python_version < "4") -azure-common==1.1.26 -azure-core==1.12.0 +azure-common==1.1.27 +azure-core==1.13.0 azure-cosmos==3.2.0 azure-cosmosdb-nspkg==2.0.2 azure-cosmosdb-table==1.0.6 -azure-functions==1.6.0; python_version >= "3" and python_version < "4" +azure-functions==1.7.0; python_version >= "3" and python_version < "4" azure-graphrbac==0.61.1 azure-identity==1.5.0 azure-keyvault-certificates==4.2.1 @@ -22,9 +22,9 @@ azure-mgmt-cognitiveservices==11.0.0 azure-mgmt-compute==19.0.0 azure-mgmt-containerinstance==7.0.0 azure-mgmt-containerregistry==8.0.0b1 -azure-mgmt-containerservice==15.0.0 +azure-mgmt-containerservice==15.1.0 azure-mgmt-core==1.2.2 -azure-mgmt-cosmosdb==6.1.0 +azure-mgmt-cosmosdb==6.2.0 azure-mgmt-costmanagement==1.0.0 azure-mgmt-databricks==1.0.0b1 azure-mgmt-datafactory==1.1.0 @@ -43,32 +43,31 @@ azure-mgmt-network==17.1.0 azure-mgmt-policyinsights==1.0.0 azure-mgmt-rdbms==8.0.0 azure-mgmt-redis==12.0.0 -azure-mgmt-resource==16.0.0 +azure-mgmt-resource==16.1.0 azure-mgmt-resourcegraph==7.0.0 azure-mgmt-search==8.0.0 azure-mgmt-sql==1.0.0 -azure-mgmt-storage==17.0.0 +azure-mgmt-storage==17.1.0 azure-mgmt-subscription==1.0.0 azure-mgmt-web==2.0.0 azure-nspkg==3.0.2 -azure-storage-blob==12.8.0 +azure-storage-blob==12.8.1 azure-storage-common==2.1.0 -azure-storage-file-share==12.4.1 +azure-storage-file-share==12.4.2 azure-storage-file==2.1.0 -azure-storage-queue==12.1.5 +azure-storage-queue==12.1.6 certifi==2020.12.5; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" cffi==1.14.5; python_version >= "3.6" chardet==4.0.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" click==7.1.2; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.5.0") -cryptography==3.4.6; python_version >= "3.6" +cryptography==3.4.7; python_version >= "3.6" distlib==0.3.1 idna==2.10; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" importlib-resources==5.1.2; python_version >= "3.6" and python_version < "3.7" isodate==0.6.0 jmespath==0.10.0; (python_version >= "2.6" and python_full_version < "3.0.0") or (python_full_version >= "3.3.0") -jsonpickle==1.3 msal-extensions==0.3.0 -msal==1.10.0 +msal==1.11.0 msrest==0.6.21 msrestazure==0.6.4 netaddr==0.7.20 diff --git a/tools/c7n_azure/setup.py b/tools/c7n_azure/setup.py index 03d3f16b596..519b5244269 100644 --- a/tools/c7n_azure/setup.py +++ b/tools/c7n_azure/setup.py @@ -18,7 +18,7 @@ 'adal>=1.2.6,<2.0.0', 'applicationinsights>=0.11.9,<0.12.0', 'apscheduler>=3.6.3,<4.0.0', - 'argcomplete (>=1.12.2,<2.0.0)', + 'argcomplete (>=1.12.3,<2.0.0)', 'attrs (>=20.3.0,<21.0.0)', 'azure-cosmos>=3.1.2,<4.0.0', 'azure-cosmosdb-table>=1.0.6,<2.0.0', @@ -68,24 +68,22 @@ 'azure-storage-file-share>=12.4.1,<13.0.0', 'azure-storage-file>=2.1.0,<3.0.0', 'azure-storage-queue>=12.1.5,<13.0.0', - 'boto3 (>=1.17.33,<2.0.0)', - 'botocore (>=1.20.33,<2.0.0)', - 'c7n (>=0.9.11,<0.10.0)', + 'boto3 (>=1.17.57,<2.0.0)', + 'botocore (>=1.20.57,<2.0.0)', + 'c7n (>=0.9.12,<0.10.0)', 'click>=7.0,<8.0', 'cryptography>=3.4.6,<4.0.0', 'distlib>=0.3.0,<0.4.0', - 'importlib-metadata (>=3.7.3,<4.0.0)', + 'importlib-metadata (>=4.0.1,<5.0.0)', 'jmespath (>=0.10.0,<0.11.0)', 'jmespath>=0.10.0,<0.11.0', - 'jsonpickle (>=1.3,<2.0)', - 'jsonpickle==1.3', 'jsonschema (>=3.2.0,<4.0.0)', 'netaddr>=0.7.19,<0.8.0', 'pyrsistent (>=0.17.3,<0.18.0)', 'python-dateutil (>=2.8.1,<3.0.0)', 'pyyaml (>=5.4.1,<6.0.0)', 'requests>=2.22.0,<3.0.0', - 's3transfer (>=0.3.6,<0.4.0)', + 's3transfer (>=0.4.2,<0.5.0)', 'six (>=1.15.0,<2.0.0)', 'tabulate (>=0.8.9,<0.9.0)', 'typing-extensions (>=3.7.4.3,<4.0.0.0)', @@ -97,8 +95,14 @@ setup_kwargs = { 'name': 'c7n-azure', - 'version': '0.7.10', + 'version': '0.7.11', 'description': 'Cloud Custodian - Azure Support', + 'license': 'Apache-2.0', + 'classifiers': [ + 'License :: OSI Approved :: Apache Software License', + 'Topic :: System :: Systems Administration', + 'Topic :: System :: Distributed Computing' + ], 'long_description': '\n# Cloud Custodian - Azure Support\n\nThis a plugin to Cloud Custodian that adds Azure support.\n\n## Install Cloud Custodian and Azure Plugin\n\nThe Azure provider must be installed as a separate package in addition to c7n. \n\n $ git clone https://github.com/cloud-custodian/cloud-custodian.git\n $ virtualenv custodian\n $ source custodian/bin/activate\n (custodian) $ pip install -e cloud-custodian/.\n (custodian) $ pip install -e cloud-custodian/tools/c7n_azure/.\n\n\n## Write your first policy\n\nA policy specifies the following items:\n\n- The type of resource to run the policy against\n- Filters to narrow down the set of resources\n- Actions to take on the filtered set of resources\n\nFor this tutorial we will add a tag to all virtual machines with the name "Hello" and the value "World".\n\nCreate a file named ``custodian.yml`` with this content:\n\n policies:\n - name: my-first-policy\n description: |\n Adds a tag to all virtual machines\n resource: azure.vm\n actions:\n - type: tag\n tag: Hello\n value: World\n\n## Run your policy\n\nFirst, choose one of the supported authentication mechanisms and either log in to Azure CLI or set\nenvironment variables as documented in [Authentication](https://cloudcustodian.io/docs/azure/authentication.html#azure-authentication).\n\n custodian run --output-dir=. custodian.yml\n\n\nIf successful, you should see output similar to the following on the command line\n\n 2016-12-20 08:35:06,133: custodian.policy:INFO Running policy my-first-policy resource: azure.vm\n 2016-12-20 08:35:07,514: custodian.policy:INFO policy: my-first-policy resource:azure.vm has count:1 time:1.38\n 2016-12-20 08:35:08,188: custodian.policy:INFO policy: my-first-policy action: tag: 1 execution_time: 0.67\n\n\nYou should also find a new ``my-first-policy`` directory with a log and other\nfiles (subsequent runs will append to the log by default rather than\noverwriting it). \n\n## Links\n- [Getting Started](https://cloudcustodian.io/docs/azure/gettingstarted.html)\n- [Example Scenarios](https://cloudcustodian.io/docs/azure/examples/index.html)\n- [Example Policies](https://cloudcustodian.io/docs/azure/policy/index.html)\n\n\n\n\n', 'long_description_content_type': 'text/markdown', 'author': 'Cloud Custodian Project', diff --git a/tools/c7n_azure/tests_azure/cassettes/ResourceGroupTest.test_delete_resource_group.json b/tools/c7n_azure/tests_azure/cassettes/ResourceGroupTest.test_delete_resource_group.json new file mode 100644 index 00000000000..66ec5c66db5 --- /dev/null +++ b/tools/c7n_azure/tests_azure/cassettes/ResourceGroupTest.test_delete_resource_group.json @@ -0,0 +1,48 @@ +{ + "version": 1, + "interactions": [ + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourcegroups?api-version=2020-10-01", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "content-length": [ + "233" + ], + "date": [ + "Fri, 04 Jun 2021 20:57:59 GMT" + ], + "content-type": [ + "application/json; charset=utf-8" + ], + "cache-control": [ + "no-cache" + ] + }, + "body": { + "data": { + "value": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_emptyrg", + "name": "test_emptyrg", + "type": "Microsoft.Resources/resourceGroups", + "location": "westus", + "properties": { + "provisioningState": "Succeeded" + } + } + ] + } + } + } + } + ] +} \ No newline at end of file diff --git a/tools/c7n_azure/tests_azure/cassettes/SqlDatabaseTest.test_data_encryption_filter.json b/tools/c7n_azure/tests_azure/cassettes/SqlDatabaseTest.test_data_encryption_filter.json new file mode 100644 index 00000000000..e98b5daed0a --- /dev/null +++ b/tools/c7n_azure/tests_azure/cassettes/SqlDatabaseTest.test_data_encryption_filter.json @@ -0,0 +1,310 @@ +{ + "version": 1, + "interactions": [ + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Sql/servers?api-version=2019-06-01-preview", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "content-type": [ + "application/json; charset=utf-8" + ], + "cache-control": [ + "no-cache" + ], + "date": [ + "Wed, 21 Apr 2021 17:39:34 GMT" + ], + "content-length": [ + "492" + ] + }, + "body": { + "data": { + "value": [ + { + "kind": "v12.0", + "properties": { + "administratorLogin": "custodian", + "version": "12.0", + "state": "Ready", + "fullyQualifiedDomainName": "cctestsqlservertqtfgpqzllch4.database.windows.net", + "privateEndpointConnections": [], + "publicNetworkAccess": "Enabled" + }, + "location": "eastus2", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4", + "name": "cctestsqlservertqtfgpqzllch4", + "type": "Microsoft.Sql/servers" + } + ] + } + } + } + }, + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/databases?api-version=2017-10-01-preview", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "content-type": [ + "application/json; charset=utf-8" + ], + "cache-control": [ + "no-cache" + ], + "date": [ + "Wed, 21 Apr 2021 17:39:35 GMT" + ], + "content-length": [ + "2734" + ] + }, + "body": { + "data": { + "value": [ + { + "sku": { + "name": "Standard", + "tier": "Standard", + "capacity": 10 + }, + "kind": "v12.0,user", + "properties": { + "collation": "SQL_Latin1_General_CP1_CI_AS", + "maxSizeBytes": 268435456000, + "status": "Online", + "databaseId": "7af22fe1-cb5a-49f9-bdf0-638e0e9cbc9f", + "creationDate": "2021-04-21T15:14:57.6Z", + "currentServiceObjectiveName": "S0", + "requestedServiceObjectiveName": "S0", + "defaultSecondaryLocation": "centralus", + "catalogCollation": "SQL_Latin1_General_CP1_CI_AS", + "zoneRedundant": false, + "earliestRestoreDate": "2021-04-21T15:25:17Z", + "readScale": "Disabled", + "readReplicaCount": 0, + "currentSku": { + "name": "Standard", + "tier": "Standard", + "capacity": 10 + } + }, + "location": "eastus2", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/databases/cclongtermretentiondb", + "name": "cclongtermretentiondb", + "type": "Microsoft.Sql/servers/databases" + }, + { + "sku": { + "name": "Standard", + "tier": "Standard", + "capacity": 10 + }, + "kind": "v12.0,user", + "properties": { + "collation": "SQL_Latin1_General_CP1_CI_AS", + "maxSizeBytes": 2147483648, + "status": "Online", + "databaseId": "99338c6f-5608-4257-9861-0cdfa07417f0", + "creationDate": "2021-04-21T15:14:57.457Z", + "currentServiceObjectiveName": "S0", + "requestedServiceObjectiveName": "S0", + "defaultSecondaryLocation": "centralus", + "catalogCollation": "SQL_Latin1_General_CP1_CI_AS", + "zoneRedundant": false, + "earliestRestoreDate": "2021-04-21T15:25:07Z", + "readScale": "Disabled", + "readReplicaCount": 0, + "currentSku": { + "name": "Standard", + "tier": "Standard", + "capacity": 10 + } + }, + "location": "eastus2", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/databases/cctestdb", + "name": "cctestdb", + "type": "Microsoft.Sql/servers/databases" + }, + { + "sku": { + "name": "System", + "tier": "System", + "capacity": 0 + }, + "kind": "v12.0,system", + "managedBy": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4", + "properties": { + "collation": "SQL_Latin1_General_CP1_CI_AS", + "maxSizeBytes": 32212254720, + "status": "Online", + "databaseId": "f66fbb30-0835-4b16-b20c-537cfba87945", + "creationDate": "2021-04-21T15:13:00.593Z", + "currentServiceObjectiveName": "System0", + "requestedServiceObjectiveName": "System0", + "defaultSecondaryLocation": "centralus", + "catalogCollation": "SQL_Latin1_General_CP1_CI_AS", + "zoneRedundant": false, + "readScale": "Disabled", + "readReplicaCount": 0, + "currentSku": { + "name": "System", + "tier": "System", + "capacity": 0 + } + }, + "location": "eastus2", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/databases/master", + "name": "master", + "type": "Microsoft.Sql/servers/databases" + } + ] + } + } + } + }, + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/databases/cclongtermretentiondb/transparentDataEncryption/current?api-version=2014-04-01", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "date": [ + "Wed, 21 Apr 2021 17:39:35 GMT" + ], + "content-type": [ + "application/json; odata=minimalmetadata; streaming=true; charset=utf-8" + ], + "cache-control": [ + "no-store, no-cache" + ], + "dataserviceversion": [ + "3.0;" + ], + "content-length": [ + "358" + ] + }, + "body": { + "data": { + "name": "current", + "location": "East US 2", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/databases/cclongtermretentiondb/transparentDataEncryption/current", + "type": "Microsoft.Sql/servers/databases/transparentDataEncryption", + "properties": { + "status": "Enabled" + } + } + } + } + }, + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/databases/cctestdb/transparentDataEncryption/current?api-version=2014-04-01", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "date": [ + "Wed, 21 Apr 2021 17:39:35 GMT" + ], + "content-type": [ + "application/json; odata=minimalmetadata; streaming=true; charset=utf-8" + ], + "cache-control": [ + "no-store, no-cache" + ], + "dataserviceversion": [ + "3.0;" + ], + "content-length": [ + "345" + ] + }, + "body": { + "data": { + "name": "current", + "location": "East US 2", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/databases/cctestdb/transparentDataEncryption/current", + "type": "Microsoft.Sql/servers/databases/transparentDataEncryption", + "properties": { + "status": "Enabled" + } + } + } + } + }, + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/databases/master/transparentDataEncryption/current?api-version=2014-04-01", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "date": [ + "Wed, 21 Apr 2021 17:39:35 GMT" + ], + "content-type": [ + "application/json; odata=minimalmetadata; streaming=true; charset=utf-8" + ], + "cache-control": [ + "no-store, no-cache" + ], + "dataserviceversion": [ + "3.0;" + ], + "content-length": [ + "344" + ] + }, + "body": { + "data": { + "name": "current", + "location": "East US 2", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/databases/master/transparentDataEncryption/current", + "type": "Microsoft.Sql/servers/databases/transparentDataEncryption", + "properties": { + "status": "Disabled" + } + } + } + } + } + ] +} \ No newline at end of file diff --git a/tools/c7n_azure/tests_azure/cassettes/SqlDatabaseTest.test_data_masking_filter.json b/tools/c7n_azure/tests_azure/cassettes/SqlDatabaseTest.test_data_masking_filter.json new file mode 100644 index 00000000000..9e3671377f0 --- /dev/null +++ b/tools/c7n_azure/tests_azure/cassettes/SqlDatabaseTest.test_data_masking_filter.json @@ -0,0 +1,252 @@ +{ + "version": 1, + "interactions": [ + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Sql/servers?api-version=2019-06-01-preview", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "date": [ + "Fri, 30 Apr 2021 16:48:58 GMT" + ], + "content-type": [ + "application/json; charset=utf-8" + ], + "cache-control": [ + "no-cache" + ], + "content-length": [ + "1200" + ] + }, + "body": { + "data": { + "value": [ + { + "identity": { + "principalId": "5558ad35-b8e7-45a7-9c6e-a493baa9e5cb", + "type": "SystemAssigned", + "tenantId": "00000000-0000-0000-0000-000000000003" + }, + "kind": "v12.0", + "properties": { + "administratorLogin": "custodian", + "version": "12.0", + "state": "Ready", + "fullyQualifiedDomainName": "cctestsqlservertqtfgpqzllch4.database.windows.net", + "privateEndpointConnections": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/privateEndpointConnections/test123-33f26040-5de1-486a-9b76-a56f28a46a12", + "properties": { + "privateEndpoint": { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Network/privateEndpoints/test123" + }, + "privateLinkServiceConnectionState": { + "status": "Approved", + "description": "Auto-approved", + "actionsRequired": "None" + }, + "provisioningState": "Ready" + } + } + ], + "minimalTlsVersion": "1.2", + "publicNetworkAccess": "Disabled" + }, + "location": "eastus2", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4", + "name": "cctestsqlservertqtfgpqzllch4", + "type": "Microsoft.Sql/servers" + } + ] + } + } + } + }, + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/databases?api-version=2017-10-01-preview", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "date": [ + "Fri, 30 Apr 2021 16:48:59 GMT" + ], + "content-type": [ + "application/json; charset=utf-8" + ], + "cache-control": [ + "no-cache" + ], + "content-length": [ + "2734" + ] + }, + "body": { + "data": { + "value": [ + { + "sku": { + "name": "Standard", + "tier": "Standard", + "capacity": 10 + }, + "kind": "v12.0,user", + "properties": { + "collation": "SQL_Latin1_General_CP1_CI_AS", + "maxSizeBytes": 268435456000, + "status": "Online", + "databaseId": "7af22fe1-cb5a-49f9-bdf0-638e0e9cbc9f", + "creationDate": "2021-04-21T15:14:57.6Z", + "currentServiceObjectiveName": "S0", + "requestedServiceObjectiveName": "S0", + "defaultSecondaryLocation": "centralus", + "catalogCollation": "SQL_Latin1_General_CP1_CI_AS", + "zoneRedundant": false, + "earliestRestoreDate": "2021-04-21T15:25:17Z", + "readScale": "Disabled", + "readReplicaCount": 0, + "currentSku": { + "name": "Standard", + "tier": "Standard", + "capacity": 10 + } + }, + "location": "eastus2", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/databases/cclongtermretentiondb", + "name": "cclongtermretentiondb", + "type": "Microsoft.Sql/servers/databases" + }, + { + "sku": { + "name": "Standard", + "tier": "Standard", + "capacity": 10 + }, + "kind": "v12.0,user", + "properties": { + "collation": "SQL_Latin1_General_CP1_CI_AS", + "maxSizeBytes": 2147483648, + "status": "Online", + "databaseId": "99338c6f-5608-4257-9861-0cdfa07417f0", + "creationDate": "2021-04-21T15:14:57.457Z", + "currentServiceObjectiveName": "S0", + "requestedServiceObjectiveName": "S0", + "defaultSecondaryLocation": "centralus", + "catalogCollation": "SQL_Latin1_General_CP1_CI_AS", + "zoneRedundant": false, + "earliestRestoreDate": "2021-04-21T15:25:07Z", + "readScale": "Disabled", + "readReplicaCount": 0, + "currentSku": { + "name": "Standard", + "tier": "Standard", + "capacity": 10 + } + }, + "location": "eastus2", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/databases/cctestdb", + "name": "cctestdb", + "type": "Microsoft.Sql/servers/databases" + }, + { + "sku": { + "name": "System", + "tier": "System", + "capacity": 0 + }, + "kind": "v12.0,system", + "managedBy": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4", + "properties": { + "collation": "SQL_Latin1_General_CP1_CI_AS", + "maxSizeBytes": 32212254720, + "status": "Online", + "databaseId": "f66fbb30-0835-4b16-b20c-537cfba87945", + "creationDate": "2021-04-21T15:13:00.593Z", + "currentServiceObjectiveName": "System0", + "requestedServiceObjectiveName": "System0", + "defaultSecondaryLocation": "centralus", + "catalogCollation": "SQL_Latin1_General_CP1_CI_AS", + "zoneRedundant": false, + "readScale": "Disabled", + "readReplicaCount": 0, + "currentSku": { + "name": "System", + "tier": "System", + "capacity": 0 + } + }, + "location": "eastus2", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/databases/master", + "name": "master", + "type": "Microsoft.Sql/servers/databases" + } + ] + } + } + } + }, + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/databases/cctestdb/dataMaskingPolicies/Default?api-version=2014-04-01", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "date": [ + "Fri, 30 Apr 2021 16:48:59 GMT" + ], + "content-type": [ + "application/json; odata=minimalmetadata; streaming=true; charset=utf-8" + ], + "dataserviceversion": [ + "3.0;" + ], + "cache-control": [ + "no-store, no-cache" + ], + "content-length": [ + "599" + ] + }, + "body": { + "data": { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/databases/cctestdb/dataMaskingPolicies/Default", + "name": "Default", + "type": "Microsoft.Sql/servers/databases/dataMaskingPolicies", + "location": "East US 2", + "kind": null, + "managedBy": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/databases/cctestdb", + "properties": { + "dataMaskingState": "Disabled", + "applicationPrincipals": "", + "exemptPrincipals": "", + "maskingLevel": "" + } + } + } + } + } + ] +} \ No newline at end of file diff --git a/tools/c7n_azure/tests_azure/cassettes/SqlServerTest.administrators.json b/tools/c7n_azure/tests_azure/cassettes/SqlServerTest.administrators.json new file mode 100644 index 00000000000..69f93c2a6d2 --- /dev/null +++ b/tools/c7n_azure/tests_azure/cassettes/SqlServerTest.administrators.json @@ -0,0 +1,87 @@ +{ + "version": 1, + "interactions": [ + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Sql/servers?api-version=2019-06-01-preview", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "cache-control": [ + "no-cache" + ], + "content-type": [ + "application/json; charset=utf-8" + ], + "date": [ + "Wed, 21 Apr 2021 18:58:56 GMT" + ], + "content-length": [ + "492" + ] + }, + "body": { + "data": { + "value": [ + { + "kind": "v12.0", + "properties": { + "administratorLogin": "custodian", + "version": "12.0", + "state": "Ready", + "fullyQualifiedDomainName": "cctestsqlservertqtfgpqzllch4.database.windows.net", + "privateEndpointConnections": [], + "publicNetworkAccess": "Enabled" + }, + "location": "eastus2", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4", + "name": "cctestsqlservertqtfgpqzllch4", + "type": "Microsoft.Sql/servers" + } + ] + } + } + } + }, + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/administrators?api-version=2019-06-01-preview", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "cache-control": [ + "no-cache" + ], + "content-type": [ + "application/json; charset=utf-8" + ], + "date": [ + "Wed, 21 Apr 2021 18:58:56 GMT" + ], + "content-length": [ + "12" + ] + }, + "body": { + "data": { + "value": [] + } + } + } + } + ] +} \ No newline at end of file diff --git a/tools/c7n_azure/tests_azure/cassettes/SqlServerTest.vulnerability-scan.json b/tools/c7n_azure/tests_azure/cassettes/SqlServerTest.vulnerability-scan.json new file mode 100644 index 00000000000..550d47872e2 --- /dev/null +++ b/tools/c7n_azure/tests_azure/cassettes/SqlServerTest.vulnerability-scan.json @@ -0,0 +1,120 @@ +{ + "version": 1, + "interactions": [ + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Sql/servers?api-version=2019-06-01-preview", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "date": [ + "Mon, 26 Apr 2021 17:15:44 GMT" + ], + "cache-control": [ + "no-cache" + ], + "content-type": [ + "application/json; charset=utf-8" + ], + "content-length": [ + "1200" + ] + }, + "body": { + "data": { + "value": [ + { + "identity": { + "principalId": "5558ad35-b8e7-45a7-9c6e-a493baa9e5cb", + "type": "SystemAssigned", + "tenantId": "00000000-0000-0000-0000-000000000003" + }, + "kind": "v12.0", + "properties": { + "administratorLogin": "custodian", + "version": "12.0", + "state": "Ready", + "fullyQualifiedDomainName": "cctestsqlservertqtfgpqzllch4.database.windows.net", + "privateEndpointConnections": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/privateEndpointConnections/test123-33f26040-5de1-486a-9b76-a56f28a46a12", + "properties": { + "privateEndpoint": { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Network/privateEndpoints/test123" + }, + "privateLinkServiceConnectionState": { + "status": "Approved", + "description": "Auto-approved", + "actionsRequired": "None" + }, + "provisioningState": "Ready" + } + } + ], + "minimalTlsVersion": "1.2", + "publicNetworkAccess": "Disabled" + }, + "location": "eastus2", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4", + "name": "cctestsqlservertqtfgpqzllch4", + "type": "Microsoft.Sql/servers" + } + ] + } + } + } + }, + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/vulnerabilityAssessments?api-version=2018-06-01-preview", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "date": [ + "Mon, 26 Apr 2021 17:15:44 GMT" + ], + "cache-control": [ + "no-cache" + ], + "content-type": [ + "application/json; charset=utf-8" + ], + "content-length": [ + "352" + ] + }, + "body": { + "data": { + "value": [ + { + "properties": { + "recurringScans": { + "isEnabled": false, + "emailSubscriptionAdmins": true + } + }, + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_sqlserver/providers/Microsoft.Sql/servers/cctestsqlservertqtfgpqzllch4/vulnerabilityAssessments/Default", + "name": "Default", + "type": "Microsoft.Sql/servers/vulnerabilityAssessments" + } + ] + } + } + } + } + ] +} \ No newline at end of file diff --git a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_delete.json b/tools/c7n_azure/tests_azure/cassettes/VMTest.test_delete.json deleted file mode 100644 index 77c6cd9e68e..00000000000 --- a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_delete.json +++ /dev/null @@ -1,401 +0,0 @@ -{ - "version": 1, - "interactions": [ - { - "request": { - "method": "GET", - "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Compute/virtualMachines?api-version=2019-03-01", - "body": null, - "headers": {} - }, - "response": { - "status": { - "code": 200, - "message": "OK" - }, - "headers": { - "content-type": [ - "application/json; charset=utf-8" - ], - "date": [ - "Thu, 02 May 2019 19:43:58 GMT" - ], - "x-ms-ratelimit-remaining-resource": [ - "Microsoft.Compute/HighCostGet3Min;118,Microsoft.Compute/HighCostGet30Min;657" - ], - "cache-control": [ - "no-cache" - ], - "content-length": [ - "14723" - ] - }, - "body": { - "data": { - "value": [ - { - "properties": { - "vmId": "05cdf281-8281-4faf-8cad-4bd7b7c3b0d5", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-0-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-0-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-0", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-0" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-0/extensions/cse0" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-0", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-0", - "name": "k8s-agent-C02B7042-0" - }, - { - "properties": { - "vmId": "2a42a751-5265-4a02-8ff6-f5d605b56b69", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-1-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-1-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-1", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-1" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-1/extensions/cse1" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-1", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-1", - "name": "k8s-agent-C02B7042-1" - }, - { - "properties": { - "vmId": "6b40927a-e9fb-4818-8e3f-6070ec173080", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-2-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-2-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-2", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-2" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-2/extensions/cse2" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-2", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-2", - "name": "k8s-agent-C02B7042-2" - }, - { - "properties": { - "vmId": "c030580e-cd45-4663-8379-850852e307ff", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/MASTER-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-master-C02B7042-0-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://usm2nughsm6pomstr0.blob.core.windows.net/vhds/k8s-master-C02B7042-0-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "k8s-master-C02B7042-0-etcddisk", - "createOption": "Empty", - "vhd": { - "uri": "https://usm2nughsm6pomstr0.blob.core.windows.net/vhds/k8s-master-C02B7042-0-etcddisk.vhd" - }, - "caching": "None", - "diskSizeGB": 128, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "k8s-master-C02B7042-0", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-master-C02B7042-nic-0" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-master-C02B7042-0/extensions/cse0" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-master-C02B7042-0", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "master", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-master-C02B7042-0", - "name": "k8s-master-C02B7042-0" - }, - { - "properties": { - "vmId": "e1182f4f-d46b-43c4-a797-feee1c1ae2bd", - "hardwareProfile": { - "vmSize": "Basic_A0" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04.0-LTS", - "version": "latest" - }, - "osDisk": { - "osType": "Linux", - "name": "cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2", - "createOption": "FromImage", - "caching": "ReadWrite", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2" - }, - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "cctestvm_disk2_977a393608a8458f960a28f8000151d7", - "createOption": "Empty", - "caching": "None", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_977a393608a8458f960a28f8000151d7" - }, - "diskSizeGB": 1023, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "vm45mqcga7pkswi", - "adminUsername": "testuser", - "linuxConfiguration": { - "disablePasswordAuthentication": false - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" - } - ] - }, - "diagnosticsProfile": { - "bootDiagnostics": { - "enabled": true, - "storageUri": "https://45mqcga7pkswisalinuxvm.blob.core.windows.net/" - } - }, - "provisioningState": "Succeeded" - }, - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "testtag": "testvalue", - "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", - "name": "cctestvm" - } - ] - } - } - } - } - ] -} \ No newline at end of file diff --git a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_find_by_name.json b/tools/c7n_azure/tests_azure/cassettes/VMTest.test_find_by_name.json deleted file mode 100644 index 8d1f5e809f6..00000000000 --- a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_find_by_name.json +++ /dev/null @@ -1,401 +0,0 @@ -{ - "version": 1, - "interactions": [ - { - "request": { - "method": "GET", - "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Compute/virtualMachines?api-version=2019-03-01", - "body": null, - "headers": {} - }, - "response": { - "status": { - "code": 200, - "message": "OK" - }, - "headers": { - "content-type": [ - "application/json; charset=utf-8" - ], - "date": [ - "Thu, 02 May 2019 19:43:58 GMT" - ], - "x-ms-ratelimit-remaining-resource": [ - "Microsoft.Compute/HighCostGet3Min;117,Microsoft.Compute/HighCostGet30Min;656" - ], - "cache-control": [ - "no-cache" - ], - "content-length": [ - "14723" - ] - }, - "body": { - "data": { - "value": [ - { - "properties": { - "vmId": "05cdf281-8281-4faf-8cad-4bd7b7c3b0d5", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-0-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-0-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-0", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-0" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-0/extensions/cse0" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-0", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-0", - "name": "k8s-agent-C02B7042-0" - }, - { - "properties": { - "vmId": "2a42a751-5265-4a02-8ff6-f5d605b56b69", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-1-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-1-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-1", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-1" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-1/extensions/cse1" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-1", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-1", - "name": "k8s-agent-C02B7042-1" - }, - { - "properties": { - "vmId": "6b40927a-e9fb-4818-8e3f-6070ec173080", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-2-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-2-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-2", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-2" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-2/extensions/cse2" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-2", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-2", - "name": "k8s-agent-C02B7042-2" - }, - { - "properties": { - "vmId": "c030580e-cd45-4663-8379-850852e307ff", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/MASTER-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-master-C02B7042-0-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://usm2nughsm6pomstr0.blob.core.windows.net/vhds/k8s-master-C02B7042-0-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "k8s-master-C02B7042-0-etcddisk", - "createOption": "Empty", - "vhd": { - "uri": "https://usm2nughsm6pomstr0.blob.core.windows.net/vhds/k8s-master-C02B7042-0-etcddisk.vhd" - }, - "caching": "None", - "diskSizeGB": 128, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "k8s-master-C02B7042-0", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-master-C02B7042-nic-0" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-master-C02B7042-0/extensions/cse0" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-master-C02B7042-0", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "master", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-master-C02B7042-0", - "name": "k8s-master-C02B7042-0" - }, - { - "properties": { - "vmId": "e1182f4f-d46b-43c4-a797-feee1c1ae2bd", - "hardwareProfile": { - "vmSize": "Basic_A0" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04.0-LTS", - "version": "latest" - }, - "osDisk": { - "osType": "Linux", - "name": "cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2", - "createOption": "FromImage", - "caching": "ReadWrite", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2" - }, - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "cctestvm_disk2_977a393608a8458f960a28f8000151d7", - "createOption": "Empty", - "caching": "None", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_977a393608a8458f960a28f8000151d7" - }, - "diskSizeGB": 1023, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "vm45mqcga7pkswi", - "adminUsername": "testuser", - "linuxConfiguration": { - "disablePasswordAuthentication": false - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" - } - ] - }, - "diagnosticsProfile": { - "bootDiagnostics": { - "enabled": true, - "storageUri": "https://45mqcga7pkswisalinuxvm.blob.core.windows.net/" - } - }, - "provisioningState": "Succeeded" - }, - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "testtag": "testvalue", - "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", - "name": "cctestvm" - } - ] - } - } - } - } - ] -} \ No newline at end of file diff --git a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_find_running.json b/tools/c7n_azure/tests_azure/cassettes/VMTest.test_find_running.json deleted file mode 100644 index 9fc0f81e184..00000000000 --- a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_find_running.json +++ /dev/null @@ -1,564 +0,0 @@ -{ - "version": 1, - "interactions": [ - { - "request": { - "method": "GET", - "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Compute/virtualMachines?api-version=2019-03-01", - "body": null, - "headers": {} - }, - "response": { - "status": { - "code": 200, - "message": "OK" - }, - "headers": { - "content-type": [ - "application/json; charset=utf-8" - ], - "date": [ - "Thu, 02 May 2019 19:43:59 GMT" - ], - "x-ms-ratelimit-remaining-resource": [ - "Microsoft.Compute/HighCostGet3Min;116,Microsoft.Compute/HighCostGet30Min;655" - ], - "cache-control": [ - "no-cache" - ], - "content-length": [ - "14723" - ] - }, - "body": { - "data": { - "value": [ - { - "properties": { - "vmId": "05cdf281-8281-4faf-8cad-4bd7b7c3b0d5", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-0-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-0-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-0", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-0" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-0/extensions/cse0" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-0", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-0", - "name": "k8s-agent-C02B7042-0" - }, - { - "properties": { - "vmId": "2a42a751-5265-4a02-8ff6-f5d605b56b69", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-1-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-1-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-1", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-1" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-1/extensions/cse1" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-1", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-1", - "name": "k8s-agent-C02B7042-1" - }, - { - "properties": { - "vmId": "6b40927a-e9fb-4818-8e3f-6070ec173080", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-2-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-2-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-2", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-2" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-2/extensions/cse2" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-2", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-2", - "name": "k8s-agent-C02B7042-2" - }, - { - "properties": { - "vmId": "c030580e-cd45-4663-8379-850852e307ff", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/MASTER-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-master-C02B7042-0-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://usm2nughsm6pomstr0.blob.core.windows.net/vhds/k8s-master-C02B7042-0-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "k8s-master-C02B7042-0-etcddisk", - "createOption": "Empty", - "vhd": { - "uri": "https://usm2nughsm6pomstr0.blob.core.windows.net/vhds/k8s-master-C02B7042-0-etcddisk.vhd" - }, - "caching": "None", - "diskSizeGB": 128, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "k8s-master-C02B7042-0", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-master-C02B7042-nic-0" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-master-C02B7042-0/extensions/cse0" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-master-C02B7042-0", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "master", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-master-C02B7042-0", - "name": "k8s-master-C02B7042-0" - }, - { - "properties": { - "vmId": "e1182f4f-d46b-43c4-a797-feee1c1ae2bd", - "hardwareProfile": { - "vmSize": "Basic_A0" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04.0-LTS", - "version": "latest" - }, - "osDisk": { - "osType": "Linux", - "name": "cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2", - "createOption": "FromImage", - "caching": "ReadWrite", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2" - }, - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "cctestvm_disk2_977a393608a8458f960a28f8000151d7", - "createOption": "Empty", - "caching": "None", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_977a393608a8458f960a28f8000151d7" - }, - "diskSizeGB": 1023, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "vm45mqcga7pkswi", - "adminUsername": "testuser", - "linuxConfiguration": { - "disablePasswordAuthentication": false - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" - } - ] - }, - "diagnosticsProfile": { - "bootDiagnostics": { - "enabled": true, - "storageUri": "https://45mqcga7pkswisalinuxvm.blob.core.windows.net/" - } - }, - "provisioningState": "Succeeded" - }, - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "testtag": "testvalue", - "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", - "name": "cctestvm" - } - ] - } - } - } - }, - { - "request": { - "method": "GET", - "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm?$expand=instanceView&api-version=2019-03-01", - "body": null, - "headers": {} - }, - "response": { - "status": { - "code": 200, - "message": "OK" - }, - "headers": { - "content-type": [ - "application/json; charset=utf-8" - ], - "date": [ - "Thu, 02 May 2019 19:43:59 GMT" - ], - "x-ms-ratelimit-remaining-resource": [ - "Microsoft.Compute/LowCostGet3Min;3855,Microsoft.Compute/LowCostGet30Min;31098" - ], - "cache-control": [ - "no-cache" - ], - "content-length": [ - "4448" - ] - }, - "body": { - "data": { - "properties": { - "vmId": "e1182f4f-d46b-43c4-a797-feee1c1ae2bd", - "hardwareProfile": { - "vmSize": "Basic_A0" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04.0-LTS", - "version": "latest" - }, - "osDisk": { - "osType": "Linux", - "name": "cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2", - "createOption": "FromImage", - "caching": "ReadWrite", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2" - }, - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "cctestvm_disk2_977a393608a8458f960a28f8000151d7", - "createOption": "Empty", - "caching": "None", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_977a393608a8458f960a28f8000151d7" - }, - "diskSizeGB": 1023, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "vm45mqcga7pkswi", - "adminUsername": "testuser", - "linuxConfiguration": { - "disablePasswordAuthentication": false - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" - } - ] - }, - "diagnosticsProfile": { - "bootDiagnostics": { - "enabled": true, - "storageUri": "https://45mqcga7pkswisalinuxvm.blob.core.windows.net/" - } - }, - "provisioningState": "Succeeded", - "instanceView": { - "computerName": "vm45mqcga7pkswi", - "osName": "ubuntu", - "osVersion": "16.04", - "vmAgent": { - "vmAgentVersion": "2.2.40", - "statuses": [ - { - "code": "ProvisioningState/succeeded", - "level": "Info", - "displayStatus": "Ready", - "message": "Guest Agent is running", - "time": "2019-05-02T19:43:59+00:00" - } - ], - "extensionHandlers": [] - }, - "disks": [ - { - "name": "cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2", - "statuses": [ - { - "code": "ProvisioningState/succeeded", - "level": "Info", - "displayStatus": "Provisioning succeeded", - "time": "2019-05-01T22:24:01.6256725+00:00" - } - ] - }, - { - "name": "cctestvm_disk2_977a393608a8458f960a28f8000151d7", - "statuses": [ - { - "code": "ProvisioningState/succeeded", - "level": "Info", - "displayStatus": "Provisioning succeeded", - "time": "2019-05-01T22:24:01.6256725+00:00" - } - ] - } - ], - "bootDiagnostics": { - "consoleScreenshotBlobUri": "https://45mqcga7pkswisalinuxvm.blob.core.windows.net/bootdiagnostics-cctestvm-e1182f4f-d46b-43c4-a797-feee1c1ae2bd/cctestvm.e1182f4f-d46b-43c4-a797-feee1c1ae2bd.screenshot.bmp", - "serialConsoleLogBlobUri": "https://45mqcga7pkswisalinuxvm.blob.core.windows.net/bootdiagnostics-cctestvm-e1182f4f-d46b-43c4-a797-feee1c1ae2bd/cctestvm.e1182f4f-d46b-43c4-a797-feee1c1ae2bd.serialconsole.log" - }, - "statuses": [ - { - "code": "ProvisioningState/succeeded", - "level": "Info", - "displayStatus": "Provisioning succeeded", - "time": "2019-05-02T19:43:55.787248+00:00" - }, - { - "code": "PowerState/running", - "level": "Info", - "displayStatus": "VM running" - } - ] - } - }, - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "testtag": "testvalue", - "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", - "name": "cctestvm" - } - } - } - } - ] -} \ No newline at end of file diff --git a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_on_off_hours.json b/tools/c7n_azure/tests_azure/cassettes/VMTest.test_on_off_hours.json deleted file mode 100644 index f603e1967e9..00000000000 --- a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_on_off_hours.json +++ /dev/null @@ -1,797 +0,0 @@ -{ - "version": 1, - "interactions": [ - { - "request": { - "method": "GET", - "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Compute/virtualMachines?api-version=2019-03-01", - "body": null, - "headers": {} - }, - "response": { - "status": { - "code": 200, - "message": "OK" - }, - "headers": { - "content-type": [ - "application/json; charset=utf-8" - ], - "date": [ - "Thu, 02 May 2019 19:44:02 GMT" - ], - "x-ms-ratelimit-remaining-resource": [ - "Microsoft.Compute/HighCostGet3Min;117,Microsoft.Compute/HighCostGet30Min;652" - ], - "cache-control": [ - "no-cache" - ], - "content-length": [ - "14723" - ] - }, - "body": { - "data": { - "value": [ - { - "properties": { - "vmId": "05cdf281-8281-4faf-8cad-4bd7b7c3b0d5", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-0-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-0-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-0", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-0" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-0/extensions/cse0" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-0", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-0", - "name": "k8s-agent-C02B7042-0" - }, - { - "properties": { - "vmId": "2a42a751-5265-4a02-8ff6-f5d605b56b69", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-1-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-1-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-1", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-1" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-1/extensions/cse1" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-1", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-1", - "name": "k8s-agent-C02B7042-1" - }, - { - "properties": { - "vmId": "6b40927a-e9fb-4818-8e3f-6070ec173080", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-2-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-2-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-2", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-2" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-2/extensions/cse2" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-2", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-2", - "name": "k8s-agent-C02B7042-2" - }, - { - "properties": { - "vmId": "c030580e-cd45-4663-8379-850852e307ff", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/MASTER-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-master-C02B7042-0-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://usm2nughsm6pomstr0.blob.core.windows.net/vhds/k8s-master-C02B7042-0-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "k8s-master-C02B7042-0-etcddisk", - "createOption": "Empty", - "vhd": { - "uri": "https://usm2nughsm6pomstr0.blob.core.windows.net/vhds/k8s-master-C02B7042-0-etcddisk.vhd" - }, - "caching": "None", - "diskSizeGB": 128, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "k8s-master-C02B7042-0", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-master-C02B7042-nic-0" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-master-C02B7042-0/extensions/cse0" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-master-C02B7042-0", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "master", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-master-C02B7042-0", - "name": "k8s-master-C02B7042-0" - }, - { - "properties": { - "vmId": "e1182f4f-d46b-43c4-a797-feee1c1ae2bd", - "hardwareProfile": { - "vmSize": "Basic_A0" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04.0-LTS", - "version": "latest" - }, - "osDisk": { - "osType": "Linux", - "name": "cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2", - "createOption": "FromImage", - "caching": "ReadWrite", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2" - }, - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "cctestvm_disk2_977a393608a8458f960a28f8000151d7", - "createOption": "Empty", - "caching": "None", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_977a393608a8458f960a28f8000151d7" - }, - "diskSizeGB": 1023, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "vm45mqcga7pkswi", - "adminUsername": "testuser", - "linuxConfiguration": { - "disablePasswordAuthentication": false - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" - } - ] - }, - "diagnosticsProfile": { - "bootDiagnostics": { - "enabled": true, - "storageUri": "https://45mqcga7pkswisalinuxvm.blob.core.windows.net/" - } - }, - "provisioningState": "Succeeded" - }, - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "testtag": "testvalue", - "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", - "name": "cctestvm" - } - ] - } - } - } - }, - { - "request": { - "method": "GET", - "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Compute/virtualMachines?api-version=2019-03-01", - "body": null, - "headers": {} - }, - "response": { - "status": { - "code": 200, - "message": "OK" - }, - "headers": { - "content-type": [ - "application/json; charset=utf-8" - ], - "date": [ - "Thu, 02 May 2019 19:44:02 GMT" - ], - "x-ms-ratelimit-remaining-resource": [ - "Microsoft.Compute/HighCostGet3Min;116,Microsoft.Compute/HighCostGet30Min;651" - ], - "cache-control": [ - "no-cache" - ], - "content-length": [ - "14723" - ] - }, - "body": { - "data": { - "value": [ - { - "properties": { - "vmId": "05cdf281-8281-4faf-8cad-4bd7b7c3b0d5", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-0-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-0-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-0", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-0" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-0/extensions/cse0" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-0", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-0", - "name": "k8s-agent-C02B7042-0" - }, - { - "properties": { - "vmId": "2a42a751-5265-4a02-8ff6-f5d605b56b69", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-1-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-1-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-1", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-1" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-1/extensions/cse1" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-1", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-1", - "name": "k8s-agent-C02B7042-1" - }, - { - "properties": { - "vmId": "6b40927a-e9fb-4818-8e3f-6070ec173080", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-2-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-2-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-2", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-2" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-2/extensions/cse2" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-2", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-2", - "name": "k8s-agent-C02B7042-2" - }, - { - "properties": { - "vmId": "c030580e-cd45-4663-8379-850852e307ff", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/MASTER-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-master-C02B7042-0-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://usm2nughsm6pomstr0.blob.core.windows.net/vhds/k8s-master-C02B7042-0-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "k8s-master-C02B7042-0-etcddisk", - "createOption": "Empty", - "vhd": { - "uri": "https://usm2nughsm6pomstr0.blob.core.windows.net/vhds/k8s-master-C02B7042-0-etcddisk.vhd" - }, - "caching": "None", - "diskSizeGB": 128, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "k8s-master-C02B7042-0", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-master-C02B7042-nic-0" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-master-C02B7042-0/extensions/cse0" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-master-C02B7042-0", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "master", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-master-C02B7042-0", - "name": "k8s-master-C02B7042-0" - }, - { - "properties": { - "vmId": "e1182f4f-d46b-43c4-a797-feee1c1ae2bd", - "hardwareProfile": { - "vmSize": "Basic_A0" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04.0-LTS", - "version": "latest" - }, - "osDisk": { - "osType": "Linux", - "name": "cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2", - "createOption": "FromImage", - "caching": "ReadWrite", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2" - }, - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "cctestvm_disk2_977a393608a8458f960a28f8000151d7", - "createOption": "Empty", - "caching": "None", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_977a393608a8458f960a28f8000151d7" - }, - "diskSizeGB": 1023, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "vm45mqcga7pkswi", - "adminUsername": "testuser", - "linuxConfiguration": { - "disablePasswordAuthentication": false - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" - } - ] - }, - "diagnosticsProfile": { - "bootDiagnostics": { - "enabled": true, - "storageUri": "https://45mqcga7pkswisalinuxvm.blob.core.windows.net/" - } - }, - "provisioningState": "Succeeded" - }, - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "testtag": "testvalue", - "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", - "name": "cctestvm" - } - ] - } - } - } - } - ] -} \ No newline at end of file diff --git a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_poweroff.json b/tools/c7n_azure/tests_azure/cassettes/VMTest.test_poweroff.json deleted file mode 100644 index c10d56bf1de..00000000000 --- a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_poweroff.json +++ /dev/null @@ -1,401 +0,0 @@ -{ - "version": 1, - "interactions": [ - { - "request": { - "method": "GET", - "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Compute/virtualMachines?api-version=2019-03-01", - "body": null, - "headers": {} - }, - "response": { - "status": { - "code": 200, - "message": "OK" - }, - "headers": { - "content-type": [ - "application/json; charset=utf-8" - ], - "date": [ - "Thu, 02 May 2019 19:44:03 GMT" - ], - "x-ms-ratelimit-remaining-resource": [ - "Microsoft.Compute/HighCostGet3Min;115,Microsoft.Compute/HighCostGet30Min;650" - ], - "cache-control": [ - "no-cache" - ], - "content-length": [ - "14723" - ] - }, - "body": { - "data": { - "value": [ - { - "properties": { - "vmId": "05cdf281-8281-4faf-8cad-4bd7b7c3b0d5", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-0-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-0-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-0", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-0" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-0/extensions/cse0" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-0", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-0", - "name": "k8s-agent-C02B7042-0" - }, - { - "properties": { - "vmId": "2a42a751-5265-4a02-8ff6-f5d605b56b69", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-1-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-1-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-1", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-1" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-1/extensions/cse1" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-1", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-1", - "name": "k8s-agent-C02B7042-1" - }, - { - "properties": { - "vmId": "6b40927a-e9fb-4818-8e3f-6070ec173080", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-2-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-2-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-2", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-2" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-2/extensions/cse2" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-2", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-2", - "name": "k8s-agent-C02B7042-2" - }, - { - "properties": { - "vmId": "c030580e-cd45-4663-8379-850852e307ff", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/MASTER-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-master-C02B7042-0-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://usm2nughsm6pomstr0.blob.core.windows.net/vhds/k8s-master-C02B7042-0-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "k8s-master-C02B7042-0-etcddisk", - "createOption": "Empty", - "vhd": { - "uri": "https://usm2nughsm6pomstr0.blob.core.windows.net/vhds/k8s-master-C02B7042-0-etcddisk.vhd" - }, - "caching": "None", - "diskSizeGB": 128, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "k8s-master-C02B7042-0", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-master-C02B7042-nic-0" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-master-C02B7042-0/extensions/cse0" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-master-C02B7042-0", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "master", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-master-C02B7042-0", - "name": "k8s-master-C02B7042-0" - }, - { - "properties": { - "vmId": "e1182f4f-d46b-43c4-a797-feee1c1ae2bd", - "hardwareProfile": { - "vmSize": "Basic_A0" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04.0-LTS", - "version": "latest" - }, - "osDisk": { - "osType": "Linux", - "name": "cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2", - "createOption": "FromImage", - "caching": "ReadWrite", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2" - }, - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "cctestvm_disk2_977a393608a8458f960a28f8000151d7", - "createOption": "Empty", - "caching": "None", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_977a393608a8458f960a28f8000151d7" - }, - "diskSizeGB": 1023, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "vm45mqcga7pkswi", - "adminUsername": "testuser", - "linuxConfiguration": { - "disablePasswordAuthentication": false - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" - } - ] - }, - "diagnosticsProfile": { - "bootDiagnostics": { - "enabled": true, - "storageUri": "https://45mqcga7pkswisalinuxvm.blob.core.windows.net/" - } - }, - "provisioningState": "Succeeded" - }, - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "testtag": "testvalue", - "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", - "name": "cctestvm" - } - ] - } - } - } - } - ] -} \ No newline at end of file diff --git a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_restart.json b/tools/c7n_azure/tests_azure/cassettes/VMTest.test_restart.json deleted file mode 100644 index ff361cbd64c..00000000000 --- a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_restart.json +++ /dev/null @@ -1,401 +0,0 @@ -{ - "version": 1, - "interactions": [ - { - "request": { - "method": "GET", - "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Compute/virtualMachines?api-version=2019-03-01", - "body": null, - "headers": {} - }, - "response": { - "status": { - "code": 200, - "message": "OK" - }, - "headers": { - "content-type": [ - "application/json; charset=utf-8" - ], - "date": [ - "Thu, 02 May 2019 19:44:03 GMT" - ], - "x-ms-ratelimit-remaining-resource": [ - "Microsoft.Compute/HighCostGet3Min;114,Microsoft.Compute/HighCostGet30Min;649" - ], - "cache-control": [ - "no-cache" - ], - "content-length": [ - "14723" - ] - }, - "body": { - "data": { - "value": [ - { - "properties": { - "vmId": "05cdf281-8281-4faf-8cad-4bd7b7c3b0d5", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-0-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-0-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-0", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-0" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-0/extensions/cse0" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-0", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-0", - "name": "k8s-agent-C02B7042-0" - }, - { - "properties": { - "vmId": "2a42a751-5265-4a02-8ff6-f5d605b56b69", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-1-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-1-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-1", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-1" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-1/extensions/cse1" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-1", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-1", - "name": "k8s-agent-C02B7042-1" - }, - { - "properties": { - "vmId": "6b40927a-e9fb-4818-8e3f-6070ec173080", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-2-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-2-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-2", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-2" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-2/extensions/cse2" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-2", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-2", - "name": "k8s-agent-C02B7042-2" - }, - { - "properties": { - "vmId": "c030580e-cd45-4663-8379-850852e307ff", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/MASTER-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-master-C02B7042-0-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://usm2nughsm6pomstr0.blob.core.windows.net/vhds/k8s-master-C02B7042-0-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "k8s-master-C02B7042-0-etcddisk", - "createOption": "Empty", - "vhd": { - "uri": "https://usm2nughsm6pomstr0.blob.core.windows.net/vhds/k8s-master-C02B7042-0-etcddisk.vhd" - }, - "caching": "None", - "diskSizeGB": 128, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "k8s-master-C02B7042-0", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-master-C02B7042-nic-0" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-master-C02B7042-0/extensions/cse0" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-master-C02B7042-0", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "master", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-master-C02B7042-0", - "name": "k8s-master-C02B7042-0" - }, - { - "properties": { - "vmId": "e1182f4f-d46b-43c4-a797-feee1c1ae2bd", - "hardwareProfile": { - "vmSize": "Basic_A0" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04.0-LTS", - "version": "latest" - }, - "osDisk": { - "osType": "Linux", - "name": "cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2", - "createOption": "FromImage", - "caching": "ReadWrite", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2" - }, - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "cctestvm_disk2_977a393608a8458f960a28f8000151d7", - "createOption": "Empty", - "caching": "None", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_977a393608a8458f960a28f8000151d7" - }, - "diskSizeGB": 1023, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "vm45mqcga7pkswi", - "adminUsername": "testuser", - "linuxConfiguration": { - "disablePasswordAuthentication": false - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" - } - ] - }, - "diagnosticsProfile": { - "bootDiagnostics": { - "enabled": true, - "storageUri": "https://45mqcga7pkswisalinuxvm.blob.core.windows.net/" - } - }, - "provisioningState": "Succeeded" - }, - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "testtag": "testvalue", - "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", - "name": "cctestvm" - } - ] - } - } - } - } - ] -} \ No newline at end of file diff --git a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_start.json b/tools/c7n_azure/tests_azure/cassettes/VMTest.test_start.json deleted file mode 100644 index 03a95e1ab08..00000000000 --- a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_start.json +++ /dev/null @@ -1,401 +0,0 @@ -{ - "version": 1, - "interactions": [ - { - "request": { - "method": "GET", - "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Compute/virtualMachines?api-version=2019-03-01", - "body": null, - "headers": {} - }, - "response": { - "status": { - "code": 200, - "message": "OK" - }, - "headers": { - "content-type": [ - "application/json; charset=utf-8" - ], - "date": [ - "Thu, 02 May 2019 19:44:04 GMT" - ], - "x-ms-ratelimit-remaining-resource": [ - "Microsoft.Compute/HighCostGet3Min;113,Microsoft.Compute/HighCostGet30Min;648" - ], - "cache-control": [ - "no-cache" - ], - "content-length": [ - "14723" - ] - }, - "body": { - "data": { - "value": [ - { - "properties": { - "vmId": "05cdf281-8281-4faf-8cad-4bd7b7c3b0d5", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-0-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-0-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-0", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-0" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-0/extensions/cse0" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-0", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-0", - "name": "k8s-agent-C02B7042-0" - }, - { - "properties": { - "vmId": "2a42a751-5265-4a02-8ff6-f5d605b56b69", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-1-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-1-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-1", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-1" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-1/extensions/cse1" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-1", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-1", - "name": "k8s-agent-C02B7042-1" - }, - { - "properties": { - "vmId": "6b40927a-e9fb-4818-8e3f-6070ec173080", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-2-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-2-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-2", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-2" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-2/extensions/cse2" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-2", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-2", - "name": "k8s-agent-C02B7042-2" - }, - { - "properties": { - "vmId": "c030580e-cd45-4663-8379-850852e307ff", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/MASTER-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-master-C02B7042-0-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://usm2nughsm6pomstr0.blob.core.windows.net/vhds/k8s-master-C02B7042-0-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "k8s-master-C02B7042-0-etcddisk", - "createOption": "Empty", - "vhd": { - "uri": "https://usm2nughsm6pomstr0.blob.core.windows.net/vhds/k8s-master-C02B7042-0-etcddisk.vhd" - }, - "caching": "None", - "diskSizeGB": 128, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "k8s-master-C02B7042-0", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-master-C02B7042-nic-0" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-master-C02B7042-0/extensions/cse0" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-master-C02B7042-0", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "master", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-master-C02B7042-0", - "name": "k8s-master-C02B7042-0" - }, - { - "properties": { - "vmId": "e1182f4f-d46b-43c4-a797-feee1c1ae2bd", - "hardwareProfile": { - "vmSize": "Basic_A0" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04.0-LTS", - "version": "latest" - }, - "osDisk": { - "osType": "Linux", - "name": "cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2", - "createOption": "FromImage", - "caching": "ReadWrite", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2" - }, - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "cctestvm_disk2_977a393608a8458f960a28f8000151d7", - "createOption": "Empty", - "caching": "None", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_977a393608a8458f960a28f8000151d7" - }, - "diskSizeGB": 1023, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "vm45mqcga7pkswi", - "adminUsername": "testuser", - "linuxConfiguration": { - "disablePasswordAuthentication": false - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" - } - ] - }, - "diagnosticsProfile": { - "bootDiagnostics": { - "enabled": true, - "storageUri": "https://45mqcga7pkswisalinuxvm.blob.core.windows.net/" - } - }, - "provisioningState": "Succeeded" - }, - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "testtag": "testvalue", - "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", - "name": "cctestvm" - } - ] - } - } - } - } - ] -} \ No newline at end of file diff --git a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_stop.json b/tools/c7n_azure/tests_azure/cassettes/VMTest.test_stop.json deleted file mode 100644 index 47d2ec4c3d1..00000000000 --- a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_stop.json +++ /dev/null @@ -1,401 +0,0 @@ -{ - "version": 1, - "interactions": [ - { - "request": { - "method": "GET", - "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Compute/virtualMachines?api-version=2019-03-01", - "body": null, - "headers": {} - }, - "response": { - "status": { - "code": 200, - "message": "OK" - }, - "headers": { - "content-type": [ - "application/json; charset=utf-8" - ], - "date": [ - "Thu, 02 May 2019 19:44:05 GMT" - ], - "x-ms-ratelimit-remaining-resource": [ - "Microsoft.Compute/HighCostGet3Min;112,Microsoft.Compute/HighCostGet30Min;647" - ], - "cache-control": [ - "no-cache" - ], - "content-length": [ - "14723" - ] - }, - "body": { - "data": { - "value": [ - { - "properties": { - "vmId": "05cdf281-8281-4faf-8cad-4bd7b7c3b0d5", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-0-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-0-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-0", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-0" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-0/extensions/cse0" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-0", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-0", - "name": "k8s-agent-C02B7042-0" - }, - { - "properties": { - "vmId": "2a42a751-5265-4a02-8ff6-f5d605b56b69", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-1-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-1-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-1", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-1" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-1/extensions/cse1" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-1", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-1", - "name": "k8s-agent-C02B7042-1" - }, - { - "properties": { - "vmId": "6b40927a-e9fb-4818-8e3f-6070ec173080", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/AGENT-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-agent-C02B7042-2-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://00usm2nughsm6poagnt0.blob.core.windows.net/osdisk/k8s-agent-C02B7042-2-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [] - }, - "osProfile": { - "computerName": "k8s-agent-C02B7042-2", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-agent-C02B7042-nic-2" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-2/extensions/cse2" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-agent-C02B7042-2", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "agent", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-agent-C02B7042-2", - "name": "k8s-agent-C02B7042-2" - }, - { - "properties": { - "vmId": "c030580e-cd45-4663-8379-850852e307ff", - "availabilitySet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/availabilitySets/MASTER-AVAILABILITYSET-C02B7042" - }, - "hardwareProfile": { - "vmSize": "Standard_D2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04-LTS", - "version": "16.04.201708151" - }, - "osDisk": { - "osType": "Linux", - "name": "k8s-master-C02B7042-0-osdisk", - "createOption": "FromImage", - "vhd": { - "uri": "https://usm2nughsm6pomstr0.blob.core.windows.net/vhds/k8s-master-C02B7042-0-osdisk.vhd" - }, - "caching": "ReadWrite", - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "k8s-master-C02B7042-0-etcddisk", - "createOption": "Empty", - "vhd": { - "uri": "https://usm2nughsm6pomstr0.blob.core.windows.net/vhds/k8s-master-C02B7042-0-etcddisk.vhd" - }, - "caching": "None", - "diskSizeGB": 128, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "k8s-master-C02B7042-0", - "adminUsername": "azureuser", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "ssh": { - "publicKeys": [ - { - "path": "/home/azureuser/.ssh/authorized_keys", - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu+HeCwOjvMmh3oL29xkt9RLmMnNI7OXqkEKeAC2k3TmywKhPe81IoB+BjJdURne0oamHHp7QwVVff1rOPsT0+Df0u0xzMPKzY6yq5RZy7ClNcptVTQxBYVRuNLoTqgvH79OnlLVHjU6ANtgMj+gC5ZPDyaou8v8V9zaFALcmaGxIPEwquuQBy9XHeYPgQyiVSrmRvL3ZX7hOdxAvqc3nHY8T5d96ojhvk1nXaOaewNELBeD4SfpqV96xtMsOWkdIrQdfiqmO0oTxDms+Ky/RuphhUlrd8XOdqEuaWvGLTK2y1KkdgHfdoe5LWdQAW7H8YHb5EgcqvBX+5wIj+ncHT" - } - ] - } - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_containerservice/providers/Microsoft.Network/networkInterfaces/k8s-master-C02B7042-nic-0" - } - ] - }, - "provisioningState": "Succeeded" - }, - "resources": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-master-C02B7042-0/extensions/cse0" - } - ], - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "creationSource": "acs-k8s-master-C02B7042-0", - "orchestrator": "Kubernetes:1.7.7", - "poolName": "master", - "resourceNameSuffix": "C02B7042" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_CONTAINERSERVICE/providers/Microsoft.Compute/virtualMachines/k8s-master-C02B7042-0", - "name": "k8s-master-C02B7042-0" - }, - { - "properties": { - "vmId": "e1182f4f-d46b-43c4-a797-feee1c1ae2bd", - "hardwareProfile": { - "vmSize": "Basic_A0" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04.0-LTS", - "version": "latest" - }, - "osDisk": { - "osType": "Linux", - "name": "cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2", - "createOption": "FromImage", - "caching": "ReadWrite", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2" - }, - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "cctestvm_disk2_977a393608a8458f960a28f8000151d7", - "createOption": "Empty", - "caching": "None", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_977a393608a8458f960a28f8000151d7" - }, - "diskSizeGB": 1023, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "vm45mqcga7pkswi", - "adminUsername": "testuser", - "linuxConfiguration": { - "disablePasswordAuthentication": false - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" - } - ] - }, - "diagnosticsProfile": { - "bootDiagnostics": { - "enabled": true, - "storageUri": "https://45mqcga7pkswisalinuxvm.blob.core.windows.net/" - } - }, - "provisioningState": "Succeeded" - }, - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "testtag": "testvalue", - "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", - "name": "cctestvm" - } - ] - } - } - } - } - ] -} \ No newline at end of file diff --git a/tools/c7n_azure/tests_azure/cassettes/VMTest.virtual_machine.json b/tools/c7n_azure/tests_azure/cassettes/VMTest.virtual_machine.json new file mode 100644 index 00000000000..c6e03cccabf --- /dev/null +++ b/tools/c7n_azure/tests_azure/cassettes/VMTest.virtual_machine.json @@ -0,0 +1,123 @@ +{ + "version": 1, + "interactions": [ + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Compute/virtualMachines?api-version=2020-12-01", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "cache-control": [ + "no-cache" + ], + "content-type": [ + "application/json; charset=utf-8" + ], + "content-length": [ + "7019" + ], + "date": [ + "Mon, 24 May 2021 14:41:52 GMT" + ], + "x-ms-original-request-ids": [ + "04820a56-2374-430d-8be4-3fd61d5c3351", + "648b5e18-6b70-45fc-a953-1d70e65ba801" + ] + }, + "body": { + "data": { + "value": [ + { + "name": "cctestvm", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", + "type": "Microsoft.Compute/virtualMachines", + "location": "southcentralus", + "tags": { + "testtag": "testvalue", + "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" + }, + "properties": { + "vmId": "f6a6b9b2-9b99-45b0-8a18-025998fc74d0", + "hardwareProfile": { + "vmSize": "Standard_A1_v2" + }, + "storageProfile": { + "imageReference": { + "publisher": "Canonical", + "offer": "UbuntuServer", + "sku": "16.04.0-LTS", + "version": "latest", + "exactVersion": "16.04.202104290" + }, + "osDisk": { + "osType": "Linux", + "name": "cctestvm_OsDisk_1_517889dc284d4327990247d6d933e390", + "createOption": "FromImage", + "caching": "ReadWrite", + "managedDisk": { + "storageAccountType": "Standard_LRS", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_517889dc284d4327990247d6d933e390" + }, + "diskSizeGB": 30 + }, + "dataDisks": [ + { + "lun": 0, + "name": "cctestvm_disk2_c891bbcef098417b9c9eaed9b8af5e86", + "createOption": "Empty", + "caching": "None", + "managedDisk": { + "storageAccountType": "Standard_LRS", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_c891bbcef098417b9c9eaed9b8af5e86" + }, + "diskSizeGB": 1023, + "toBeDetached": false + } + ] + }, + "osProfile": { + "computerName": "vmmilaytvhe7nwq", + "adminUsername": "testuser", + "linuxConfiguration": { + "disablePasswordAuthentication": false, + "patchSettings": { + "patchMode": "ImageDefault" + } + }, + "secrets": [] + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" + } + ] + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true, + "storageUri": "https://milaytvhe7nwqsalinuxvm.blob.core.windows.net/" + } + }, + "provisioningState": "Succeeded" + }, + "resources": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm/extensions/script1" + } + ] + } + ] + } + } + } + } + ] +} \ No newline at end of file diff --git a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_resize.json b/tools/c7n_azure/tests_azure/cassettes/VMTest.virtual_machine_extensions.json similarity index 53% rename from tools/c7n_azure/tests_azure/cassettes/VMTest.test_resize.json rename to tools/c7n_azure/tests_azure/cassettes/VMTest.virtual_machine_extensions.json index 1b0a3c389e0..f618041e3bd 100644 --- a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_resize.json +++ b/tools/c7n_azure/tests_azure/cassettes/VMTest.virtual_machine_extensions.json @@ -4,7 +4,7 @@ { "request": { "method": "GET", - "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Compute/virtualMachines?api-version=2019-07-01", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Compute/virtualMachines?api-version=2020-12-01", "body": null, "headers": {} }, @@ -14,23 +14,21 @@ "message": "OK" }, "headers": { - "content-length": [ - "13321" - ], - "x-ms-original-request-ids": [ - "9d1f3d02-c6c7-4156-9fd2-bdbb42171d84", - "e8840802-e918-4be7-b93f-7088f446009a", - "3d275fd1-b8fa-4566-a6f7-fdca4c173438", - "523d9744-2a32-418b-879c-ce20780f3a17" - ], - "date": [ - "Mon, 26 Oct 2020 18:12:58 GMT" - ], "cache-control": [ "no-cache" ], "content-type": [ "application/json; charset=utf-8" + ], + "content-length": [ + "7019" + ], + "date": [ + "Mon, 24 May 2021 14:42:15 GMT" + ], + "x-ms-original-request-ids": [ + "b6636967-f0d6-4c42-ac4e-b0ceee5f2d47", + "f959182b-6b43-473a-be9e-4c73f6a22aa0" ] }, "body": { @@ -46,7 +44,7 @@ "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" }, "properties": { - "vmId": "d565866c-9aaa-4ff1-a8ee-17bdc9ce4675", + "vmId": "f6a6b9b2-9b99-45b0-8a18-025998fc74d0", "hardwareProfile": { "vmSize": "Standard_A1_v2" }, @@ -56,28 +54,28 @@ "offer": "UbuntuServer", "sku": "16.04.0-LTS", "version": "latest", - "exactVersion": "16.04.202010140" + "exactVersion": "16.04.202104290" }, "osDisk": { "osType": "Linux", - "name": "cctestvm_OsDisk_1_358aa817f747420abc4dd5794a268a7b", + "name": "cctestvm_OsDisk_1_517889dc284d4327990247d6d933e390", "createOption": "FromImage", "caching": "ReadWrite", "managedDisk": { "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_358aa817f747420abc4dd5794a268a7b" + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_517889dc284d4327990247d6d933e390" }, "diskSizeGB": 30 }, "dataDisks": [ { "lun": 0, - "name": "cctestvm_disk2_880671278cbd4b5b8083bfe176d35dee", + "name": "cctestvm_disk2_c891bbcef098417b9c9eaed9b8af5e86", "createOption": "Empty", "caching": "None", "managedDisk": { "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_880671278cbd4b5b8083bfe176d35dee" + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_c891bbcef098417b9c9eaed9b8af5e86" }, "diskSizeGB": 1023, "toBeDetached": false @@ -85,10 +83,13 @@ ] }, "osProfile": { - "computerName": "vmyd3b22k4ef27q", + "computerName": "vmmilaytvhe7nwq", "adminUsername": "testuser", "linuxConfiguration": { - "disablePasswordAuthentication": false + "disablePasswordAuthentication": false, + "patchSettings": { + "patchMode": "ImageDefault" + } }, "secrets": [] }, @@ -102,11 +103,16 @@ "diagnosticsProfile": { "bootDiagnostics": { "enabled": true, - "storageUri": "https://yd3b22k4ef27qsalinuxvm.blob.core.windows.net/" + "storageUri": "https://milaytvhe7nwqsalinuxvm.blob.core.windows.net/" } }, "provisioningState": "Succeeded" - } + }, + "resources": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm/extensions/script1" + } + ] } ] } @@ -115,9 +121,9 @@ }, { "request": { - "method": "PATCH", - "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm?api-version=2019-07-01", - "body": "mock_body", + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm/extensions?api-version=2020-12-01", + "body": null, "headers": {} }, "response": { @@ -127,105 +133,48 @@ }, "headers": { "x-ms-ratelimit-remaining-resource": [ - "Microsoft.Compute/PutVM3Min;239,Microsoft.Compute/PutVM30Min;1198" - ], - "date": [ - "Mon, 26 Oct 2020 18:13:02 GMT" - ], - "azure-asyncnotification": [ - "Enabled" + "Microsoft.Compute/LowCostGet3Min;3998,Microsoft.Compute/LowCostGet30Min;31998" ], "cache-control": [ "no-cache" ], - "azure-asyncoperation": [ - "https://management.azure.com/subscriptions/27847cfa-1b12-462a-9672-6dfb0f85e28c/providers/Microsoft.Compute/locations/southcentralus/operations/63039941-1414-44af-90c0-d3d90e4697c8?api-version=2019-07-01" - ], - "x-ms-ratelimit-remaining-subscription-writes": [ - "1198" - ], "content-type": [ "application/json; charset=utf-8" ], + "date": [ + "Mon, 24 May 2021 14:42:15 GMT" + ], "content-length": [ - "2387" + "696" ] }, "body": { "data": { - "name": "cctestvm", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "testtag": "testvalue", - "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" - }, - "properties": { - "vmId": "d565866c-9aaa-4ff1-a8ee-17bdc9ce4675", - "hardwareProfile": { - "vmSize": "Standard_A2_v2" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04.0-LTS", - "version": "latest", - "exactVersion": "16.04.202010140" - }, - "osDisk": { - "osType": "Linux", - "name": "cctestvm_OsDisk_1_358aa817f747420abc4dd5794a268a7b", - "createOption": "FromImage", - "caching": "ReadWrite", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_358aa817f747420abc4dd5794a268a7b" - }, - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "cctestvm_disk2_880671278cbd4b5b8083bfe176d35dee", - "createOption": "Empty", - "caching": "None", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_880671278cbd4b5b8083bfe176d35dee" - }, - "diskSizeGB": 1023, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "vmyd3b22k4ef27q", - "adminUsername": "testuser", - "linuxConfiguration": { - "disablePasswordAuthentication": false + "value": [ + { + "name": "script1", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm/extensions/script1", + "type": "Microsoft.Compute/virtualMachines/extensions", + "location": "southcentralus", + "tags": { + "displayName": "config-app" }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" + "properties": { + "autoUpgradeMinorVersion": true, + "provisioningState": "Succeeded", + "publisher": "Microsoft.Azure.Extensions", + "type": "CustomScript", + "typeHandlerVersion": "2.1", + "settings": { + "skipDos2Unix": false, + "timestamp": 123456789 } - ] - }, - "diagnosticsProfile": { - "bootDiagnostics": { - "enabled": true, - "storageUri": "https://yd3b22k4ef27qsalinuxvm.blob.core.windows.net/" } - }, - "provisioningState": "Updating" - } + } + ] } } } } ] -} +} \ No newline at end of file diff --git a/tools/c7n_azure/tests_azure/cassettes/VMTest.virtual_machine_instance.json b/tools/c7n_azure/tests_azure/cassettes/VMTest.virtual_machine_instance.json new file mode 100644 index 00000000000..6da1cc5adbd --- /dev/null +++ b/tools/c7n_azure/tests_azure/cassettes/VMTest.virtual_machine_instance.json @@ -0,0 +1,339 @@ +{ + "version": 1, + "interactions": [ + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Compute/virtualMachines?api-version=2020-12-01", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "cache-control": [ + "no-cache" + ], + "content-type": [ + "application/json; charset=utf-8" + ], + "content-length": [ + "7019" + ], + "date": [ + "Mon, 24 May 2021 14:41:55 GMT" + ], + "x-ms-original-request-ids": [ + "804d0304-66f1-438a-b1e8-baefef7c83ef", + "7e9ce28f-aa84-4393-82b9-821eeb47ddac" + ] + }, + "body": { + "data": { + "value": [ + { + "name": "cctestvm", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", + "type": "Microsoft.Compute/virtualMachines", + "location": "southcentralus", + "tags": { + "testtag": "testvalue", + "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" + }, + "properties": { + "vmId": "f6a6b9b2-9b99-45b0-8a18-025998fc74d0", + "hardwareProfile": { + "vmSize": "Standard_A1_v2" + }, + "storageProfile": { + "imageReference": { + "publisher": "Canonical", + "offer": "UbuntuServer", + "sku": "16.04.0-LTS", + "version": "latest", + "exactVersion": "16.04.202104290" + }, + "osDisk": { + "osType": "Linux", + "name": "cctestvm_OsDisk_1_517889dc284d4327990247d6d933e390", + "createOption": "FromImage", + "caching": "ReadWrite", + "managedDisk": { + "storageAccountType": "Standard_LRS", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_517889dc284d4327990247d6d933e390" + }, + "diskSizeGB": 30 + }, + "dataDisks": [ + { + "lun": 0, + "name": "cctestvm_disk2_c891bbcef098417b9c9eaed9b8af5e86", + "createOption": "Empty", + "caching": "None", + "managedDisk": { + "storageAccountType": "Standard_LRS", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_c891bbcef098417b9c9eaed9b8af5e86" + }, + "diskSizeGB": 1023, + "toBeDetached": false + } + ] + }, + "osProfile": { + "computerName": "vmmilaytvhe7nwq", + "adminUsername": "testuser", + "linuxConfiguration": { + "disablePasswordAuthentication": false, + "patchSettings": { + "patchMode": "ImageDefault" + } + }, + "secrets": [] + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" + } + ] + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true, + "storageUri": "https://milaytvhe7nwqsalinuxvm.blob.core.windows.net/" + } + }, + "provisioningState": "Succeeded" + }, + "resources": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm/extensions/script1" + } + ] + } + ] + } + } + } + }, + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm?$expand=instanceview&api-version=2020-12-01", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "x-ms-ratelimit-remaining-resource": [ + "Microsoft.Compute/LowCostGet3Min;3999,Microsoft.Compute/LowCostGet30Min;31999" + ], + "cache-control": [ + "no-cache" + ], + "content-type": [ + "application/json; charset=utf-8" + ], + "date": [ + "Mon, 24 May 2021 14:41:55 GMT" + ], + "content-length": [ + "6141" + ] + }, + "body": { + "data": { + "name": "cctestvm", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", + "type": "Microsoft.Compute/virtualMachines", + "location": "southcentralus", + "tags": { + "testtag": "testvalue", + "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" + }, + "properties": { + "vmId": "f6a6b9b2-9b99-45b0-8a18-025998fc74d0", + "hardwareProfile": { + "vmSize": "Standard_A1_v2" + }, + "storageProfile": { + "imageReference": { + "publisher": "Canonical", + "offer": "UbuntuServer", + "sku": "16.04.0-LTS", + "version": "latest", + "exactVersion": "16.04.202104290" + }, + "osDisk": { + "osType": "Linux", + "name": "cctestvm_OsDisk_1_517889dc284d4327990247d6d933e390", + "createOption": "FromImage", + "caching": "ReadWrite", + "managedDisk": { + "storageAccountType": "Standard_LRS", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_517889dc284d4327990247d6d933e390" + }, + "diskSizeGB": 30 + }, + "dataDisks": [ + { + "lun": 0, + "name": "cctestvm_disk2_c891bbcef098417b9c9eaed9b8af5e86", + "createOption": "Empty", + "caching": "None", + "managedDisk": { + "storageAccountType": "Standard_LRS", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_c891bbcef098417b9c9eaed9b8af5e86" + }, + "diskSizeGB": 1023, + "toBeDetached": false + } + ] + }, + "osProfile": { + "computerName": "vmmilaytvhe7nwq", + "adminUsername": "testuser", + "linuxConfiguration": { + "disablePasswordAuthentication": false, + "patchSettings": { + "patchMode": "ImageDefault" + } + }, + "secrets": [] + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" + } + ] + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true, + "storageUri": "https://milaytvhe7nwqsalinuxvm.blob.core.windows.net/" + } + }, + "provisioningState": "Succeeded", + "instanceView": { + "computerName": "vmmilaytvhe7nwq", + "osName": "ubuntu", + "osVersion": "16.04", + "vmAgent": { + "vmAgentVersion": "2.2.54.2", + "statuses": [ + { + "code": "ProvisioningState/succeeded", + "level": "Info", + "displayStatus": "Ready", + "message": "Guest Agent is running", + "time": "2021-05-24T14:41:43+00:00" + } + ], + "extensionHandlers": [ + { + "type": "Microsoft.Azure.Extensions.CustomScript", + "typeHandlerVersion": "2.1.3", + "status": { + "code": "ProvisioningState/succeeded", + "level": "Info", + "displayStatus": "Ready", + "message": "Plugin enabled" + } + } + ] + }, + "disks": [ + { + "name": "cctestvm_OsDisk_1_517889dc284d4327990247d6d933e390", + "statuses": [ + { + "code": "ProvisioningState/succeeded", + "level": "Info", + "displayStatus": "Provisioning succeeded", + "time": "2021-05-21T14:16:29.7966701+00:00" + } + ] + }, + { + "name": "cctestvm_disk2_c891bbcef098417b9c9eaed9b8af5e86", + "statuses": [ + { + "code": "ProvisioningState/succeeded", + "level": "Info", + "displayStatus": "Provisioning succeeded", + "time": "2021-05-21T14:16:29.7966701+00:00" + } + ] + } + ], + "bootDiagnostics": { + "consoleScreenshotBlobUri": "https://milaytvhe7nwqsalinuxvm.blob.core.windows.net/bootdiagnostics-cctestvm-f6a6b9b2-9b99-45b0-8a18-025998fc74d0/cctestvm.f6a6b9b2-9b99-45b0-8a18-025998fc74d0.screenshot.bmp", + "serialConsoleLogBlobUri": "https://milaytvhe7nwqsalinuxvm.blob.core.windows.net/bootdiagnostics-cctestvm-f6a6b9b2-9b99-45b0-8a18-025998fc74d0/cctestvm.f6a6b9b2-9b99-45b0-8a18-025998fc74d0.serialconsole.log" + }, + "extensions": [ + { + "name": "script1", + "type": "Microsoft.Azure.Extensions.CustomScript", + "typeHandlerVersion": "2.1.3", + "statuses": [ + { + "code": "ProvisioningState/succeeded", + "level": "Info", + "displayStatus": "Provisioning succeeded", + "message": "Enable succeeded: \n[stdout]\nfoo\n\n[stderr]\n" + } + ] + } + ], + "hyperVGeneration": "V1", + "statuses": [ + { + "code": "ProvisioningState/succeeded", + "level": "Info", + "displayStatus": "Provisioning succeeded", + "time": "2021-05-24T12:39:13.2418711+00:00" + }, + { + "code": "PowerState/running", + "level": "Info", + "displayStatus": "VM running" + } + ] + } + }, + "resources": [ + { + "name": "script1", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm/extensions/script1", + "type": "Microsoft.Compute/virtualMachines/extensions", + "location": "southcentralus", + "tags": { + "displayName": "config-app" + }, + "properties": { + "autoUpgradeMinorVersion": true, + "provisioningState": "Succeeded", + "publisher": "Microsoft.Azure.Extensions", + "type": "CustomScript", + "typeHandlerVersion": "2.1", + "settings": { + "skipDos2Unix": false, + "timestamp": 123456789 + } + } + } + ] + } + } + } + } + ] +} \ No newline at end of file diff --git a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_find_vm_with_public_ip.json b/tools/c7n_azure/tests_azure/cassettes/VMTest.virtual_machine_interface.json similarity index 59% rename from tools/c7n_azure/tests_azure/cassettes/VMTest.test_find_vm_with_public_ip.json rename to tools/c7n_azure/tests_azure/cassettes/VMTest.virtual_machine_interface.json index 02e1bb0e9ea..2ec7aa17490 100644 --- a/tools/c7n_azure/tests_azure/cassettes/VMTest.test_find_vm_with_public_ip.json +++ b/tools/c7n_azure/tests_azure/cassettes/VMTest.virtual_machine_interface.json @@ -1,1631 +1,2234 @@ -{ - "version": 1, - "interactions": [ - { - "request": { - "method": "GET", - "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Compute/virtualMachines?api-version=2019-03-01", - "body": null, - "headers": {} - }, - "response": { - "status": { - "code": 200, - "message": "OK" - }, - "headers": { - "content-type": [ - "application/json; charset=utf-8" - ], - "cache-control": [ - "no-cache" - ], - "x-ms-ratelimit-remaining-resource": [ - "Microsoft.Compute/HighCostGet3Min;102,Microsoft.Compute/HighCostGet30Min;618" - ], - "date": [ - "Fri, 03 May 2019 19:54:40 GMT" - ], - "content-length": [ - "2623" - ] - }, - "body": { - "data": { - "value": [ - { - "properties": { - "vmId": "e1182f4f-d46b-43c4-a797-feee1c1ae2bd", - "hardwareProfile": { - "vmSize": "Basic_A0" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04.0-LTS", - "version": "latest" - }, - "osDisk": { - "osType": "Linux", - "name": "cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2", - "createOption": "FromImage", - "caching": "ReadWrite", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2" - }, - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "cctestvm_disk2_977a393608a8458f960a28f8000151d7", - "createOption": "Empty", - "caching": "None", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_977a393608a8458f960a28f8000151d7" - }, - "diskSizeGB": 1023, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "vm45mqcga7pkswi", - "adminUsername": "testuser", - "linuxConfiguration": { - "disablePasswordAuthentication": false - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" - } - ] - }, - "diagnosticsProfile": { - "bootDiagnostics": { - "enabled": true, - "storageUri": "https://45mqcga7pkswisalinuxvm.blob.core.windows.net/" - } - }, - "provisioningState": "Succeeded" - }, - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "testtag": "testvalue", - "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", - "name": "cctestvm" - } - ] - } - } - } - }, - { - "request": { - "method": "GET", - "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Network?api-version=2018-05-01", - "body": null, - "headers": {} - }, - "response": { - "status": { - "code": 200, - "message": "OK" - }, - "headers": { - "content-type": [ - "application/json; charset=utf-8" - ], - "content-length": [ - "51205" - ], - "cache-control": [ - "no-cache" - ], - "date": [ - "Fri, 03 May 2019 19:54:40 GMT" - ] - }, - "body": { - "data": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Network", - "namespace": "Microsoft.Network", - "authorizations": [], - "resourceTypes": [ - { - "resourceType": "virtualNetworks", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "natGateways", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "publicIPAddresses", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "networkInterfaces", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "privateEndpoints", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "loadBalancers", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "networkSecurityGroups", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "applicationSecurityGroups", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "serviceEndpointPolicies", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "networkIntentPolicies", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "routeTables", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "publicIPPrefixes", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "ddosCustomPolicies", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "networkWatchers", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "networkWatchers/connectionMonitors", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "networkWatchers/lenses", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "networkWatchers/pingMeshes", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "virtualNetworkGateways", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "localNetworkGateways", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "connections", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "applicationGateways", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "applicationGatewayWebApplicationFirewallPolicies", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/operations", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/operationResults", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/CheckDnsNameAvailability", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/usages", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/virtualNetworkAvailableEndpointServices", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/availableDelegations", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/availablePrivateEndpointResources", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/supportedVirtualMachineSizes", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/checkAcceleratedNetworkingSupport", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/validateResourceOwnership", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/setResourceOwnership", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/effectiveResourceOwnership", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "operations", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "dnszones", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnsOperationResults", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnsOperationStatuses", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "getDnsResourceReference", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "internalNotify", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/A", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/AAAA", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/CNAME", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/PTR", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/MX", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/TXT", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/SRV", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/SOA", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/NS", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/CAA", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/recordsets", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/all", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "privateDnsZones", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/virtualNetworkLinks", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsOperationResults", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsOperationStatuses", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/A", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/AAAA", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/CNAME", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/PTR", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/MX", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/TXT", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/SRV", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/SOA", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/all", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "trafficmanagerprofiles", - "apiVersions": [ - "2018-08-01" - ] - }, - { - "resourceType": "trafficmanagerprofiles/heatMaps", - "apiVersions": [ - "2018-08-01" - ] - }, - { - "resourceType": "checkTrafficManagerNameAvailability", - "apiVersions": [ - "2018-08-01" - ] - }, - { - "resourceType": "trafficManagerUserMetricsKeys", - "apiVersions": [ - "2018-08-01" - ] - }, - { - "resourceType": "trafficManagerGeographicHierarchies", - "apiVersions": [ - "2018-08-01" - ] - }, - { - "resourceType": "expressRouteCircuits", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "expressRouteServiceProviders", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "applicationGatewayAvailableWafRuleSets", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "applicationGatewayAvailableSslOptions", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "applicationGatewayAvailableServerVariables", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "applicationGatewayAvailableRequestHeaders", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "applicationGatewayAvailableResponseHeaders", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "routeFilters", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "bgpServiceCommunities", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "virtualWans", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "vpnSites", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "virtualHubs", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "vpnGateways", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "secureGateways", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "azureFirewalls", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "azureFirewallFqdnTags", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "virtualNetworkTaps", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "privateLinkServices", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "ddosProtectionPlans", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "networkProfiles", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "frontdoorOperationResults", - "apiVersions": [ - "2019-04-01" - ] - }, - { - "resourceType": "checkFrontdoorNameAvailability", - "apiVersions": [ - "2019-04-01" - ] - }, - { - "resourceType": "frontdoors", - "apiVersions": [ - "2019-04-01" - ] - }, - { - "resourceType": "frontdoorWebApplicationFirewallPolicies", - "apiVersions": [ - "2019-03-01" - ] - }, - { - "resourceType": "frontdoorWebApplicationFirewallManagedRuleSets", - "apiVersions": [ - "2019-03-01" - ] - }, - { - "resourceType": "webApplicationFirewallPolicies", - "apiVersions": [ - "2018-08-01" - ] - }, - { - "resourceType": "locations/bareMetalTenants", - "apiVersions": [ - "2019-02-01" - ] - } - ], - "registrationState": "Registered" - } - } - } - }, - { - "request": { - "method": "GET", - "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic?api-version=2019-02-01", - "body": null, - "headers": {} - }, - "response": { - "status": { - "code": 200, - "message": "OK" - }, - "headers": { - "content-type": [ - "application/json; charset=utf-8" - ], - "etag": [ - "W/\"979bce69-fdaf-4d71-bfb6-a0262a5f2cb3\"" - ], - "cache-control": [ - "no-cache" - ], - "date": [ - "Fri, 03 May 2019 19:54:41 GMT" - ], - "content-length": [ - "2018" - ] - }, - "body": { - "data": { - "name": "myVMNic", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic", - "etag": "W/\"979bce69-fdaf-4d71-bfb6-a0262a5f2cb3\"", - "location": "southcentralus", - "properties": { - "provisioningState": "Succeeded", - "resourceGuid": "e2410fbc-e314-4fde-b715-0a7494966146", - "ipConfigurations": [ - { - "name": "ipconfig1", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic/ipConfigurations/ipconfig1", - "etag": "W/\"979bce69-fdaf-4d71-bfb6-a0262a5f2cb3\"", - "type": "Microsoft.Network/networkInterfaces/ipConfigurations", - "properties": { - "provisioningState": "Succeeded", - "privateIPAddress": "10.0.0.4", - "privateIPAllocationMethod": "Dynamic", - "publicIPAddress": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/publicIPAddresses/myPublicIP" - }, - "subnet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/virtualNetworks/MyVNET/subnets/Subnet" - }, - "primary": true, - "privateIPAddressVersion": "IPv4" - } - } - ], - "dnsSettings": { - "dnsServers": [], - "appliedDnsServers": [], - "internalDomainNameSuffix": "exgiii3jsope1igjcag5igqlkc.jx.internal.cloudapp.net" - }, - "macAddress": "00-0D-3A-70-33-10", - "enableAcceleratedNetworking": false, - "enableIPForwarding": false, - "primary": true, - "virtualMachine": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/virtualMachines/cctestvm" - }, - "hostedWorkloads": [], - "tapConfigurations": [] - }, - "type": "Microsoft.Network/networkInterfaces" - } - } - } - }, - { - "request": { - "method": "GET", - "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Compute/virtualMachines?api-version=2019-03-01", - "body": null, - "headers": {} - }, - "response": { - "status": { - "code": 200, - "message": "OK" - }, - "headers": { - "content-type": [ - "application/json; charset=utf-8" - ], - "cache-control": [ - "no-cache" - ], - "x-ms-ratelimit-remaining-resource": [ - "Microsoft.Compute/HighCostGet3Min;101,Microsoft.Compute/HighCostGet30Min;617" - ], - "date": [ - "Fri, 03 May 2019 19:54:41 GMT" - ], - "content-length": [ - "2623" - ] - }, - "body": { - "data": { - "value": [ - { - "properties": { - "vmId": "e1182f4f-d46b-43c4-a797-feee1c1ae2bd", - "hardwareProfile": { - "vmSize": "Basic_A0" - }, - "storageProfile": { - "imageReference": { - "publisher": "Canonical", - "offer": "UbuntuServer", - "sku": "16.04.0-LTS", - "version": "latest" - }, - "osDisk": { - "osType": "Linux", - "name": "cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2", - "createOption": "FromImage", - "caching": "ReadWrite", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_a9f308a2eb4a47d288b5ea13757ebfe2" - }, - "diskSizeGB": 30 - }, - "dataDisks": [ - { - "lun": 0, - "name": "cctestvm_disk2_977a393608a8458f960a28f8000151d7", - "createOption": "Empty", - "caching": "None", - "managedDisk": { - "storageAccountType": "Standard_LRS", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_977a393608a8458f960a28f8000151d7" - }, - "diskSizeGB": 1023, - "toBeDetached": false - } - ] - }, - "osProfile": { - "computerName": "vm45mqcga7pkswi", - "adminUsername": "testuser", - "linuxConfiguration": { - "disablePasswordAuthentication": false - }, - "secrets": [] - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" - } - ] - }, - "diagnosticsProfile": { - "bootDiagnostics": { - "enabled": true, - "storageUri": "https://45mqcga7pkswisalinuxvm.blob.core.windows.net/" - } - }, - "provisioningState": "Succeeded" - }, - "type": "Microsoft.Compute/virtualMachines", - "location": "southcentralus", - "tags": { - "testtag": "testvalue", - "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" - }, - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", - "name": "cctestvm" - } - ] - } - } - } - }, - { - "request": { - "method": "GET", - "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Network?api-version=2018-05-01", - "body": null, - "headers": {} - }, - "response": { - "status": { - "code": 200, - "message": "OK" - }, - "headers": { - "content-type": [ - "application/json; charset=utf-8" - ], - "content-length": [ - "51205" - ], - "cache-control": [ - "no-cache" - ], - "date": [ - "Fri, 03 May 2019 19:54:42 GMT" - ] - }, - "body": { - "data": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Network", - "namespace": "Microsoft.Network", - "authorizations": [], - "resourceTypes": [ - { - "resourceType": "virtualNetworks", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "natGateways", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "publicIPAddresses", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "networkInterfaces", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "privateEndpoints", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "loadBalancers", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "networkSecurityGroups", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "applicationSecurityGroups", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "serviceEndpointPolicies", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "networkIntentPolicies", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "routeTables", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "publicIPPrefixes", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "ddosCustomPolicies", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "networkWatchers", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "networkWatchers/connectionMonitors", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "networkWatchers/lenses", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "networkWatchers/pingMeshes", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "virtualNetworkGateways", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "localNetworkGateways", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "connections", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "applicationGateways", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "applicationGatewayWebApplicationFirewallPolicies", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/operations", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/operationResults", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/CheckDnsNameAvailability", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/usages", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/virtualNetworkAvailableEndpointServices", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/availableDelegations", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/availablePrivateEndpointResources", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/supportedVirtualMachineSizes", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/checkAcceleratedNetworkingSupport", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/validateResourceOwnership", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/setResourceOwnership", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "locations/effectiveResourceOwnership", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "operations", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "dnszones", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnsOperationResults", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnsOperationStatuses", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "getDnsResourceReference", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "internalNotify", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/A", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/AAAA", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/CNAME", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/PTR", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/MX", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/TXT", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/SRV", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/SOA", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/NS", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/CAA", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/recordsets", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "dnszones/all", - "apiVersions": [ - "2018-05-01" - ] - }, - { - "resourceType": "privateDnsZones", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/virtualNetworkLinks", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsOperationResults", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsOperationStatuses", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/A", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/AAAA", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/CNAME", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/PTR", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/MX", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/TXT", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/SRV", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/SOA", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "privateDnsZones/all", - "apiVersions": [ - "2018-09-01" - ] - }, - { - "resourceType": "trafficmanagerprofiles", - "apiVersions": [ - "2018-08-01" - ] - }, - { - "resourceType": "trafficmanagerprofiles/heatMaps", - "apiVersions": [ - "2018-08-01" - ] - }, - { - "resourceType": "checkTrafficManagerNameAvailability", - "apiVersions": [ - "2018-08-01" - ] - }, - { - "resourceType": "trafficManagerUserMetricsKeys", - "apiVersions": [ - "2018-08-01" - ] - }, - { - "resourceType": "trafficManagerGeographicHierarchies", - "apiVersions": [ - "2018-08-01" - ] - }, - { - "resourceType": "expressRouteCircuits", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "expressRouteServiceProviders", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "applicationGatewayAvailableWafRuleSets", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "applicationGatewayAvailableSslOptions", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "applicationGatewayAvailableServerVariables", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "applicationGatewayAvailableRequestHeaders", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "applicationGatewayAvailableResponseHeaders", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "routeFilters", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "bgpServiceCommunities", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "virtualWans", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "vpnSites", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "virtualHubs", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "vpnGateways", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "secureGateways", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "azureFirewalls", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "azureFirewallFqdnTags", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "virtualNetworkTaps", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "privateLinkServices", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "ddosProtectionPlans", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "networkProfiles", - "apiVersions": [ - "2019-02-01" - ] - }, - { - "resourceType": "frontdoorOperationResults", - "apiVersions": [ - "2019-04-01" - ] - }, - { - "resourceType": "checkFrontdoorNameAvailability", - "apiVersions": [ - "2019-04-01" - ] - }, - { - "resourceType": "frontdoors", - "apiVersions": [ - "2019-04-01" - ] - }, - { - "resourceType": "frontdoorWebApplicationFirewallPolicies", - "apiVersions": [ - "2019-03-01" - ] - }, - { - "resourceType": "frontdoorWebApplicationFirewallManagedRuleSets", - "apiVersions": [ - "2019-03-01" - ] - }, - { - "resourceType": "webApplicationFirewallPolicies", - "apiVersions": [ - "2018-08-01" - ] - }, - { - "resourceType": "locations/bareMetalTenants", - "apiVersions": [ - "2019-02-01" - ] - } - ], - "registrationState": "Registered" - } - } - } - }, - { - "request": { - "method": "GET", - "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic?api-version=2019-02-01", - "body": null, - "headers": {} - }, - "response": { - "status": { - "code": 200, - "message": "OK" - }, - "headers": { - "content-type": [ - "application/json; charset=utf-8" - ], - "etag": [ - "W/\"979bce69-fdaf-4d71-bfb6-a0262a5f2cb3\"" - ], - "cache-control": [ - "no-cache" - ], - "date": [ - "Fri, 03 May 2019 19:54:42 GMT" - ], - "content-length": [ - "2018" - ] - }, - "body": { - "data": { - "name": "myVMNic", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic", - "etag": "W/\"979bce69-fdaf-4d71-bfb6-a0262a5f2cb3\"", - "location": "southcentralus", - "properties": { - "provisioningState": "Succeeded", - "resourceGuid": "e2410fbc-e314-4fde-b715-0a7494966146", - "ipConfigurations": [ - { - "name": "ipconfig1", - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic/ipConfigurations/ipconfig1", - "etag": "W/\"979bce69-fdaf-4d71-bfb6-a0262a5f2cb3\"", - "type": "Microsoft.Network/networkInterfaces/ipConfigurations", - "properties": { - "provisioningState": "Succeeded", - "privateIPAddress": "10.0.0.4", - "privateIPAllocationMethod": "Dynamic", - "publicIPAddress": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/publicIPAddresses/myPublicIP" - }, - "subnet": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/virtualNetworks/MyVNET/subnets/Subnet" - }, - "primary": true, - "privateIPAddressVersion": "IPv4" - } - } - ], - "dnsSettings": { - "dnsServers": [], - "appliedDnsServers": [], - "internalDomainNameSuffix": "exgiii3jsope1igjcag5igqlkc.jx.internal.cloudapp.net" - }, - "macAddress": "00-0D-3A-70-33-10", - "enableAcceleratedNetworking": false, - "enableIPForwarding": false, - "primary": true, - "virtualMachine": { - "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/virtualMachines/cctestvm" - }, - "hostedWorkloads": [], - "tapConfigurations": [] - }, - "type": "Microsoft.Network/networkInterfaces" - } - } - } - } - ] +{ + "version": 1, + "interactions": [ + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Compute/virtualMachines?api-version=2020-12-01", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "cache-control": [ + "no-cache" + ], + "content-type": [ + "application/json; charset=utf-8" + ], + "content-length": [ + "7019" + ], + "date": [ + "Mon, 24 May 2021 14:41:58 GMT" + ], + "x-ms-original-request-ids": [ + "e73f027e-dda9-43ca-9cf6-6abeb87e5dca", + "a8eb1000-450d-45a2-ab0a-aafe022e2d4a" + ] + }, + "body": { + "data": { + "value": [ + { + "name": "cctestvm", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", + "type": "Microsoft.Compute/virtualMachines", + "location": "southcentralus", + "tags": { + "testtag": "testvalue", + "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" + }, + "properties": { + "vmId": "f6a6b9b2-9b99-45b0-8a18-025998fc74d0", + "hardwareProfile": { + "vmSize": "Standard_A1_v2" + }, + "storageProfile": { + "imageReference": { + "publisher": "Canonical", + "offer": "UbuntuServer", + "sku": "16.04.0-LTS", + "version": "latest", + "exactVersion": "16.04.202104290" + }, + "osDisk": { + "osType": "Linux", + "name": "cctestvm_OsDisk_1_517889dc284d4327990247d6d933e390", + "createOption": "FromImage", + "caching": "ReadWrite", + "managedDisk": { + "storageAccountType": "Standard_LRS", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_517889dc284d4327990247d6d933e390" + }, + "diskSizeGB": 30 + }, + "dataDisks": [ + { + "lun": 0, + "name": "cctestvm_disk2_c891bbcef098417b9c9eaed9b8af5e86", + "createOption": "Empty", + "caching": "None", + "managedDisk": { + "storageAccountType": "Standard_LRS", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_c891bbcef098417b9c9eaed9b8af5e86" + }, + "diskSizeGB": 1023, + "toBeDetached": false + } + ] + }, + "osProfile": { + "computerName": "vmmilaytvhe7nwq", + "adminUsername": "testuser", + "linuxConfiguration": { + "disablePasswordAuthentication": false, + "patchSettings": { + "patchMode": "ImageDefault" + } + }, + "secrets": [] + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" + } + ] + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true, + "storageUri": "https://milaytvhe7nwqsalinuxvm.blob.core.windows.net/" + } + }, + "provisioningState": "Succeeded" + }, + "resources": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm/extensions/script1" + } + ] + } + ] + } + } + } + }, + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Network?api-version=2020-10-01", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "cache-control": [ + "no-cache" + ], + "content-type": [ + "application/json; charset=utf-8" + ], + "content-length": [ + "106757" + ], + "date": [ + "Mon, 24 May 2021 14:41:59 GMT" + ] + }, + "body": { + "data": { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Network", + "namespace": "Microsoft.Network", + "authorizations": [], + "resourceTypes": [ + { + "resourceType": "virtualNetworks", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "virtualNetworks/taggedTrafficConsumers", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "natGateways", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "publicIPAddresses", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "customIpPrefixes", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "networkInterfaces", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "dscpConfigurations", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "privateEndpoints", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "privateEndpointRedirectMaps", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "loadBalancers", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "networkSecurityGroups", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "applicationSecurityGroups", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "serviceEndpointPolicies", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "networkIntentPolicies", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "routeTables", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "publicIPPrefixes", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "ddosCustomPolicies", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "networkWatchers", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "networkWatchers/connectionMonitors", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "networkWatchers/flowLogs", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "networkWatchers/pingMeshes", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "virtualNetworkGateways", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "localNetworkGateways", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "connections", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "applicationGateways", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "applicationGatewayWebApplicationFirewallPolicies", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/operations", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/operationResults", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/CheckDnsNameAvailability", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/setLoadBalancerFrontendPublicIpAddresses", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/usages", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/virtualNetworkAvailableEndpointServices", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/availableDelegations", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/serviceTags", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/availablePrivateEndpointTypes", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/availableServiceAliases", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/checkPrivateLinkServiceVisibility", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/autoApprovedPrivateLinkServices", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/batchValidatePrivateEndpointsForResourceMove", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/batchNotifyPrivateEndpointsForResourceMove", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/supportedVirtualMachineSizes", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/setAzureNetworkManagerConfiguration", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/getAzureNetworkManagerConfiguration", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/checkAcceleratedNetworkingSupport", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/validateResourceOwnership", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/setResourceOwnership", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/effectiveResourceOwnership", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "operations", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "dnszones", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnsOperationResults", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnsOperationStatuses", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "getDnsResourceReference", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "internalNotify", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/A", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/AAAA", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/CNAME", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/PTR", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/MX", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/TXT", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/SRV", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/SOA", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/NS", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/CAA", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/recordsets", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/all", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "privateDnsZones", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/virtualNetworkLinks", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsOperationResults", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsOperationStatuses", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZonesInternal", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/A", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/AAAA", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/CNAME", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/PTR", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/MX", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/TXT", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/SRV", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/SOA", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/all", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "virtualNetworks/privateDnsZoneLinks", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "trafficmanagerprofiles", + "apiVersions": [ + "2018-08-01" + ] + }, + { + "resourceType": "trafficmanagerprofiles/heatMaps", + "apiVersions": [ + "2018-08-01" + ] + }, + { + "resourceType": "checkTrafficManagerNameAvailability", + "apiVersions": [ + "2018-08-01" + ] + }, + { + "resourceType": "trafficManagerUserMetricsKeys", + "apiVersions": [ + "2018-08-01" + ] + }, + { + "resourceType": "trafficManagerGeographicHierarchies", + "apiVersions": [ + "2018-08-01" + ] + }, + { + "resourceType": "expressRouteCircuits", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "expressRouteServiceProviders", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "applicationGatewayAvailableWafRuleSets", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "applicationGatewayAvailableSslOptions", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "applicationGatewayAvailableServerVariables", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "applicationGatewayAvailableRequestHeaders", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "applicationGatewayAvailableResponseHeaders", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "routeFilters", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "bgpServiceCommunities", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "virtualWans", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "vpnSites", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "vpnServerConfigurations", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "virtualHubs", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "vpnGateways", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "p2sVpnGateways", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "expressRouteGateways", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "expressRoutePortsLocations", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "firewallPolicies", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "ipGroups", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "azureWebCategories", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/nfvOperations", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/nfvOperationResults", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "securityPartnerProviders", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "azureFirewalls", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "azureFirewallFqdnTags", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "virtualNetworkTaps", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "privateLinkServices", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/privateLinkServices", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "ddosProtectionPlans", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "networkProfiles", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "frontdoorOperationResults", + "apiVersions": [ + "2020-11-01" + ] + }, + { + "resourceType": "checkFrontdoorNameAvailability", + "apiVersions": [ + "2020-07-01" + ] + }, + { + "resourceType": "frontdoors", + "apiVersions": [ + "2020-07-01" + ] + }, + { + "resourceType": "frontdoors/frontendEndpoints", + "apiVersions": [ + "2020-07-01" + ] + }, + { + "resourceType": "frontdoors/frontendEndpoints/customHttpsConfiguration", + "apiVersions": [ + "2020-07-01" + ] + }, + { + "resourceType": "frontdoorWebApplicationFirewallPolicies", + "apiVersions": [ + "2020-11-01" + ] + }, + { + "resourceType": "frontdoorWebApplicationFirewallManagedRuleSets", + "apiVersions": [ + "2020-11-01" + ] + }, + { + "resourceType": "networkExperimentProfiles", + "apiVersions": [ + "2019-11-01" + ] + }, + { + "resourceType": "locations/bareMetalTenants", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "bastionHosts", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "virtualRouters", + "apiVersions": [ + "2020-08-01" + ] + }, + { + "resourceType": "networkVirtualAppliances", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "ipAllocations", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/commitInternalAzureNetworkManagerConfiguration", + "apiVersions": [ + "2021-02-01-preview" + ] + }, + { + "resourceType": "locations/internalAzureVirtualNetworkManagerOperation", + "apiVersions": [ + "2021-02-01-preview" + ] + }, + { + "resourceType": "networkVirtualApplianceSkus", + "apiVersions": [ + "2021-02-01" + ] + } + ], + "registrationState": "Registered", + "registrationPolicy": "RegistrationRequired" + } + } + } + }, + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic?api-version=2021-02-01", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "etag": [ + "W/\"a503bdac-e13b-40f9-8427-aeab2e49b658\"" + ], + "cache-control": [ + "no-cache" + ], + "content-type": [ + "application/json; charset=utf-8" + ], + "date": [ + "Mon, 24 May 2021 14:42:01 GMT" + ], + "x-ms-arm-service-request-id": [ + "93c8a436-a41d-4d3d-a0a9-e86a4448e887" + ], + "content-length": [ + "2046" + ] + }, + "body": { + "data": { + "name": "myVMNic", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic", + "etag": "W/\"a503bdac-e13b-40f9-8427-aeab2e49b658\"", + "location": "southcentralus", + "properties": { + "provisioningState": "Succeeded", + "resourceGuid": "d338d82c-9b34-4003-a6b4-89b64ec322d8", + "ipConfigurations": [ + { + "name": "ipconfig1", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic/ipConfigurations/ipconfig1", + "etag": "W/\"a503bdac-e13b-40f9-8427-aeab2e49b658\"", + "type": "Microsoft.Network/networkInterfaces/ipConfigurations", + "properties": { + "provisioningState": "Succeeded", + "privateIPAddress": "10.0.0.4", + "privateIPAllocationMethod": "Dynamic", + "publicIPAddress": { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/publicIPAddresses/myPublicIP" + }, + "subnet": { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/virtualNetworks/MyVNET/subnets/Subnet" + }, + "primary": true, + "privateIPAddressVersion": "IPv4" + } + } + ], + "dnsSettings": { + "dnsServers": [], + "appliedDnsServers": [], + "internalDomainNameSuffix": "ao3dggu3qctennig2a434hofsf.jx.internal.cloudapp.net" + }, + "macAddress": "00-0D-3A-EF-1C-8C", + "enableAcceleratedNetworking": false, + "enableIPForwarding": false, + "primary": true, + "virtualMachine": { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/virtualMachines/cctestvm" + }, + "hostedWorkloads": [], + "tapConfigurations": [], + "nicType": "Standard" + }, + "type": "Microsoft.Network/networkInterfaces" + } + } + } + }, + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Compute/virtualMachines?api-version=2020-12-01", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "cache-control": [ + "no-cache" + ], + "content-type": [ + "application/json; charset=utf-8" + ], + "content-length": [ + "7019" + ], + "date": [ + "Mon, 24 May 2021 14:42:03 GMT" + ], + "x-ms-original-request-ids": [ + "344a61bc-dce8-4229-92be-5ef907049c0c", + "6defb777-03eb-4ec4-a380-3a329fb03da4" + ] + }, + "body": { + "data": { + "value": [ + { + "name": "erinvm", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/ERIN/providers/Microsoft.Compute/virtualMachines/erinvm", + "type": "Microsoft.Compute/virtualMachines", + "location": "centralus", + "tags": { + "Function": "Works" + }, + "properties": { + "vmId": "03934a52-9025-44fa-b7d6-29a43d21fd3a", + "hardwareProfile": { + "vmSize": "Standard_B1ls" + }, + "storageProfile": { + "imageReference": { + "publisher": "Canonical", + "offer": "UbuntuServer", + "sku": "18.04-LTS", + "version": "latest", + "exactVersion": "18.04.202101290" + }, + "osDisk": { + "osType": "Linux", + "name": "erinvm_OsDisk_1_426c2bbdcfa94699a7461c1bf6e843f6", + "createOption": "FromImage", + "caching": "ReadWrite", + "managedDisk": { + "storageAccountType": "Premium_LRS", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/erin/providers/Microsoft.Compute/disks/erinvm_OsDisk_1_426c2bbdcfa94699a7461c1bf6e843f6" + }, + "diskSizeGB": 30 + }, + "dataDisks": [] + }, + "osProfile": { + "computerName": "erinvm", + "adminUsername": "azureuser", + "linuxConfiguration": { + "disablePasswordAuthentication": true, + "ssh": { + "publicKeys": [ + { + "path": "/home/azureuser/.ssh/authorized_keys", + "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCrwvuw0D6bumrQ29hMlXevFuhn\r\nzqZKh7yVwqXCFpJt4nsvmDL4GbdZuaIcZUU2omHJM8UlW9I1ar+IuDO9u9CZuok7\r\n/6KpZn5/C5TvTt69BvqvP1eMldCWk6FAxKjxICjqHwr9a/KJWe9zCziEKUBR/nCf\r\nU/05NDGwkttVyqcaeogG3f8MKnOmzrkKudVUvuUDoFXtypaJkDs6Veoax3YqkZ//\r\nlmbtyHCc1IhC7Wl97RFmHHc6521nyxPXCHQHDGhRMrtAOXV+OQwa9hk2RnYlPnoJ\r\nECZ/LpKJpOjpEb8AoQB55Zu0itZwohXYAnvXF+sb1xe23WV67zakwaq0+ljMGGk7\r\ngL/0FdmC76jVy40t+EMS3jagRzOjIoqdzZH/g0sqNeUvtG9VdA/uPwUqn64ZRsvB\r\nNGXPLf2G02S6UvRFqCFO2ilVgS1Wr/S0fkNcjE3wghkwgqXcB3lVkefzfN9U241t\r\nsl/ueBVtE5WOSfzIJ3B5t3FJwuO/oYFepAn/G0c= generated-by-azure\r\n" + } + ] + }, + "provisionVMAgent": true, + "patchSettings": { + "patchMode": "ImageDefault" + } + }, + "secrets": [], + "allowExtensionOperations": true, + "requireGuestProvisionSignal": true + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/erin/providers/Microsoft.Network/networkInterfaces/erinvm761" + } + ] + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true + } + }, + "provisioningState": "Succeeded" + }, + "zones": [ + "1" + ], + "resources": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/ERIN/providers/Microsoft.Compute/virtualMachines/erinvm/extensions/OmsAgentForLinux" + } + ] + }, + { + "name": "stefanvm", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/STEFAN/providers/Microsoft.Compute/virtualMachines/stefanvm", + "type": "Microsoft.Compute/virtualMachines", + "location": "centralus", + "identity": { + "type": "SystemAssigned", + "principalId": "513cf7d8-7f02-4edb-a66c-eeff06b63ac4", + "tenantId": "00000000-0000-0000-0000-000000000003" + }, + "properties": { + "vmId": "078f2d6a-5ad8-4061-98de-cef497cf0fcc", + "hardwareProfile": { + "vmSize": "Standard_D2s_v3" + }, + "storageProfile": { + "imageReference": { + "publisher": "canonical", + "offer": "0001-com-ubuntu-server-focal", + "sku": "20_04-lts", + "version": "latest", + "exactVersion": "20.04.202105130" + }, + "osDisk": { + "osType": "Linux", + "name": "stefanvm_OsDisk_1_d74edd8dc091445c95c343aa26d8d3b0", + "createOption": "FromImage", + "caching": "ReadWrite", + "managedDisk": { + "storageAccountType": "Premium_LRS", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/stefan/providers/Microsoft.Compute/disks/stefanvm_OsDisk_1_d74edd8dc091445c95c343aa26d8d3b0" + }, + "diskSizeGB": 30 + }, + "dataDisks": [] + }, + "osProfile": { + "computerName": "stefanvm", + "adminUsername": "stefangordon", + "linuxConfiguration": { + "disablePasswordAuthentication": true, + "ssh": { + "publicKeys": [ + { + "path": "/home/stefangordon/.ssh/authorized_keys", + "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDS/HbjMl4A7hiflAY+h0ZKf5QJ\r\nbl8L5mZ+0BNX9K8U2FxzigeNvwmnNnSVOBcReSE1d4MK8b89+zj6YiLBqj+sbdPN\r\nEqdFvnfinEIODlSojoDGPGeS2TLYqA+74hs24mzDw/7M5DhEkP+5MiNTQ/+mL+EJ\r\n9mcGL3LC0WweCNsavX/qopy7BydmznEyIcBXUqfanq1PxwxrWhmHFK649XOooplZ\r\n+NF3cROadwxAutnlJu1GvABptOQ7Aw6sjuYZbegL/iLeAGhPdzAUZEgGFkkF0qCi\r\n37yrtlE7kaBWmPwdiL0c8kImIHO8mj/5uxuRwiJYwC2rLPwjDhV4DrFGtm/0NgO0\r\nJm7VnpCzFyT3wHoKeVt8vKslEQlkrJCNaLcvk6lLbHjdfIgtt161Loj1gZmyMZQi\r\nyjyadoJOTWx5ZzylvB/U2MmA03wf5qDn/NcFyr706xwqksH1miAXuRd5B7lG9jSO\r\n+2fCehfrmGBFVpIWkNVMJEzgx/TbxHTENwKmccs= generated-by-azure\r\n" + } + ] + }, + "provisionVMAgent": true, + "patchSettings": { + "patchMode": "ImageDefault" + } + }, + "secrets": [], + "allowExtensionOperations": true, + "requireGuestProvisionSignal": true + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/stefan/providers/Microsoft.Network/networkInterfaces/stefanvm542" + } + ] + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true + } + }, + "provisioningState": "Succeeded", + "priority": "Spot", + "evictionPolicy": "Deallocate", + "billingProfile": { + "maxPrice": -1.0 + } + }, + "resources": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/STEFAN/providers/Microsoft.Compute/virtualMachines/stefanvm/extensions/CustomScript" + }, + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/STEFAN/providers/Microsoft.Compute/virtualMachines/stefanvm/extensions/OmsAgentForLinux" + } + ] + }, + { + "name": "cctestvm", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", + "type": "Microsoft.Compute/virtualMachines", + "location": "southcentralus", + "tags": { + "testtag": "testvalue", + "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" + }, + "properties": { + "vmId": "f6a6b9b2-9b99-45b0-8a18-025998fc74d0", + "hardwareProfile": { + "vmSize": "Standard_A1_v2" + }, + "storageProfile": { + "imageReference": { + "publisher": "Canonical", + "offer": "UbuntuServer", + "sku": "16.04.0-LTS", + "version": "latest", + "exactVersion": "16.04.202104290" + }, + "osDisk": { + "osType": "Linux", + "name": "cctestvm_OsDisk_1_517889dc284d4327990247d6d933e390", + "createOption": "FromImage", + "caching": "ReadWrite", + "managedDisk": { + "storageAccountType": "Standard_LRS", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_517889dc284d4327990247d6d933e390" + }, + "diskSizeGB": 30 + }, + "dataDisks": [ + { + "lun": 0, + "name": "cctestvm_disk2_c891bbcef098417b9c9eaed9b8af5e86", + "createOption": "Empty", + "caching": "None", + "managedDisk": { + "storageAccountType": "Standard_LRS", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_c891bbcef098417b9c9eaed9b8af5e86" + }, + "diskSizeGB": 1023, + "toBeDetached": false + } + ] + }, + "osProfile": { + "computerName": "vmmilaytvhe7nwq", + "adminUsername": "testuser", + "linuxConfiguration": { + "disablePasswordAuthentication": false, + "patchSettings": { + "patchMode": "ImageDefault" + } + }, + "secrets": [] + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" + } + ] + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true, + "storageUri": "https://milaytvhe7nwqsalinuxvm.blob.core.windows.net/" + } + }, + "provisioningState": "Succeeded" + }, + "resources": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm/extensions/script1" + } + ] + } + ] + } + } + } + }, + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Network?api-version=2020-10-01", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "cache-control": [ + "no-cache" + ], + "content-type": [ + "application/json; charset=utf-8" + ], + "content-length": [ + "106757" + ], + "date": [ + "Mon, 24 May 2021 14:42:05 GMT" + ] + }, + "body": { + "data": { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Network", + "namespace": "Microsoft.Network", + "authorizations": [], + "resourceTypes": [ + { + "resourceType": "virtualNetworks", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "virtualNetworks/taggedTrafficConsumers", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "natGateways", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "publicIPAddresses", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "customIpPrefixes", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "networkInterfaces", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "dscpConfigurations", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "privateEndpoints", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "privateEndpointRedirectMaps", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "loadBalancers", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "networkSecurityGroups", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "applicationSecurityGroups", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "serviceEndpointPolicies", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "networkIntentPolicies", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "routeTables", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "publicIPPrefixes", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "ddosCustomPolicies", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "networkWatchers", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "networkWatchers/connectionMonitors", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "networkWatchers/flowLogs", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "networkWatchers/pingMeshes", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "virtualNetworkGateways", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "localNetworkGateways", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "connections", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "applicationGateways", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "applicationGatewayWebApplicationFirewallPolicies", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/operations", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/operationResults", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/CheckDnsNameAvailability", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/setLoadBalancerFrontendPublicIpAddresses", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/usages", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/virtualNetworkAvailableEndpointServices", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/availableDelegations", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/serviceTags", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/availablePrivateEndpointTypes", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/availableServiceAliases", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/checkPrivateLinkServiceVisibility", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/autoApprovedPrivateLinkServices", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/batchValidatePrivateEndpointsForResourceMove", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/batchNotifyPrivateEndpointsForResourceMove", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/supportedVirtualMachineSizes", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/setAzureNetworkManagerConfiguration", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/getAzureNetworkManagerConfiguration", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/checkAcceleratedNetworkingSupport", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/validateResourceOwnership", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/setResourceOwnership", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/effectiveResourceOwnership", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "operations", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "dnszones", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnsOperationResults", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnsOperationStatuses", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "getDnsResourceReference", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "internalNotify", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/A", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/AAAA", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/CNAME", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/PTR", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/MX", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/TXT", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/SRV", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/SOA", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/NS", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/CAA", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/recordsets", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "dnszones/all", + "apiVersions": [ + "2018-05-01" + ] + }, + { + "resourceType": "privateDnsZones", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/virtualNetworkLinks", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsOperationResults", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsOperationStatuses", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZonesInternal", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/A", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/AAAA", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/CNAME", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/PTR", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/MX", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/TXT", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/SRV", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/SOA", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "privateDnsZones/all", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "virtualNetworks/privateDnsZoneLinks", + "apiVersions": [ + "2020-06-01" + ] + }, + { + "resourceType": "trafficmanagerprofiles", + "apiVersions": [ + "2018-08-01" + ] + }, + { + "resourceType": "trafficmanagerprofiles/heatMaps", + "apiVersions": [ + "2018-08-01" + ] + }, + { + "resourceType": "checkTrafficManagerNameAvailability", + "apiVersions": [ + "2018-08-01" + ] + }, + { + "resourceType": "trafficManagerUserMetricsKeys", + "apiVersions": [ + "2018-08-01" + ] + }, + { + "resourceType": "trafficManagerGeographicHierarchies", + "apiVersions": [ + "2018-08-01" + ] + }, + { + "resourceType": "expressRouteCircuits", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "expressRouteServiceProviders", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "applicationGatewayAvailableWafRuleSets", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "applicationGatewayAvailableSslOptions", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "applicationGatewayAvailableServerVariables", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "applicationGatewayAvailableRequestHeaders", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "applicationGatewayAvailableResponseHeaders", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "routeFilters", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "bgpServiceCommunities", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "virtualWans", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "vpnSites", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "vpnServerConfigurations", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "virtualHubs", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "vpnGateways", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "p2sVpnGateways", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "expressRouteGateways", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "expressRoutePortsLocations", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "firewallPolicies", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "ipGroups", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "azureWebCategories", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/nfvOperations", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/nfvOperationResults", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "securityPartnerProviders", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "azureFirewalls", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "azureFirewallFqdnTags", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "virtualNetworkTaps", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "privateLinkServices", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/privateLinkServices", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "ddosProtectionPlans", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "networkProfiles", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "frontdoorOperationResults", + "apiVersions": [ + "2020-11-01" + ] + }, + { + "resourceType": "checkFrontdoorNameAvailability", + "apiVersions": [ + "2020-07-01" + ] + }, + { + "resourceType": "frontdoors", + "apiVersions": [ + "2020-07-01" + ] + }, + { + "resourceType": "frontdoors/frontendEndpoints", + "apiVersions": [ + "2020-07-01" + ] + }, + { + "resourceType": "frontdoors/frontendEndpoints/customHttpsConfiguration", + "apiVersions": [ + "2020-07-01" + ] + }, + { + "resourceType": "frontdoorWebApplicationFirewallPolicies", + "apiVersions": [ + "2020-11-01" + ] + }, + { + "resourceType": "frontdoorWebApplicationFirewallManagedRuleSets", + "apiVersions": [ + "2020-11-01" + ] + }, + { + "resourceType": "networkExperimentProfiles", + "apiVersions": [ + "2019-11-01" + ] + }, + { + "resourceType": "locations/bareMetalTenants", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "bastionHosts", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "virtualRouters", + "apiVersions": [ + "2020-08-01" + ] + }, + { + "resourceType": "networkVirtualAppliances", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "ipAllocations", + "apiVersions": [ + "2021-02-01" + ] + }, + { + "resourceType": "locations/commitInternalAzureNetworkManagerConfiguration", + "apiVersions": [ + "2021-02-01-preview" + ] + }, + { + "resourceType": "locations/internalAzureVirtualNetworkManagerOperation", + "apiVersions": [ + "2021-02-01-preview" + ] + }, + { + "resourceType": "networkVirtualApplianceSkus", + "apiVersions": [ + "2021-02-01" + ] + } + ], + "registrationState": "Registered", + "registrationPolicy": "RegistrationRequired" + } + } + } + }, + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic?api-version=2021-02-01", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "etag": [ + "W/\"a503bdac-e13b-40f9-8427-aeab2e49b658\"" + ], + "cache-control": [ + "no-cache" + ], + "content-type": [ + "application/json; charset=utf-8" + ], + "date": [ + "Mon, 24 May 2021 14:42:06 GMT" + ], + "x-ms-arm-service-request-id": [ + "7840009a-2855-488b-a294-cf2dafcf98da" + ], + "content-length": [ + "2046" + ] + }, + "body": { + "data": { + "name": "myVMNic", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic", + "etag": "W/\"a503bdac-e13b-40f9-8427-aeab2e49b658\"", + "location": "southcentralus", + "properties": { + "provisioningState": "Succeeded", + "resourceGuid": "d338d82c-9b34-4003-a6b4-89b64ec322d8", + "ipConfigurations": [ + { + "name": "ipconfig1", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic/ipConfigurations/ipconfig1", + "etag": "W/\"a503bdac-e13b-40f9-8427-aeab2e49b658\"", + "type": "Microsoft.Network/networkInterfaces/ipConfigurations", + "properties": { + "provisioningState": "Succeeded", + "privateIPAddress": "10.0.0.4", + "privateIPAllocationMethod": "Dynamic", + "publicIPAddress": { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/publicIPAddresses/myPublicIP" + }, + "subnet": { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/virtualNetworks/MyVNET/subnets/Subnet" + }, + "primary": true, + "privateIPAddressVersion": "IPv4" + } + } + ], + "dnsSettings": { + "dnsServers": [], + "appliedDnsServers": [], + "internalDomainNameSuffix": "ao3dggu3qctennig2a434hofsf.jx.internal.cloudapp.net" + }, + "macAddress": "00-0D-3A-EF-1C-8C", + "enableAcceleratedNetworking": false, + "enableIPForwarding": false, + "primary": true, + "virtualMachine": { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/virtualMachines/cctestvm" + }, + "hostedWorkloads": [], + "tapConfigurations": [], + "nicType": "Standard" + }, + "type": "Microsoft.Network/networkInterfaces" + } + } + } + } + ] } \ No newline at end of file diff --git a/tools/c7n_azure/tests_azure/cassettes/VMTest.virtual_machine_tags.json b/tools/c7n_azure/tests_azure/cassettes/VMTest.virtual_machine_tags.json new file mode 100644 index 00000000000..a557d18ec3f --- /dev/null +++ b/tools/c7n_azure/tests_azure/cassettes/VMTest.virtual_machine_tags.json @@ -0,0 +1,406 @@ +{ + "version": 1, + "interactions": [ + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Compute/virtualMachines?api-version=2020-12-01", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "x-ms-original-request-ids": [ + "a123c795-4d10-49bd-a0e5-30eae437eccd", + "df32c994-5a91-482c-a475-b49fbd400adf" + ], + "date": [ + "Mon, 24 May 2021 14:43:19 GMT" + ], + "content-type": [ + "application/json; charset=utf-8" + ], + "cache-control": [ + "no-cache" + ], + "content-length": [ + "7019" + ] + }, + "body": { + "data": { + "value": [ + { + "name": "cctestvm", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", + "type": "Microsoft.Compute/virtualMachines", + "location": "southcentralus", + "tags": { + "testtag": "testvalue", + "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" + }, + "properties": { + "vmId": "f6a6b9b2-9b99-45b0-8a18-025998fc74d0", + "hardwareProfile": { + "vmSize": "Standard_A1_v2" + }, + "storageProfile": { + "imageReference": { + "publisher": "Canonical", + "offer": "UbuntuServer", + "sku": "16.04.0-LTS", + "version": "latest", + "exactVersion": "16.04.202104290" + }, + "osDisk": { + "osType": "Linux", + "name": "cctestvm_OsDisk_1_517889dc284d4327990247d6d933e390", + "createOption": "FromImage", + "caching": "ReadWrite", + "managedDisk": { + "storageAccountType": "Standard_LRS", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_517889dc284d4327990247d6d933e390" + }, + "diskSizeGB": 30 + }, + "dataDisks": [ + { + "lun": 0, + "name": "cctestvm_disk2_c891bbcef098417b9c9eaed9b8af5e86", + "createOption": "Empty", + "caching": "None", + "managedDisk": { + "storageAccountType": "Standard_LRS", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_c891bbcef098417b9c9eaed9b8af5e86" + }, + "diskSizeGB": 1023, + "toBeDetached": false + } + ] + }, + "osProfile": { + "computerName": "vmmilaytvhe7nwq", + "adminUsername": "testuser", + "linuxConfiguration": { + "disablePasswordAuthentication": false, + "patchSettings": { + "patchMode": "ImageDefault" + } + }, + "secrets": [] + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" + } + ] + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true, + "storageUri": "https://milaytvhe7nwqsalinuxvm.blob.core.windows.net/" + } + }, + "provisioningState": "Succeeded" + }, + "resources": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm/extensions/script1" + } + ] + } + ] + } + } + } + }, + { + "request": { + "method": "GET", + "uri": "https://management.azure.com/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/providers/Microsoft.Compute/virtualMachines?api-version=2020-12-01", + "body": null, + "headers": {} + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "x-ms-original-request-ids": [ + "3129ed5e-c6b0-4b72-9de8-810c93621251", + "2bef5201-70d5-4348-844b-07bee330503c" + ], + "date": [ + "Mon, 24 May 2021 14:43:22 GMT" + ], + "content-type": [ + "application/json; charset=utf-8" + ], + "cache-control": [ + "no-cache" + ], + "content-length": [ + "7019" + ] + }, + "body": { + "data": { + "value": [ + { + "name": "erinvm", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/ERIN/providers/Microsoft.Compute/virtualMachines/erinvm", + "type": "Microsoft.Compute/virtualMachines", + "location": "centralus", + "tags": { + "Function": "Works" + }, + "properties": { + "vmId": "03934a52-9025-44fa-b7d6-29a43d21fd3a", + "hardwareProfile": { + "vmSize": "Standard_B1ls" + }, + "storageProfile": { + "imageReference": { + "publisher": "Canonical", + "offer": "UbuntuServer", + "sku": "18.04-LTS", + "version": "latest", + "exactVersion": "18.04.202101290" + }, + "osDisk": { + "osType": "Linux", + "name": "erinvm_OsDisk_1_426c2bbdcfa94699a7461c1bf6e843f6", + "createOption": "FromImage", + "caching": "ReadWrite", + "managedDisk": { + "storageAccountType": "Premium_LRS", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/erin/providers/Microsoft.Compute/disks/erinvm_OsDisk_1_426c2bbdcfa94699a7461c1bf6e843f6" + }, + "diskSizeGB": 30 + }, + "dataDisks": [] + }, + "osProfile": { + "computerName": "erinvm", + "adminUsername": "azureuser", + "linuxConfiguration": { + "disablePasswordAuthentication": true, + "ssh": { + "publicKeys": [ + { + "path": "/home/azureuser/.ssh/authorized_keys", + "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCrwvuw0D6bumrQ29hMlXevFuhn\r\nzqZKh7yVwqXCFpJt4nsvmDL4GbdZuaIcZUU2omHJM8UlW9I1ar+IuDO9u9CZuok7\r\n/6KpZn5/C5TvTt69BvqvP1eMldCWk6FAxKjxICjqHwr9a/KJWe9zCziEKUBR/nCf\r\nU/05NDGwkttVyqcaeogG3f8MKnOmzrkKudVUvuUDoFXtypaJkDs6Veoax3YqkZ//\r\nlmbtyHCc1IhC7Wl97RFmHHc6521nyxPXCHQHDGhRMrtAOXV+OQwa9hk2RnYlPnoJ\r\nECZ/LpKJpOjpEb8AoQB55Zu0itZwohXYAnvXF+sb1xe23WV67zakwaq0+ljMGGk7\r\ngL/0FdmC76jVy40t+EMS3jagRzOjIoqdzZH/g0sqNeUvtG9VdA/uPwUqn64ZRsvB\r\nNGXPLf2G02S6UvRFqCFO2ilVgS1Wr/S0fkNcjE3wghkwgqXcB3lVkefzfN9U241t\r\nsl/ueBVtE5WOSfzIJ3B5t3FJwuO/oYFepAn/G0c= generated-by-azure\r\n" + } + ] + }, + "provisionVMAgent": true, + "patchSettings": { + "patchMode": "ImageDefault" + } + }, + "secrets": [], + "allowExtensionOperations": true, + "requireGuestProvisionSignal": true + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/erin/providers/Microsoft.Network/networkInterfaces/erinvm761" + } + ] + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true + } + }, + "provisioningState": "Succeeded" + }, + "zones": [ + "1" + ], + "resources": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/ERIN/providers/Microsoft.Compute/virtualMachines/erinvm/extensions/OmsAgentForLinux" + } + ] + }, + { + "name": "stefanvm", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/STEFAN/providers/Microsoft.Compute/virtualMachines/stefanvm", + "type": "Microsoft.Compute/virtualMachines", + "location": "centralus", + "identity": { + "type": "SystemAssigned", + "principalId": "513cf7d8-7f02-4edb-a66c-eeff06b63ac4", + "tenantId": "00000000-0000-0000-0000-000000000003" + }, + "properties": { + "vmId": "078f2d6a-5ad8-4061-98de-cef497cf0fcc", + "hardwareProfile": { + "vmSize": "Standard_D2s_v3" + }, + "storageProfile": { + "imageReference": { + "publisher": "canonical", + "offer": "0001-com-ubuntu-server-focal", + "sku": "20_04-lts", + "version": "latest", + "exactVersion": "20.04.202105130" + }, + "osDisk": { + "osType": "Linux", + "name": "stefanvm_OsDisk_1_d74edd8dc091445c95c343aa26d8d3b0", + "createOption": "FromImage", + "caching": "ReadWrite", + "managedDisk": { + "storageAccountType": "Premium_LRS", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/stefan/providers/Microsoft.Compute/disks/stefanvm_OsDisk_1_d74edd8dc091445c95c343aa26d8d3b0" + }, + "diskSizeGB": 30 + }, + "dataDisks": [] + }, + "osProfile": { + "computerName": "stefanvm", + "adminUsername": "stefangordon", + "linuxConfiguration": { + "disablePasswordAuthentication": true, + "ssh": { + "publicKeys": [ + { + "path": "/home/stefangordon/.ssh/authorized_keys", + "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDS/HbjMl4A7hiflAY+h0ZKf5QJ\r\nbl8L5mZ+0BNX9K8U2FxzigeNvwmnNnSVOBcReSE1d4MK8b89+zj6YiLBqj+sbdPN\r\nEqdFvnfinEIODlSojoDGPGeS2TLYqA+74hs24mzDw/7M5DhEkP+5MiNTQ/+mL+EJ\r\n9mcGL3LC0WweCNsavX/qopy7BydmznEyIcBXUqfanq1PxwxrWhmHFK649XOooplZ\r\n+NF3cROadwxAutnlJu1GvABptOQ7Aw6sjuYZbegL/iLeAGhPdzAUZEgGFkkF0qCi\r\n37yrtlE7kaBWmPwdiL0c8kImIHO8mj/5uxuRwiJYwC2rLPwjDhV4DrFGtm/0NgO0\r\nJm7VnpCzFyT3wHoKeVt8vKslEQlkrJCNaLcvk6lLbHjdfIgtt161Loj1gZmyMZQi\r\nyjyadoJOTWx5ZzylvB/U2MmA03wf5qDn/NcFyr706xwqksH1miAXuRd5B7lG9jSO\r\n+2fCehfrmGBFVpIWkNVMJEzgx/TbxHTENwKmccs= generated-by-azure\r\n" + } + ] + }, + "provisionVMAgent": true, + "patchSettings": { + "patchMode": "ImageDefault" + } + }, + "secrets": [], + "allowExtensionOperations": true, + "requireGuestProvisionSignal": true + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/stefan/providers/Microsoft.Network/networkInterfaces/stefanvm542" + } + ] + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true + } + }, + "provisioningState": "Succeeded", + "priority": "Spot", + "evictionPolicy": "Deallocate", + "billingProfile": { + "maxPrice": -1.0 + } + }, + "resources": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/STEFAN/providers/Microsoft.Compute/virtualMachines/stefanvm/extensions/CustomScript" + }, + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/STEFAN/providers/Microsoft.Compute/virtualMachines/stefanvm/extensions/OmsAgentForLinux" + } + ] + }, + { + "name": "cctestvm", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm", + "type": "Microsoft.Compute/virtualMachines", + "location": "southcentralus", + "tags": { + "testtag": "testvalue", + "schedule": "on=(M-U,8);off=(M-U,18);tz=pt" + }, + "properties": { + "vmId": "f6a6b9b2-9b99-45b0-8a18-025998fc74d0", + "hardwareProfile": { + "vmSize": "Standard_A1_v2" + }, + "storageProfile": { + "imageReference": { + "publisher": "Canonical", + "offer": "UbuntuServer", + "sku": "16.04.0-LTS", + "version": "latest", + "exactVersion": "16.04.202104290" + }, + "osDisk": { + "osType": "Linux", + "name": "cctestvm_OsDisk_1_517889dc284d4327990247d6d933e390", + "createOption": "FromImage", + "caching": "ReadWrite", + "managedDisk": { + "storageAccountType": "Standard_LRS", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_OsDisk_1_517889dc284d4327990247d6d933e390" + }, + "diskSizeGB": 30 + }, + "dataDisks": [ + { + "lun": 0, + "name": "cctestvm_disk2_c891bbcef098417b9c9eaed9b8af5e86", + "createOption": "Empty", + "caching": "None", + "managedDisk": { + "storageAccountType": "Standard_LRS", + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Compute/disks/cctestvm_disk2_c891bbcef098417b9c9eaed9b8af5e86" + }, + "diskSizeGB": 1023, + "toBeDetached": false + } + ] + }, + "osProfile": { + "computerName": "vmmilaytvhe7nwq", + "adminUsername": "testuser", + "linuxConfiguration": { + "disablePasswordAuthentication": false, + "patchSettings": { + "patchMode": "ImageDefault" + } + }, + "secrets": [] + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/test_vm/providers/Microsoft.Network/networkInterfaces/myVMNic" + } + ] + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true, + "storageUri": "https://milaytvhe7nwqsalinuxvm.blob.core.windows.net/" + } + }, + "provisioningState": "Succeeded" + }, + "resources": [ + { + "id": "/subscriptions/ea42f556-5106-4743-99b0-c129bfa71a47/resourceGroups/TEST_VM/providers/Microsoft.Compute/virtualMachines/cctestvm/extensions/script1" + } + ] + } + ] + } + } + } + } + ] +} \ No newline at end of file diff --git a/tools/c7n_azure/tests_azure/templates/sqlserver.json b/tools/c7n_azure/tests_azure/templates/sqlserver.json index 8788c282adc..774795c9184 100644 --- a/tools/c7n_azure/tests_azure/templates/sqlserver.json +++ b/tools/c7n_azure/tests_azure/templates/sqlserver.json @@ -40,6 +40,18 @@ "zoneRedundant": false }, "resources": [ + { + "comments": "Transparent Data Encryption", + "name": "current", + "type": "transparentDataEncryption", + "apiVersion": "2017-03-01-preview", + "properties": { + "status": "Enabled" + }, + "dependsOn": [ + "[resourceId('Microsoft.Sql/servers/databases', parameters('servers_cctestsqlserver_name'), 'cctestdb')]" + ] + }, { "name": "default", "type": "backupShortTermRetentionPolicies", diff --git a/tools/c7n_azure/tests_azure/templates/vm.json b/tools/c7n_azure/tests_azure/templates/vm.json index 77ae873a03c..d72424790bc 100644 --- a/tools/c7n_azure/tests_azure/templates/vm.json +++ b/tools/c7n_azure/tests_azure/templates/vm.json @@ -145,7 +145,32 @@ } } } + }, + { + "name": "[concat(variables('vmName'), '/script1')]", + "type": "Microsoft.Compute/virtualMachines/extensions", + "location": "[resourceGroup().location]", + "apiVersion": "2019-03-01", + "dependsOn": [ + "[concat('Microsoft.Compute/virtualMachines/', concat(variables('vmName')))]" + ], + "tags": { + "displayName": "config-app" + }, + "properties": { + "publisher": "Microsoft.Azure.Extensions", + "type": "CustomScript", + "typeHandlerVersion": "2.1", + "autoUpgradeMinorVersion": true, + "settings": { + "skipDos2Unix":false, + "timestamp":123456789 + }, + "protectedSettings": { + "commandToExecute": "echo foo" + } } + } ], "outputs": { "hostname": { diff --git a/tools/c7n_azure/tests_azure/test_resource_graph_source.py b/tools/c7n_azure/tests_azure/test_resource_graph_source.py index efea969be2f..acc3f49c6bb 100644 --- a/tools/c7n_azure/tests_azure/test_resource_graph_source.py +++ b/tools/c7n_azure/tests_azure/test_resource_graph_source.py @@ -57,7 +57,9 @@ def test_resource_graph_and_arm_sources_storage_are_equivalent(self): resources_resource_graph = json.loads(json.dumps(p2.run()[0])) - self.assertTrue(resource_cmp(resources_arm, resources_resource_graph)) + self.assertTrue(resource_cmp(resources_arm, + resources_resource_graph, + ignore_properties=['keyCreationTime'])) @arm_template('vm.json') def test_resource_graph_and_arm_sources_vm_are_equivalent(self): @@ -108,7 +110,8 @@ def resource_cmp(res1, res2, ignore_properties=[]): if isinstance(res1, dict): for prop in res1: if prop not in ignore_properties and \ - (prop not in res2 or not resource_cmp(res1[prop], res2[prop])): + (prop not in res2 or not resource_cmp( + res1[prop], res2[prop], ignore_properties)): return False elif isinstance(res1, list): @@ -116,7 +119,7 @@ def resource_cmp(res1, res2, ignore_properties=[]): return False for item1, item2 in zip(res1, res2): - if not resource_cmp(item1, item2): + if not resource_cmp(item1, item2, ignore_properties): return False elif isinstance(res1, str): diff --git a/tools/c7n_azure/tests_azure/test_session.py b/tools/c7n_azure/tests_azure/test_session.py index 4eb7c3c6fde..38364e02fb4 100644 --- a/tools/c7n_azure/tests_azure/test_session.py +++ b/tools/c7n_azure/tests_azure/test_session.py @@ -14,7 +14,7 @@ from c7n_azure.session import Session from mock import patch from msrest.exceptions import AuthenticationError -from msrestazure.azure_cloud import AZURE_CHINA_CLOUD +from msrestazure.azure_cloud import (AZURE_CHINA_CLOUD, AZURE_US_GOV_CLOUD) from requests import HTTPError from .azure_common import DEFAULT_SUBSCRIPTION_ID, DEFAULT_TENANT_ID, BaseTest @@ -275,6 +275,20 @@ def test_get_client_non_default_base_url(self): client = s.client('azure.mgmt.resource.ResourceManagementClient') self.assertEqual(AZURE_CHINA_CLOUD.endpoints.resource_manager, client._client._base_url) + self.assertEqual(AZURE_CHINA_CLOUD.endpoints.management + ".default", + client._client._config.credential_scopes[0]) + + # This test won't run with real credentials unless the + # tenant is actually in Azure US Government + @pytest.mark.skiplive + def test_get_client_us_gov(self): + """Verify we are setting the correct credential scope for us government""" + s = Session(cloud_endpoints=AZURE_US_GOV_CLOUD) + client = s.client('azure.mgmt.resource.ResourceManagementClient') + self.assertEqual(AZURE_US_GOV_CLOUD.endpoints.resource_manager, + client._client._base_url) + self.assertEqual(AZURE_US_GOV_CLOUD.endpoints.management + ".default", + client._client._config.credential_scopes[0]) @patch('c7n_azure.utils.get_keyvault_secret', return_value='{}') def test_compare_auth_params(self, _1): diff --git a/tools/c7n_azure/tests_azure/tests_resources/test_resourcegroup.py b/tools/c7n_azure/tests_azure/tests_resources/test_resourcegroup.py index 56f52379132..bbdc3cad198 100644 --- a/tools/c7n_azure/tests_azure/tests_resources/test_resourcegroup.py +++ b/tools/c7n_azure/tests_azure/tests_resources/test_resourcegroup.py @@ -1,6 +1,9 @@ # Copyright The Cloud Custodian Authors. # SPDX-License-Identifier: Apache-2.0 from ..azure_common import BaseTest, arm_template +from c7n_azure.session import Session +from c7n.utils import local_session +from mock import patch class ResourceGroupTest(BaseTest): @@ -10,7 +13,7 @@ def setUp(self): def test_resource_group_schema_validate(self): with self.sign_out_patch(): p = self.load_policy({ - 'name': 'test-resource-group', + 'name': 'test-azure-resource-group', 'resource': 'azure.resourcegroup', 'filters': [ {'type': 'empty-group'} @@ -35,3 +38,26 @@ def test_empty_group(self): resources = p.run() self.assertEqual(len(resources), 1) self.assertEqual(resources[0]['name'], 'test_emptyrg') + + @arm_template('emptyrg.json') + def test_delete_resource_group(self): + with patch(self._get_mgmt_client_string() + '.begin_delete') \ + as begin_delete_mock: + p = self.load_policy({ + 'name': 'test-azure-resource-group', + 'resource': 'azure.resourcegroup', + 'filters': [ + {'type': 'value', + 'key': 'name', + 'op': 'eq', + 'value': 'test_emptyrg'}], + 'actions': [ + {'type': 'delete'}]}) + p.run() + + begin_delete_mock.assert_called() + + def _get_mgmt_client_string(self): + client = local_session(Session) \ + .client('azure.mgmt.resource.ResourceManagementClient').resource_groups + return client.__module__ + '.' + client.__class__.__name__ diff --git a/tools/c7n_azure/tests_azure/tests_resources/test_sqldatabase.py b/tools/c7n_azure/tests_azure/tests_resources/test_sqldatabase.py index 305427fd0f0..1b70ae61a5a 100644 --- a/tools/c7n_azure/tests_azure/tests_resources/test_sqldatabase.py +++ b/tools/c7n_azure/tests_azure/tests_resources/test_sqldatabase.py @@ -102,6 +102,42 @@ def test_resize_action(self, update_mock): self.assertEqual('cctestdb', args[2]) self.assertEqual(expected_db_update, args[3]) + def test_data_encryption_filter(self): + p = self.load_policy({ + 'name': 'test-azure-sql-database', + 'resource': 'azure.sql-database', + 'filters': [ + { + 'type': 'value', + 'key': 'name', + 'value': 'cctestdb' + }, + { + 'type': 'transparent-data-encryption', + 'enabled': True + }], + }) + resources = p.run() + self.assertEqual(1, len(resources)) + + def test_data_masking_filter(self): + p = self.load_policy({ + 'name': 'test-azure-sql-database', + 'resource': 'azure.sql-database', + 'filters': [ + { + 'type': 'value', + 'key': 'name', + 'value': 'cctestdb' + }, + { + 'type': 'data-masking-policy', + 'enabled': False + }], + }) + resources = p.run() + self.assertEqual(1, len(resources)) + class ShortTermBackupRetentionPolicyFilterTest(BaseTest): diff --git a/tools/c7n_azure/tests_azure/tests_resources/test_sqlserver.py b/tools/c7n_azure/tests_azure/tests_resources/test_sqlserver.py index 8ae51d53f55..cfc5366299f 100644 --- a/tools/c7n_azure/tests_azure/tests_resources/test_sqlserver.py +++ b/tools/c7n_azure/tests_azure/tests_resources/test_sqlserver.py @@ -257,6 +257,50 @@ def test_firewall_bypass(self): resources = p.run() self.assertEqual(1, len(resources)) + @cassette_name('administrators') + def test_administrators_filter(self): + """ + It is not practical to programmatically assign AD + users/administrators for testing, but a test for missing + administrator still verifies most of the code. + """ + p = self.load_policy({ + 'name': 'test-azure-sql-server', + 'resource': 'azure.sqlserver', + 'filters': [ + {'type': 'value', + 'key': 'name', + 'op': 'glob', + 'value_type': 'normalize', + 'value': 'cctestsqlserver*'}, + {'type': 'azure-ad-administrators', + 'key': 'login', + 'value': 'absent'}], + }) + resources = p.run() + self.assertEqual(1, len(resources)) + + @cassette_name('vulnerability-scan') + def test_vulnerability_filter(self): + """ + Vulnerability scans require expensive account level defender + subscriptions so we'll only test the negative here. + """ + p = self.load_policy({ + 'name': 'test-azure-sql-server', + 'resource': 'azure.sqlserver', + 'filters': [ + {'type': 'value', + 'key': 'name', + 'op': 'glob', + 'value_type': 'normalize', + 'value': 'cctestsqlserver*'}, + {'type': 'vulnerability-assessment', + 'enabled': False}], + }) + resources = p.run() + self.assertEqual(1, len(resources)) + class SQLServerFirewallFilterTest(BaseTest): diff --git a/tools/c7n_azure/tests_azure/tests_resources/test_vm.py b/tools/c7n_azure/tests_azure/tests_resources/test_vm.py index f497319ea20..12aba457854 100644 --- a/tools/c7n_azure/tests_azure/tests_resources/test_vm.py +++ b/tools/c7n_azure/tests_azure/tests_resources/test_vm.py @@ -3,7 +3,7 @@ import datetime from azure.mgmt.compute.models import HardwareProfile, VirtualMachineUpdate -from ..azure_common import BaseTest, arm_template +from ..azure_common import BaseTest, arm_template, cassette_name from c7n_azure.session import Session from dateutil import tz as tzutils from mock import patch @@ -41,6 +41,28 @@ def test_validate_vm_schemas(self): self.assertTrue(p) @arm_template('vm.json') + @cassette_name('virtual_machine_extensions') + def test_vm_extensions_filter(self): + p = self.load_policy({ + 'name': 'test-azure-vm-extensions', + 'resource': 'azure.vm', + 'filters': [ + {'type': 'value', + 'key': 'name', + 'op': 'eq', + 'value_type': 'normalize', + 'value': 'cctestvm'}, + {'type': 'vm-extensions', + 'key': '[].properties.type', + 'op': 'in', + 'value_type': 'swap', + 'value': 'CustomScript'}], + }) + resources = p.run() + self.assertEqual(len(resources), 1) + + @arm_template('vm.json') + @cassette_name('virtual_machine') def test_find_by_name(self): p = self.load_policy({ 'name': 'test-azure-vm', @@ -56,6 +78,7 @@ def test_find_by_name(self): self.assertEqual(len(resources), 1) @arm_template('vm.json') + @cassette_name('virtual_machine_instance') def test_find_running(self): p = self.load_policy({ 'name': 'test-azure-vm', @@ -81,6 +104,7 @@ def test_find_running(self): }] @arm_template('vm.json') + @cassette_name('virtual_machine') @patch('c7n_azure.resources.vm.InstanceViewFilter.process', return_value=fake_running_vms) def test_stop(self, filter_mock): with patch(self._get_vm_client_string() + '.begin_deallocate') as stop_action_mock: @@ -108,6 +132,7 @@ def test_stop(self, filter_mock): self.fake_running_vms[0]['name']) @arm_template('vm.json') + @cassette_name('virtual_machine') @patch('c7n_azure.resources.vm.InstanceViewFilter.process', return_value=fake_running_vms) def test_poweroff(self, filter_mock): with patch(self._get_vm_client_string() + '.begin_power_off') as poweroff_action_mock: @@ -137,6 +162,7 @@ def test_poweroff(self, filter_mock): ) @arm_template('vm.json') + @cassette_name('virtual_machine') @patch('c7n_azure.resources.vm.InstanceViewFilter.process', return_value=fake_running_vms) def test_start(self, filter_mock): with patch(self._get_vm_client_string() + '.begin_start') as start_action_mock: @@ -165,6 +191,7 @@ def test_start(self, filter_mock): self.fake_running_vms[0]['name']) @arm_template('vm.json') + @cassette_name('virtual_machine') @patch('c7n_azure.resources.vm.InstanceViewFilter.process', return_value=fake_running_vms) def test_restart(self, filter_mock): with patch(self._get_vm_client_string() + '.begin_restart') as restart_action_mock: @@ -192,6 +219,7 @@ def test_restart(self, filter_mock): self.fake_running_vms[0]['name']) @arm_template('vm.json') + @cassette_name('virtual_machine') @patch('c7n_azure.resources.vm.InstanceViewFilter.process', return_value=fake_running_vms) def test_resize(self, resize_action_mock): with patch(self._get_vm_client_string() + '.begin_update') as resize_action_mock: @@ -220,6 +248,7 @@ def test_resize(self, resize_action_mock): ) @arm_template('vm.json') + @cassette_name('virtual_machine') @patch('c7n_azure.resources.vm.InstanceViewFilter.process', return_value=fake_running_vms) @patch('c7n_azure.actions.delete.DeleteAction.process', return_value='') def test_delete(self, delete_action_mock, filter_mock): @@ -246,6 +275,7 @@ def test_delete(self, delete_action_mock, filter_mock): delete_action_mock.assert_called_with(self.fake_running_vms) @arm_template('vm.json') + @cassette_name('virtual_machine_interface') def test_find_vm_with_public_ip(self): p = self.load_policy({ @@ -285,6 +315,7 @@ def test_find_vm_with_public_ip(self): self.assertEqual(len(resources), 0) @arm_template('vm.json') + @cassette_name('virtual_machine_tags') def test_on_off_hours(self): t = datetime.datetime.now(tzutils.gettz("pt")) diff --git a/tools/c7n_gcp/c7n_gcp/client.py b/tools/c7n_gcp/c7n_gcp/client.py index e39d1f2a0ac..1fd418b096b 100644 --- a/tools/c7n_gcp/c7n_gcp/client.py +++ b/tools/c7n_gcp/c7n_gcp/client.py @@ -175,7 +175,8 @@ def __init__(self, if not credentials: # Only share the http object when using the default credentials. self._use_cached_http = True - credentials, _ = google.auth.default() + credentials, _ = google.auth.default(quota_project_id=project_id or + get_default_project()) self._credentials = with_scopes_if_required(credentials, list(CLOUD_SCOPES)) if use_rate_limiter: self._rate_limiter = RateLimiter(max_calls=quota_max_calls, diff --git a/tools/c7n_gcp/c7n_gcp/filters/__init__.py b/tools/c7n_gcp/c7n_gcp/filters/__init__.py index 13ef73156c3..42c92a7e540 100644 --- a/tools/c7n_gcp/c7n_gcp/filters/__init__.py +++ b/tools/c7n_gcp/c7n_gcp/filters/__init__.py @@ -1,3 +1,5 @@ # Copyright The Cloud Custodian Authors. # SPDX-License-Identifier: Apache-2.0 # +from .metrics import GCPMetricsFilter +from .sccfindings import SecurityComandCenterFindingsFilter diff --git a/tools/c7n_gcp/c7n_gcp/filters/metrics.py b/tools/c7n_gcp/c7n_gcp/filters/metrics.py new file mode 100644 index 00000000000..0c9f9599e61 --- /dev/null +++ b/tools/c7n_gcp/c7n_gcp/filters/metrics.py @@ -0,0 +1,224 @@ +# Copyright The Cloud Custodian Authors. +# SPDX-License-Identifier: Apache-2.0 +""" +Monitoring Metrics suppport for resources +""" +from datetime import datetime, timedelta +import pytz + +import jmespath + +from c7n.filters.core import Filter, OPERATORS, FilterValidationError +from c7n.utils import local_session, type_schema + +from c7n_gcp.provider import resources as gcp_resources + +REDUCERS = [ + 'REDUCE_NONE', + 'REDUCE_MEAN', + 'REDUCE_MIN', + 'REDUCE_MAX', + 'REDUCE_MEAN', + 'REDUCE_SUM', + 'REDUCE_STDDEV', + 'REDUCE_COUNT', + 'REDUCE_COUNT_TRUE', + 'REDUCE_COUNT_FALSE', + 'REDUCE_FRACTION_TRUE', + 'REDUCE_PERCENTILE_99', + 'REDUCE_PERCENTILE_95', + 'REDUCE_PERCENTILE_50', + 'REDUCE_PERCENTILE_05'] + +ALIGNERS = [ + 'ALIGN_NONE', + 'ALIGN_DELTA', + 'ALIGN_RATE', + 'ALIGN_INTERPOLATE', + 'ALIGN_MIN', + 'ALIGN_MAX', + 'ALIGN_MEAN', + 'ALIGN_COUNT', + 'ALIGN_SUM', + 'REDUCE_COUNT_FALSE', + 'ALIGN_STDDEV', + 'ALIGN_COUNT_TRUE', + 'ALIGN_COUNT_FALSE', + 'ALIGN_FRACTION_TRUE', + 'ALIGN_PERCENTILE_99', + 'ALIGN_PERCENTILE_95', + 'ALIGN_PERCENTILE_50', + 'ALIGN_PERCENTILE_05', + 'ALIGN_PERCENT_CHANG'] + +BATCH_SIZE = 10000 + + +class GCPMetricsFilter(Filter): + """Supports metrics filters on resources. + + All resources that have cloud watch metrics are supported. + + Docs on cloud watch metrics + + - Google Supported Metrics + https://cloud.google.com/monitoring/api/metrics_gcp + + - Custom Metrics + https://cloud.google.com/monitoring/api/v3/metric-model#intro-custom-metrics + + .. code-block:: yaml + + - name: firewall-hit-count + resource: gcp.firewall + filters: + - type: metrics + name: firewallinsights.googleapis.com/subnet/firewall_hit_count + resource-key: name + aligner: ALIGN_COUNT + days: 14 + value: 1 + op: greater-than + """ + + schema = type_schema( + 'metrics', + **{'name': {'type': 'string'}, + 'resource-key': {'type': 'string'}, + 'metric-key': {'type': 'string'}, + 'group-by-fields': {'type': 'array', 'items': {'type': 'string'}}, + 'days': {'type': 'number'}, + 'op': {'type': 'string', 'enum': list(OPERATORS.keys())}, + 'reducer': {'type': 'string', 'enum': REDUCERS}, + 'aligner': {'type': 'string', 'enum': ALIGNERS}, + 'value': {'type': 'number'}, + 'filter': {'type': 'string'}, + 'missing-value': {'type': 'number'}, + 'required': ('value', 'name', 'op')}) + permissions = ("monitoring.timeSeries.list",) + + def validate(self): + if not self.data.get('metric-key') and \ + not hasattr(self.manager.resource_type, 'metric_key'): + raise FilterValidationError("metric-key not defined for resource %s," + "so must be provided in the policy" % (self.manager.type)) + return self + + def process(self, resources, event=None): + days = self.data.get('days', 14) + duration = timedelta(days) + + self.metric = self.data['name'] + self.resource_key = self.data.get('resource-key', self.manager.resource_type.name) + self.metric_key = self.data.get('metric-key', self.manager.resource_type.metric_key) + self.aligner = self.data.get('aligner', 'ALIGN_NONE') + self.reducer = self.data.get('reducer', 'REDUCE_NONE') + self.group_by_fields = self.data.get('group-by-fields', []) + self.missing_value = self.data.get('missing-value') + self.end = datetime.now(pytz.timezone('UTC')) + self.start = self.end - duration + self.period = str((self.end - self.start).total_seconds()) + 's' + self.resource_metric_dict = {} + self.op = OPERATORS[self.data.get('op', 'less-than')] + self.value = self.data['value'] + self.filter = self.data.get('filter', '') + self.c7n_metric_key = "%s.%s.%s" % (self.metric, self.aligner, self.reducer) + + session = local_session(self.manager.session_factory) + client = session.client("monitoring", "v3", "projects.timeSeries") + project = session.get_default_project() + + time_series_data = [] + for batched_filter in self.get_batched_query_filter(resources): + query_params = { + 'filter': batched_filter, + 'interval_startTime': self.start.isoformat(), + 'interval_endTime': self.end.isoformat(), + 'aggregation_alignmentPeriod': self.period, + "aggregation_perSeriesAligner": self.aligner, + "aggregation_crossSeriesReducer": self.reducer, + "aggregation_groupByFields": self.group_by_fields, + 'view': 'FULL' + } + metric_list = client.execute_query('list', + {'name': 'projects/' + project, **query_params}) + time_series_data.extend(metric_list.get('timeSeries', [])) + + if not time_series_data: + self.log.info("No metrics found for {}".format(self.c7n_metric_key)) + return [] + + self.split_by_resource(time_series_data) + matched = [r for r in resources if self.process_resource(r)] + + return matched + + def batch_resources(self, resources): + if not resources: + return [] + + batched_resources = [] + + resource_filter = [] + batch_size = len(self.filter) + for r in resources: + resource_name = jmespath.search(self.resource_key, r) + resource_filter_item = '{} = "{}"'.format(self.metric_key, resource_name) + resource_filter.append(resource_filter_item) + resource_filter.append(' OR ') + batch_size += len(resource_filter_item) + 4 + + if batch_size >= BATCH_SIZE: + resource_filter.pop() + batched_resources.append(resource_filter) + resource_filter = [] + batch_size = len(self.filter) + + resource_filter.pop() + batched_resources.append(resource_filter) + return batched_resources + + def get_batched_query_filter(self, resources): + batched_filters = [] + metric_filter_type = 'metric.type = "{}" AND ( '.format(self.metric) + user_filter = '' + if self.filter: + user_filter = " AND " + self.filter + + for batch in self.batch_resources(resources): + batched_filters.append(''.join([ + metric_filter_type, + ''.join(batch), + ' ) ', + user_filter + ])) + return batched_filters + + def split_by_resource(self, metric_list): + for m in metric_list: + resource_name = jmespath.search(self.metric_key, m) + self.resource_metric_dict[resource_name] = m + + def process_resource(self, resource): + resource_metric = resource.setdefault('c7n.metrics', {}) + + resource_name = jmespath.search(self.resource_key, resource) + metric = self.resource_metric_dict.get(resource_name) + if not metric and not self.missing_value: + return False + if not metric: + metric_value = self.missing_value + else: + metric_value = float(list(metric["points"][0]["value"].values())[0]) + + resource_metric[self.c7n_metric_key] = metric + + matched = self.op(metric_value, self.value) + return matched + + @classmethod + def register_resources(klass, registry, resource_class): + resource_class.filter_registry.register('metrics', klass) + + +gcp_resources.subscribe(GCPMetricsFilter.register_resources) diff --git a/tools/c7n_gcp/c7n_gcp/filters/sccfindings.py b/tools/c7n_gcp/c7n_gcp/filters/sccfindings.py new file mode 100644 index 00000000000..9c109a5fb80 --- /dev/null +++ b/tools/c7n_gcp/c7n_gcp/filters/sccfindings.py @@ -0,0 +1,85 @@ +# Copyright The Cloud Custodian Authors. +# SPDX-License-Identifier: Apache-2.0 +""" +Security Command Center Findings suppport for GCP resources +""" +from c7n.filters.core import ValueFilter +from c7n.utils import local_session, type_schema +from c7n_gcp.provider import resources as gcp_resources + + +class SecurityComandCenterFindingsFilter(ValueFilter): + """Filters resources based on their Security Command Center (SCC) findings. + + .. code-block:: yaml + + - name: bucket-contains-high-finding + resource: gcp.bucket + filters: + - type: scc-findings + org: 11111111111111 + key: severity + value: HIGH + """ + + schema = type_schema('scc-findings', rinherit=ValueFilter.schema, + org={'type': 'integer'}, required=['org']) + required_keys = {} + permissions = ("securitycenter.findings.list",) + annotation_key = 'c7n:matched-findings' + + def process(self, resources, event=None): + if not resources[0].get(self.annotation_key): + findings_list = self.get_findings(resources) + self.split_by_resource(findings_list) + matched = [r for r in resources if self.process_resource(r)] + return matched + + def get_findings(self, resources): + self.findings_by_resource = {} + query_params = { + 'filter': self.get_resource_filter(resources), + 'pageSize': 1000 + } + session = local_session(self.manager.session_factory) + client = session.client("securitycenter", "v1", "organizations.sources.findings") + findings_paged_list = list(client.execute_paged_query('list', + {'parent': 'organizations/{}/sources/-'.format(self.data['org']), **query_params})) + findings_list = [] + for findings_page in findings_paged_list: + if findings_page.get('listFindingsResults'): + findings_list.extend(findings_page['listFindingsResults']) + return findings_list + + def get_resource_filter(self, resources): + resource_filter = [] + for r in resources: + resource_filter.append('resourceName:"{}"'.format(r[self.manager.resource_type.name])) + resource_filter.append(' OR ') + resource_filter.pop() + + return ''.join(resource_filter) + + def split_by_resource(self, finding_list): + for f in finding_list: + resource_name = f["finding"]["resourceName"].split('/')[-1] + resource_findings = self.findings_by_resource.get(resource_name, []) + resource_findings.append(f['finding']) + self.findings_by_resource[resource_name] = resource_findings + + def process_resource(self, resource): + if not resource.get(self.annotation_key): + resource_name = resource[self.manager.resource_type.name] + resource[self.annotation_key] = self.findings_by_resource.get(resource_name, []) + + if self.data.get('key'): + resource[self.annotation_key] = [ + finding for finding in resource[self.annotation_key] if self.match(finding)] + return len(resource[self.annotation_key]) > 0 + + @classmethod + def register_resources(klass, registry, resource_class): + resource_class.filter_registry.register('scc-findings', klass) + + +gcp_resources.subscribe(SecurityComandCenterFindingsFilter.register_resources) diff --git a/tools/c7n_gcp/c7n_gcp/handler.py b/tools/c7n_gcp/c7n_gcp/handler.py index a8c583338ff..e245c95320a 100644 --- a/tools/c7n_gcp/c7n_gcp/handler.py +++ b/tools/c7n_gcp/c7n_gcp/handler.py @@ -46,7 +46,7 @@ def run(event, context=None): def get_tmp_output_dir(): - output_dir = '/tmp/' + str(uuid.uuid4()) + output_dir = '/tmp/' + str(uuid.uuid4()) # nosec if not os.path.exists(output_dir): try: os.mkdir(output_dir) diff --git a/tools/c7n_gcp/c7n_gcp/mu.py b/tools/c7n_gcp/c7n_gcp/mu.py index 352956574fd..dcef9fe8015 100644 --- a/tools/c7n_gcp/c7n_gcp/mu.py +++ b/tools/c7n_gcp/c7n_gcp/mu.py @@ -46,7 +46,7 @@ def custodian_archive(packages=None, deps=()): requirements.update(deps) archive.add_contents( 'requirements.txt', - generate_requirements(requirements, include_self=True)) + generate_requirements(requirements, ignore=('setuptools',), include_self=True)) return archive @@ -474,13 +474,65 @@ def ensure_iam(self, publisher=None): def add(self, func): self.ensure_topic() - def remove(self): + def remove(self, func): if not self.data.get('topic').startswith(self.prefix): return - client = self.session.client('topic', 'v1', 'projects.topics') + client = self.session.client('pubsub', 'v1', 'projects.topics') client.execute_command('delete', {'topic': self.get_topic_param()}) +class SecurityCenterSubscriber(EventSource): + + def __init__(self, session, data, resource): + self.session = session + self.data = data + self.resource = resource + + def notification_name(self): + return "custodian-auto-scc-{}".format(self.resource.type) + + def ensure_notification_config(self): + """Verify the notification config exists. + + Returns the notification config name. + """ + client = self.session.client('securitycenter', 'v1', 'organizations.notificationConfigs') + config_name = "organizations/{}/notificationConfigs/{}".format(self.data["org"], + self.notification_name()) + try: + client.execute_command('get', {'name': config_name}) + except HttpError as e: + if e.resp.status != 404: + raise + else: + return config_name + + config_body = { + 'name': self.notification_name(), + 'description': 'auto created by cloud custodian \ + for resource {}'.format(self.resource.type), + 'pubsubTopic': "projects/{}/topics/{}".format(self.session.get_default_project(), + self.data['topic']), + 'streamingConfig': { + "filter": "resource.type=\"{}\"".format(self.resource.resource_type.scc_type) + } + } + client.execute_command('create', { + 'configId': self.notification_name(), + 'parent': 'organizations/{}'.format(self.data["org"]), + 'body': config_body}) + return config_name + + def add(self, func): + self.ensure_notification_config() + + def remove(self, func): + client = self.session.client('securitycenter', 'v1', 'organizations.notificationConfigs') + config_name = "organizations/{}/notificationConfigs/{}".format(self.data["org"], + self.notification_name()) + client.execute_command('delete', {'name': config_name}) + + class PeriodicEvent(EventSource): """Periodic serverless execution. diff --git a/tools/c7n_gcp/c7n_gcp/policy.py b/tools/c7n_gcp/c7n_gcp/policy.py index fd15c5ff6c6..fa36c630b4a 100644 --- a/tools/c7n_gcp/c7n_gcp/policy.py +++ b/tools/c7n_gcp/c7n_gcp/policy.py @@ -170,3 +170,109 @@ def run(self, event, context): action.process(resources) return resources + + +@execution.register('gcp-scc') +class SecurityCenterMode(FunctionMode): + """Custodian policy execution on GCP Security Command Center (SCC) findings. + + Deploys as a Cloud Function triggered by SCC findings. This allows + you to apply your policies as soon as a SCC finding occurs. + See `Security Command Center + `_ + for more details. + + .. code-block:: yaml + + - name: delete-high-severity-firewall-findings + resource: gcp.firewall + mode: + service-account: SERVICE_ACCOUNT_NAME@PROJECT.iam.gserviceaccount.com + type: gcp-scc + org: ORG_ID + filters: + - type: value + key: severity + value: HIGH + actions: + - delete + + Default region the function is deployed to is + ``us-central1``. In case you want to change that, use the cli + ``--region`` flag. + """ + + schema = type_schema( + 'gcp-scc', + org={'type': 'integer'}, + required=['org'], + rinherit=FunctionMode.schema) + + def resolve_resources(self, event): + """Resolve a gcp resource from its scc finding. + """ + if not event["finding"].get("resourceName"): + self.policy.log.warning("Could not find resourceName in event") + return + + project_id = event["resource"].get("project", "").split('/')[-1] + finding_details = { + "resourceName": event["finding"]["resourceName"], + "project_id": project_id + } + + resource = self.policy.resource_manager.get_resource(finding_details) + # add finding fields to resource + resource.update({"finding": event["finding"]}) + + return [resource] + + def _resource_topic(self): + return "custodian-auto-scc-{}".format(self.policy.resource_manager.type) + + def _get_function(self): + events = [ + mu.PubSubSource(local_session(self.policy.session_factory), + {"topic": self._resource_topic()}), + mu.SecurityCenterSubscriber(local_session(self.policy.session_factory), + {"topic": self._resource_topic(), + "org": self.policy.data["mode"]["org"]}, self.policy.resource_manager)] + return mu.PolicyFunction(self.policy, events=events) + + def validate(self): + if not self.policy.resource_manager.resource_type.get: + raise PolicyValidationError( + "Resource:%s does not implement retrieval method get" % ( + self.policy.resource_type)) + if not self.policy.resource_manager.resource_type.scc_type: + raise PolicyValidationError( + "Resource:%s is not supported by scc currently" % ( + self.policy.resource_type)) + + def run(self, event, context): + """Execute a gcp serverless model""" + from c7n.actions import EventAction + + resources = self.resolve_resources(event) + if not resources: + return + + resources = self.policy.resource_manager.filter_resources( + resources, event) + + self.policy.log.info("Filtered resources %d" % len(resources)) + + if not resources: + return + + self.policy.ctx.metrics.put_metric( + 'ResourceCount', len(resources), 'Count', Scope="Policy", + buffer=False) + + for action in self.policy.resource_manager.actions: + if isinstance(action, EventAction): + action.process(resources, event) + else: + action.process(resources) + + return resources diff --git a/tools/c7n_gcp/c7n_gcp/resources/appengine.py b/tools/c7n_gcp/c7n_gcp/resources/appengine.py index f32fab84f3d..1cca2e94602 100644 --- a/tools/c7n_gcp/c7n_gcp/resources/appengine.py +++ b/tools/c7n_gcp/c7n_gcp/resources/appengine.py @@ -24,6 +24,7 @@ class resource_type(TypeInfo): 'id', 'locationId', 'servingStatus', 'authDomain', 'defaultHostName'] asset_type = "appengine.googleapis.com/Application" permissions = ('appengine.applications.get',) + metric_key = 'resource.labels.module_id' @staticmethod def get(client, resource_info): diff --git a/tools/c7n_gcp/c7n_gcp/resources/bigquery.py b/tools/c7n_gcp/c7n_gcp/resources/bigquery.py index 877e7ee5a10..10055a8fd99 100644 --- a/tools/c7n_gcp/c7n_gcp/resources/bigquery.py +++ b/tools/c7n_gcp/c7n_gcp/resources/bigquery.py @@ -24,6 +24,8 @@ class resource_type(TypeInfo): id, name, "description", "creationTime", "lastModifiedTime"] asset_type = "bigquery.googleapis.com/Dataset" + scc_type = "google.cloud.bigquery.Dataset" + metric_key = "resouece.labels.dataset_id" permissions = ('bigquery.datasets.get',) @staticmethod diff --git a/tools/c7n_gcp/c7n_gcp/resources/compute.py b/tools/c7n_gcp/c7n_gcp/resources/compute.py index 519679416c6..98da0f2eac3 100644 --- a/tools/c7n_gcp/c7n_gcp/resources/compute.py +++ b/tools/c7n_gcp/c7n_gcp/resources/compute.py @@ -5,12 +5,13 @@ from datetime import datetime -from c7n.utils import type_schema +from c7n.utils import local_session, type_schema from c7n_gcp.actions import MethodAction from c7n_gcp.provider import resources from c7n_gcp.query import QueryResourceManager, TypeInfo +from c7n.filters.core import ValueFilter from c7n.filters.offhours import OffHour, OnHour @@ -27,6 +28,8 @@ class resource_type(TypeInfo): labels = True default_report_fields = ['name', 'status', 'creationTimestamp', 'machineType', 'zone'] asset_type = "compute.googleapis.com/Instance" + scc_type = "google.compute.Instance" + metric_key = 'metric.labels.instance_name' @staticmethod def get(client, resource_info): @@ -64,6 +67,57 @@ def get_tag_value(self, instance): return instance.get('labels', {}).get(self.tag_key, False) +@Instance.filter_registry.register('effective-firewall') +class EffectiveFirewall(ValueFilter): + """Filters instances by their effective firewall rules. + See `getEffectiveFirewalls + `_ + for valid fields. + + :example: + + Filter all instances that have a firewall rule that allows public + acess + + .. code-block:: yaml + + policies: + - name: find-publicly-accessable-instances + resource: gcp.instance + filters: + - type: effective-firewall + key: firewalls[*].sourceRanges[] + op: contains + value: "0.0.0.0/0" + """ + + schema = type_schema('effective-firewall', rinherit=ValueFilter.schema) + permissions = ('compute.instances.getEffectiveFirewalls',) + + def get_resource_params(self, resource): + path_param_re = re.compile('.*?/projects/(.*?)/zones/(.*?)/instances/.*') + project, zone = path_param_re.match(resource['selfLink']).groups() + return {'project': project, 'zone': zone, 'instance': resource["name"]} + + def process_resource(self, client, resource): + params = self.get_resource_params(resource) + effective_firewalls = [] + for interface in resource["networkInterfaces"]: + effective_firewalls.append(client.execute_command( + 'getEffectiveFirewalls', {"networkInterface": interface["name"], **params})) + return super(EffectiveFirewall, self).process(effective_firewalls, None) + + def get_client(self, session, model): + return session.client( + model.service, model.version, model.component) + + def process(self, resources, event=None): + model = self.manager.get_model() + session = local_session(self.manager.session_factory) + client = self.get_client(session, model) + return [r for r in resources if self.process_resource(client, r)] + + class InstanceAction(MethodAction): def get_resource_params(self, model, resource): @@ -422,6 +476,7 @@ class resource_type(TypeInfo): default_report_fields = [ "name", "description", "status", "target", "recommendedSize"] asset_type = "compute.googleapis.com/Autoscaler" + metric_key = "resource.labels.autoscaler_name" @staticmethod def get(client, resource_info): diff --git a/tools/c7n_gcp/c7n_gcp/resources/dataflow.py b/tools/c7n_gcp/c7n_gcp/resources/dataflow.py index 45c994af0e7..77b8deb8a47 100644 --- a/tools/c7n_gcp/c7n_gcp/resources/dataflow.py +++ b/tools/c7n_gcp/c7n_gcp/resources/dataflow.py @@ -1,6 +1,7 @@ # Copyright The Cloud Custodian Authors. # SPDX-License-Identifier: Apache-2.0 import jmespath +from googleapiclient.errors import HttpError from c7n_gcp.provider import resources from c7n_gcp.query import QueryResourceManager, TypeInfo @@ -31,3 +32,27 @@ def get(client, event): 'jobId': jmespath.search('protoPayload.request.job_id', event) } ) + + def resources(self, query=None): + query_filter = 'ACTIVE' + if self.data.get('query'): + query_filter = self.data['query'][0].get('filter', 'ACTIVE') + + return super(DataflowJob, self).resources(query={'filter': query_filter}) + + def augment(self, resources): + client = self.get_client() + results = [] + for r in resources: + ref = { + 'jobId': r['id'], + 'projectId': r['projectId'], + 'view': 'JOB_VIEW_ALL' + } + try: + results.append( + client.execute_query( + 'get', verb_arguments=ref)) + except HttpError: + results.append(r) + return results diff --git a/tools/c7n_gcp/c7n_gcp/resources/dns.py b/tools/c7n_gcp/c7n_gcp/resources/dns.py index a7920f1e7c6..95b0a947c27 100644 --- a/tools/c7n_gcp/c7n_gcp/resources/dns.py +++ b/tools/c7n_gcp/c7n_gcp/resources/dns.py @@ -20,6 +20,7 @@ class resource_type(TypeInfo): name = 'name' default_report_fields = ['id', 'name', 'dnsName', 'creationTime', 'visibility'] asset_type = "dns.googleapis.com/ManagedZone" + scc_type = "google.cloud.dns.ManagedZone" @staticmethod def get(client, resource_info): diff --git a/tools/c7n_gcp/c7n_gcp/resources/function.py b/tools/c7n_gcp/c7n_gcp/resources/function.py index c348958b186..ca74f7cde61 100644 --- a/tools/c7n_gcp/c7n_gcp/resources/function.py +++ b/tools/c7n_gcp/c7n_gcp/resources/function.py @@ -20,6 +20,7 @@ class resource_type(TypeInfo): scope_key = 'parent' scope_template = "projects/{}/locations/-" name = id = "name" + metric_key = "resource.labels.function_name" default_report_fields = [ 'name', 'runtime', 'eventTrigger.eventType', 'status', 'updateTime'] diff --git a/tools/c7n_gcp/c7n_gcp/resources/gke.py b/tools/c7n_gcp/c7n_gcp/resources/gke.py index 62f25df49b2..64c97bc46d4 100644 --- a/tools/c7n_gcp/c7n_gcp/resources/gke.py +++ b/tools/c7n_gcp/c7n_gcp/resources/gke.py @@ -28,6 +28,8 @@ class resource_type(TypeInfo): 'name', 'description', 'status', 'currentMasterVersion', 'currentNodeVersion', 'currentNodeCount', 'location'] asset_type = 'container.googleapis.com/Cluster' + scc_type = 'google.container.Cluster' + metric_key = 'resource.labels.cluster_name' @staticmethod def get(client, resource_info): diff --git a/tools/c7n_gcp/c7n_gcp/resources/iam.py b/tools/c7n_gcp/c7n_gcp/resources/iam.py index 244e3cddfcd..4a6664c60b6 100644 --- a/tools/c7n_gcp/c7n_gcp/resources/iam.py +++ b/tools/c7n_gcp/c7n_gcp/resources/iam.py @@ -1,8 +1,12 @@ # Copyright The Cloud Custodian Authors. # SPDX-License-Identifier: Apache-2.0 +import re + +from c7n.utils import type_schema from c7n_gcp.provider import resources -from c7n_gcp.query import QueryResourceManager, TypeInfo +from c7n_gcp.query import QueryResourceManager, TypeInfo, ChildResourceManager, ChildTypeInfo +from c7n_gcp.actions import MethodAction @resources.register('project-role') @@ -46,6 +50,7 @@ class resource_type(TypeInfo): name = 'email' default_report_fields = ['name', 'displayName', 'email', 'description', 'disabled'] asset_type = "iam.googleapis.com/ServiceAccount" + metric_key = 'resource.labels.unique_id' @staticmethod def get(client, resource_info): @@ -56,6 +61,96 @@ def get(client, resource_info): resource_info['email_id'])}) +@ServiceAccount.action_registry.register('delete') +class DeleteServiceAccount(MethodAction): + schema = type_schema('delete') + method_spec = {'op': 'delete'} + permissions = ("iam.serviceAccounts.delete",) + + def get_resource_params(self, m, r): + return {'name': r['name']} + + +@ServiceAccount.action_registry.register('enable') +class EnableServiceAccount(MethodAction): + schema = type_schema('enable') + method_spec = {'op': 'enable'} + permissions = ("iam.serviceAccounts.enable",) + + def get_resource_params(self, m, r): + return {'name': r['name']} + + +@ServiceAccount.action_registry.register('disable') +class DisableServiceAccount(MethodAction): + schema = type_schema('disable') + method_spec = {'op': 'disable'} + permissions = ("iam.serviceAccounts.disable",) + + def get_resource_params(self, m, r): + return {'name': r['name']} + + +@resources.register('service-account-key') +class ServiceAccountKey(ChildResourceManager): + """GCP Resource + https://cloud.google.com/iam/docs/reference/rest/v1/projects.serviceAccounts.keys + """ + def _get_parent_resource_info(self, child_instance): + project_id, sa = re.match( + 'projects/(.*?)/serviceAccounts/(.*?)/keys/.*', + child_instance['name']).groups() + return {'project_id': project_id, + 'email_id': sa} + + def get_resource_query(self): + """Does nothing as self does not need query values unlike its parent + which receives them with the use_child_query flag.""" + pass + + class resource_type(ChildTypeInfo): + service = 'iam' + version = 'v1' + component = 'projects.serviceAccounts.keys' + enum_spec = ('list', 'keys[]', []) + scope = None + scope_key = 'name' + name = id = 'name' + default_report_fields = ['name', 'privateKeyType', 'keyAlgorithm', + 'validAfterTime', 'validBeforeTime', 'keyOrigin', 'keyType'] + parent_spec = { + 'resource': 'service-account', + 'child_enum_params': [ + ('name', 'name') + ], + 'use_child_query': True + } + asset_type = "iam.googleapis.com/ServiceAccountKey" + scc_type = "google.iam.ServiceAccountKey" + permissions = ("iam.serviceAccounts.list",) + + @staticmethod + def get(client, resource_info): + project, sa, key = re.match( + '.*?/projects/(.*?)/serviceAccounts/(.*?)/keys/(.*)', + resource_info['resourceName']).groups() + return client.execute_query( + 'get', { + 'name': 'projects/{}/serviceAccounts/{}/keys/{}'.format( + project, sa, key)}) + + +@ServiceAccountKey.action_registry.register('delete') +class DeleteServiceAccountKey(MethodAction): + + schema = type_schema('delete') + method_spec = {'op': 'delete'} + permissions = ("iam.serviceAccountKeys.delete",) + + def get_resource_params(self, m, r): + return {'name': r['name']} + + @resources.register('iam-role') class Role(QueryResourceManager): """GCP Organization Role diff --git a/tools/c7n_gcp/c7n_gcp/resources/kms.py b/tools/c7n_gcp/c7n_gcp/resources/kms.py index caac6c9a907..56d504de5ac 100644 --- a/tools/c7n_gcp/c7n_gcp/resources/kms.py +++ b/tools/c7n_gcp/c7n_gcp/resources/kms.py @@ -88,6 +88,7 @@ class resource_type(ChildTypeInfo): 'use_child_query': True } asset_type = "cloudkms.googleapis.com/CryptoKey" + scc_type = "google.cloud.kms.CryptoKey" @staticmethod def get(client, resource_info): diff --git a/tools/c7n_gcp/c7n_gcp/resources/loadbalancer.py b/tools/c7n_gcp/c7n_gcp/resources/loadbalancer.py index f45b1bf9326..2233edc85bb 100644 --- a/tools/c7n_gcp/c7n_gcp/resources/loadbalancer.py +++ b/tools/c7n_gcp/c7n_gcp/resources/loadbalancer.py @@ -208,6 +208,7 @@ class resource_type(TypeInfo): name, "description", "creationTimestamp", "sslPolicy", "urlMap" ] asset_type = "compute.googleapis.com/TargetHttpsProxy" + scc_type = "google.compute.TargetHttpsProxy" @staticmethod def get(client, resource_info): diff --git a/tools/c7n_gcp/c7n_gcp/resources/network.py b/tools/c7n_gcp/c7n_gcp/resources/network.py index ee3be310f53..64c41baee36 100644 --- a/tools/c7n_gcp/c7n_gcp/resources/network.py +++ b/tools/c7n_gcp/c7n_gcp/resources/network.py @@ -23,6 +23,15 @@ class resource_type(TypeInfo): "name", "description", "creationTimestamp", "autoCreateSubnetworks", "IPv4Range", "gatewayIPv4"] asset_type = "compute.googleapis.com/Network" + scc_type = "google.compute.Network" + + @staticmethod + def get(client, resource_info): + path_param_re = re.compile('.*?/projects/(.*?)/global/networks/(.*)') + project, network = path_param_re.match( + resource_info["resourceName"]).groups() + return client.execute_query( + 'get', {'project': project, 'network': network}) @resources.register('subnet') @@ -39,13 +48,18 @@ class resource_type(TypeInfo): "name", "description", "creationTimestamp", "ipCidrRange", "gatewayAddress", "region", "state"] asset_type = "compute.googleapis.com/Subnetwork" + scc_type = "google.compute.Subnetwork" + metric_key = "resource.labels.subnetwork_name" @staticmethod def get(client, resource_info): + + path_param_re = re.compile( + '.*?/projects/(.*?)/regions/(.*?)/subnetworks/(.*)') + project, region, subnet = path_param_re.match( + resource_info["resourceName"]).groups() return client.execute_query( - 'get', {'project': resource_info['project_id'], - 'region': resource_info['location'], - 'subnetwork': resource_info['subnetwork_name']}) + 'get', {'project': project, 'region': region, 'subnetwork': subnet}) class SubnetAction(MethodAction): @@ -119,6 +133,8 @@ class resource_type(TypeInfo): name, "description", "network", "priority", "creationTimestamp", "logConfig.enabled", "disabled"] asset_type = "compute.googleapis.com/Firewall" + scc_type = "google.compute.Firewall" + metric_key = 'metric.labels.firewall_name' @staticmethod def get(client, resource_info): diff --git a/tools/c7n_gcp/c7n_gcp/resources/pubsub.py b/tools/c7n_gcp/c7n_gcp/resources/pubsub.py index 2d499c2391c..73ad93004b8 100644 --- a/tools/c7n_gcp/c7n_gcp/resources/pubsub.py +++ b/tools/c7n_gcp/c7n_gcp/resources/pubsub.py @@ -24,6 +24,7 @@ class resource_type(TypeInfo): name = id = "name" default_report_fields = ["name", "kmsKeyName"] asset_type = "pubsub.googleapis.com/Topic" + metric_key = "resource.labels.topic_id" @staticmethod def get(client, resource_info): @@ -56,6 +57,7 @@ class resource_type(TypeInfo): "name", "topic", "ackDeadlineSeconds", "retainAckedMessages", "messageRetentionDuration"] asset_type = "pubsub.googleapis.com/Subscription" + metric_key = 'resource.labels.subscription_id' @staticmethod def get(client, resource_info): diff --git a/tools/c7n_gcp/c7n_gcp/resources/resource_map.py b/tools/c7n_gcp/c7n_gcp/resources/resource_map.py index f4c6e12420d..edb12df9c97 100644 --- a/tools/c7n_gcp/c7n_gcp/resources/resource_map.py +++ b/tools/c7n_gcp/c7n_gcp/resources/resource_map.py @@ -78,6 +78,7 @@ "gcp.router": "c7n_gcp.resources.network.Router", "gcp.service": "c7n_gcp.resources.service.Service", "gcp.service-account": "c7n_gcp.resources.iam.ServiceAccount", + "gcp.service-account-key": "c7n_gcp.resources.iam.ServiceAccountKey", "gcp.snapshot": "c7n_gcp.resources.compute.Snapshot", "gcp.sourcerepo": "c7n_gcp.resources.source.SourceRepository", "gcp.spanner-database-instance": "c7n_gcp.resources.spanner.SpannerDatabaseInstance", diff --git a/tools/c7n_gcp/c7n_gcp/resources/resourcemanager.py b/tools/c7n_gcp/c7n_gcp/resources/resourcemanager.py index 05a15d99b0b..1755d275997 100644 --- a/tools/c7n_gcp/c7n_gcp/resources/resourcemanager.py +++ b/tools/c7n_gcp/c7n_gcp/resources/resourcemanager.py @@ -26,9 +26,16 @@ class resource_type(TypeInfo): default_report_fields = [ "name", "displayName", "creationTime", "lifecycleState"] asset_type = "cloudresourcemanager.googleapis.com/Organization" + scc_type = "google.cloud.resourcemanager.Organization" perm_service = 'resourcemanager' permissions = ('resourcemanager.organizations.get',) + @staticmethod + def get(client, resource_info): + org = resource_info['resourceName'].rsplit('/', 1)[-1] + return client.execute_query( + 'get', {'name': "organizations/" + org}) + @Organization.action_registry.register('set-iam-policy') class OrganizationSetIamPolicy(SetIamPolicy): @@ -87,6 +94,7 @@ class resource_type(TypeInfo): default_report_fields = [ "name", "displayName", "lifecycleState", "createTime", "parent"] asset_type = "cloudresourcemanager.googleapis.com/Project" + scc_type = "google.cloud.resourcemanager.Project" perm_service = 'resourcemanager' labels = True labels_op = 'update' @@ -99,6 +107,11 @@ def get_label_params(resource, labels): 'parent': resource['parent'], 'labels': labels}} + @staticmethod + def get(client, resource_info): + return client.execute_query( + 'get', {'projectId': resource_info['resourceName'].rsplit('/', 1)[-1]}) + def get_resource_query(self): # https://cloud.google.com/resource-manager/reference/rest/v1/projects/list if 'query' in self.data: diff --git a/tools/c7n_gcp/c7n_gcp/resources/spanner.py b/tools/c7n_gcp/c7n_gcp/resources/spanner.py index 1ed463c59b7..a67c334829a 100644 --- a/tools/c7n_gcp/c7n_gcp/resources/spanner.py +++ b/tools/c7n_gcp/c7n_gcp/resources/spanner.py @@ -24,6 +24,7 @@ class resource_type(TypeInfo): labels = True labels_op = 'patch' asset_type = "spanner.googleapis.com/Instance" + metric_key = "resource.labels.instance_id" @staticmethod def get(client, resource_info): diff --git a/tools/c7n_gcp/c7n_gcp/resources/sql.py b/tools/c7n_gcp/c7n_gcp/resources/sql.py index e19c8a542b9..898fa487a7b 100644 --- a/tools/c7n_gcp/c7n_gcp/resources/sql.py +++ b/tools/c7n_gcp/c7n_gcp/resources/sql.py @@ -27,6 +27,8 @@ class resource_type(TypeInfo): default_report_fields = [ "name", "state", "databaseVersion", "settings.tier", "settings.dataDiskSizeGb"] asset_type = "sqladmin.googleapis.com/Instance" + scc_type = "google.cloud.sql.Instance" + metric_key = 'resource.labels.database_id' perm_service = 'cloudsql' @staticmethod diff --git a/tools/c7n_gcp/c7n_gcp/resources/storage.py b/tools/c7n_gcp/c7n_gcp/resources/storage.py index 3df6a12665b..801bc8e8bab 100644 --- a/tools/c7n_gcp/c7n_gcp/resources/storage.py +++ b/tools/c7n_gcp/c7n_gcp/resources/storage.py @@ -19,6 +19,8 @@ class resource_type(TypeInfo): default_report_fields = [ "name", "timeCreated", "location", "storageClass"] asset_type = "storage.googleapis.com/Bucket" + scc_type = "google.cloud.storage.Bucket" + metric_key = 'resource.labels.bucket_name' @staticmethod def get(client, resource_info): diff --git a/tools/c7n_gcp/poetry.lock b/tools/c7n_gcp/poetry.lock index d2e02be221c..5d9cbe5a57a 100644 --- a/tools/c7n_gcp/poetry.lock +++ b/tools/c7n_gcp/poetry.lock @@ -1,13 +1,13 @@ [[package]] name = "argcomplete" -version = "1.12.2" +version = "1.12.3" description = "Bash tab completion for argparse" category = "dev" optional = false python-versions = "*" [package.dependencies] -importlib-metadata = {version = ">=0.23,<4", markers = "python_version == \"3.6\" or python_version == \"3.7\""} +importlib-metadata = {version = ">=0.23,<5", markers = "python_version == \"3.6\" or python_version == \"3.7\""} [package.extras] test = ["coverage", "flake8", "pexpect", "wheel"] @@ -36,20 +36,20 @@ tests_no_zope = ["coverage[toml] (>=5.0.2)", "hypothesis", "pympler", "pytest (> [[package]] name = "boto3" -version = "1.17.33" +version = "1.17.57" description = "The AWS SDK for Python" category = "dev" optional = false python-versions = ">= 2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" [package.dependencies] -botocore = ">=1.20.33,<1.21.0" +botocore = ">=1.20.57,<1.21.0" jmespath = ">=0.7.1,<1.0.0" -s3transfer = ">=0.3.0,<0.4.0" +s3transfer = ">=0.4.0,<0.5.0" [[package]] name = "botocore" -version = "1.20.33" +version = "1.20.57" description = "Low-level, data-driven core of boto 3." category = "dev" optional = false @@ -61,11 +61,11 @@ python-dateutil = ">=2.1,<3.0.0" urllib3 = ">=1.25.4,<1.27" [package.extras] -crt = ["awscrt (==0.10.8)"] +crt = ["awscrt (==0.11.11)"] [[package]] name = "c7n" -version = "0.9.11" +version = "0.9.12" description = "Cloud Custodian - Policy Rules Engine" category = "dev" optional = false @@ -76,7 +76,6 @@ develop = true argcomplete = "^1.11.1" boto3 = "^1.12.31" importlib-metadata = ">1.7.0;python_version<3.8" -jsonpickle = "1.3" jsonschema = "^3.2.0" python-dateutil = "^2.8.1" pyyaml = "^5.3" @@ -131,7 +130,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" [[package]] name = "google-api-core" -version = "1.26.1" +version = "1.26.3" description = "Google API client core library" category = "main" optional = false @@ -170,7 +169,7 @@ uritemplate = ">=3.0.0,<4dev" [[package]] name = "google-auth" -version = "1.28.0" +version = "1.29.0" description = "Google Authentication Library" category = "main" optional = false @@ -185,6 +184,7 @@ six = ">=1.9.0" [package.extras] aiohttp = ["aiohttp (>=3.6.2,<4.0.0dev)"] pyopenssl = ["pyopenssl (>=20.0.0)"] +reauth = ["pyu2f (>=0.1.5)"] [[package]] name = "google-auth-httplib2" @@ -243,7 +243,7 @@ pandas = ["pandas (>=0.17.1)"] [[package]] name = "google-cloud-storage" -version = "1.36.2" +version = "1.37.1" description = "Google Cloud Storage API client library" category = "main" optional = false @@ -301,7 +301,7 @@ grpc = ["grpcio (>=1.0.0)"] [[package]] name = "grpcio" -version = "1.36.1" +version = "1.37.0" description = "HTTP/2-based RPC framework" category = "main" optional = false @@ -311,11 +311,11 @@ python-versions = "*" six = ">=1.5.2" [package.extras] -protobuf = ["grpcio-tools (>=1.36.1)"] +protobuf = ["grpcio-tools (>=1.37.0)"] [[package]] name = "httplib2" -version = "0.19.0" +version = "0.19.1" description = "A comprehensive HTTP client library." category = "main" optional = false @@ -334,7 +334,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" [[package]] name = "importlib-metadata" -version = "3.7.3" +version = "4.0.1" description = "Read metadata from Python packages" category = "dev" optional = false @@ -346,7 +346,7 @@ zipp = ">=0.5" [package.extras] docs = ["sphinx", "jaraco.packaging (>=8.2)", "rst.linker (>=1.9)"] -testing = ["pytest (>=3.5,!=3.7.3)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pytest-cov", "pytest-enabler", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] +testing = ["pytest (>=4.6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-cov", "pytest-enabler (>=1.0.1)", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] [[package]] name = "iniconfig" @@ -364,14 +364,6 @@ category = "dev" optional = false python-versions = ">=2.6, !=3.0.*, !=3.1.*, !=3.2.*" -[[package]] -name = "jsonpickle" -version = "1.3" -description = "Python library for serializing any arbitrary object graph into JSON" -category = "dev" -optional = false -python-versions = "*" - [[package]] name = "jsonschema" version = "3.2.0" @@ -390,14 +382,6 @@ six = ">=1.11.0" format = ["idna", "jsonpointer (>1.13)", "rfc3987", "strict-rfc3339", "webcolors"] format_nongpl = ["idna", "jsonpointer (>1.13)", "webcolors", "rfc3986-validator (>0.1.0)", "rfc3339-validator"] -[[package]] -name = "more-itertools" -version = "8.7.0" -description = "More routines for operating on iterables, beyond itertools" -category = "dev" -optional = false -python-versions = ">=3.5" - [[package]] name = "packaging" version = "20.9" @@ -425,7 +409,7 @@ dev = ["pre-commit", "tox"] [[package]] name = "protobuf" -version = "3.15.6" +version = "3.15.8" description = "Protocol Buffers" category = "main" optional = false @@ -487,26 +471,24 @@ python-versions = ">=3.5" [[package]] name = "pytest" -version = "6.0.2" +version = "6.2.3" description = "pytest: simple powerful testing with Python" category = "dev" optional = false -python-versions = ">=3.5" +python-versions = ">=3.6" [package.dependencies] atomicwrites = {version = ">=1.0", markers = "sys_platform == \"win32\""} -attrs = ">=17.4.0" +attrs = ">=19.2.0" colorama = {version = "*", markers = "sys_platform == \"win32\""} importlib-metadata = {version = ">=0.12", markers = "python_version < \"3.8\""} iniconfig = "*" -more-itertools = ">=4.0.0" packaging = "*" -pluggy = ">=0.12,<1.0" +pluggy = ">=0.12,<1.0.0a1" py = ">=1.8.2" toml = "*" [package.extras] -checkqa_mypy = ["mypy (==0.780)"] testing = ["argcomplete", "hypothesis (>=3.56)", "mock", "nose", "requests", "xmlschema"] [[package]] @@ -589,7 +571,7 @@ pyasn1 = ">=0.1.3" [[package]] name = "s3transfer" -version = "0.3.6" +version = "0.4.2" description = "An Amazon S3 Transfer Manager" category = "dev" optional = false @@ -598,6 +580,9 @@ python-versions = "*" [package.dependencies] botocore = ">=1.12.36,<2.0a.0" +[package.extras] +crt = ["botocore[crt] (>=1.20.29,<2.0a.0)"] + [[package]] name = "six" version = "1.15.0" @@ -669,12 +654,12 @@ testing = ["pytest (>=4.6)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pyt [metadata] lock-version = "1.1" python-versions = "^3.6" -content-hash = "ac55c12ddd565017f5199052dbdfb642668bcdd716082bc53c4d3ace3bfbe307" +content-hash = "3421ed2056ca2b67f95f020b9e8389e787ee80e7e4c95ba3c03bff5c2163594d" [metadata.files] argcomplete = [ - {file = "argcomplete-1.12.2-py2.py3-none-any.whl", hash = "sha256:17f01a9b9b9ece3e6b07058eae737ad6e10de8b4e149105f84614783913aba71"}, - {file = "argcomplete-1.12.2.tar.gz", hash = "sha256:de0e1282330940d52ea92a80fea2e4b9e0da1932aaa570f84d268939d1897b04"}, + {file = "argcomplete-1.12.3-py2.py3-none-any.whl", hash = "sha256:291f0beca7fd49ce285d2f10e4c1c77e9460cf823eef2de54df0c0fec88b0d81"}, + {file = "argcomplete-1.12.3.tar.gz", hash = "sha256:2c7dbffd8c045ea534921e63b0be6fe65e88599990d8dc408ac8c542b72a5445"}, ] atomicwrites = [ {file = "atomicwrites-1.4.0-py2.py3-none-any.whl", hash = "sha256:6d1784dea7c0c8d4a5172b6c620f40b6e4cbfdf96d783691f2e1302a7b88e197"}, @@ -685,12 +670,12 @@ attrs = [ {file = "attrs-20.3.0.tar.gz", hash = "sha256:832aa3cde19744e49938b91fea06d69ecb9e649c93ba974535d08ad92164f700"}, ] boto3 = [ - {file = "boto3-1.17.33-py2.py3-none-any.whl", hash = "sha256:3306dad87f993703b102a0a70ca19c549b7f41e7f70fa7b4c579735c9f79351d"}, - {file = "boto3-1.17.33.tar.gz", hash = "sha256:0cac2fffc1ba915f7bb5ecee539318532db51f218c928a228fafe3e501e9472e"}, + {file = "boto3-1.17.57-py2.py3-none-any.whl", hash = "sha256:2783947ec34dd84fc36093e8fc8a9a24679cf912a97bc9a0c47f4966ed059a29"}, + {file = "boto3-1.17.57.tar.gz", hash = "sha256:6b4a79691a48740816f03c4cb1e8ef46f8335ad2019d9c4a95da73eb5cb98f05"}, ] botocore = [ - {file = "botocore-1.20.33-py2.py3-none-any.whl", hash = "sha256:a33e862685259fe22d9790d9c9f3567feda8b824d44d3c62a3617af1133543a4"}, - {file = "botocore-1.20.33.tar.gz", hash = "sha256:e355305309699d3aca1e0050fc21d48595b40db046cb0d2491cd57ff5b26920b"}, + {file = "botocore-1.20.57-py2.py3-none-any.whl", hash = "sha256:fa430bc773363a3d332c11c55bd8c0c0a5819d576121eb6990528a1bdaa89bcd"}, + {file = "botocore-1.20.57.tar.gz", hash = "sha256:ae4ac72921f23d35ad54a5fb0989fc00c6fff8a39e24f26128b9315cc6209fec"}, ] c7n = [] cachetools = [ @@ -749,16 +734,16 @@ colorama = [ {file = "colorama-0.4.4.tar.gz", hash = "sha256:5941b2b48a20143d2267e95b1c2a7603ce057ee39fd88e7329b0c292aa16869b"}, ] google-api-core = [ - {file = "google-api-core-1.26.1.tar.gz", hash = "sha256:23b0df512c4cc8729793f8992edb350e3211f5fd0ec007afb1599864b421beef"}, - {file = "google_api_core-1.26.1-py2.py3-none-any.whl", hash = "sha256:c383206f0f87545d3e658c4f8dc3b18a8457610fdbd791a15757c5b42d1e0e7f"}, + {file = "google-api-core-1.26.3.tar.gz", hash = "sha256:b914345c7ea23861162693a27703bab804a55504f7e6e9abcaff174d80df32ac"}, + {file = "google_api_core-1.26.3-py2.py3-none-any.whl", hash = "sha256:099762d4b4018cd536bcf85136bf337957da438807572db52f21dc61251be089"}, ] google-api-python-client = [ {file = "google-api-python-client-1.12.8.tar.gz", hash = "sha256:f3b9684442eec2cfe9f9bb48e796ef919456b82142c7528c5fd527e5224f08bb"}, {file = "google_api_python_client-1.12.8-py2.py3-none-any.whl", hash = "sha256:3c4c4ca46b5c21196bec7ee93453443e477d82cbfa79234d1ce0645f81170eaf"}, ] google-auth = [ - {file = "google-auth-1.28.0.tar.gz", hash = "sha256:9bd436d19ab047001a1340720d2b629eb96dd503258c524921ec2af3ee88a80e"}, - {file = "google_auth-1.28.0-py2.py3-none-any.whl", hash = "sha256:dcaba3aa9d4e0e96fd945bf25a86b6f878fcb05770b67adbeb50a63ca4d28a5e"}, + {file = "google-auth-1.29.0.tar.gz", hash = "sha256:010f011c4e27d3d5eb01106fba6aac39d164842dfcd8709955c4638f5b11ccf8"}, + {file = "google_auth-1.29.0-py2.py3-none-any.whl", hash = "sha256:f30a672a64d91cc2e3137765d088c5deec26416246f7a9e956eaf69a8d7ed49c"}, ] google-auth-httplib2 = [ {file = "google-auth-httplib2-0.1.0.tar.gz", hash = "sha256:a07c39fd632becacd3f07718dfd6021bf396978f03ad3ce4321d060015cc30ac"}, @@ -777,8 +762,8 @@ google-cloud-monitoring = [ {file = "google_cloud_monitoring-0.34.0-py2.py3-none-any.whl", hash = "sha256:0f9dea65e4b82c426dc9700cb6011ab4eac43394b38c4fd0b7045735ddb4a760"}, ] google-cloud-storage = [ - {file = "google-cloud-storage-1.36.2.tar.gz", hash = "sha256:89d3a101c8ca3aae7614253a03a2e7fe77c5e799469df2d4ec44044cccac1ad8"}, - {file = "google_cloud_storage-1.36.2-py2.py3-none-any.whl", hash = "sha256:a02f955e5c9d8e2035bd0fbe4793604a8f5abf61200cbb743f71cd1c5aa13b68"}, + {file = "google-cloud-storage-1.37.1.tar.gz", hash = "sha256:e06a4797c87ac73c4a74801539fdf0a91761c3014281ff58b7b29f15b34c206e"}, + {file = "google_cloud_storage-1.37.1-py2.py3-none-any.whl", hash = "sha256:63a9dab155bf81c51354db3d11f3e83a1db7d58eff453f1ce51ffa565d32617b"}, ] google-crc32c = [ {file = "google-crc32c-1.1.2.tar.gz", hash = "sha256:dff5bd1236737f66950999d25de7a78144548ebac7788d30ada8c1b6ead60b27"}, @@ -820,64 +805,68 @@ googleapis-common-protos = [ {file = "googleapis_common_protos-1.53.0-py2.py3-none-any.whl", hash = "sha256:f6d561ab8fb16b30020b940e2dd01cd80082f4762fa9f3ee670f4419b4b8dbd0"}, ] grpcio = [ - {file = "grpcio-1.36.1-cp27-cp27m-macosx_10_10_x86_64.whl", hash = "sha256:e3a83c5db16f95daac1d96cf3c9018d765579b5a29bb336758d793028e729921"}, - {file = "grpcio-1.36.1-cp27-cp27m-manylinux2010_i686.whl", hash = "sha256:c18739fecb90760b183bfcb4da1cf2c6bf57e38f7baa2c131d5f67d9a4c8365d"}, - {file = "grpcio-1.36.1-cp27-cp27m-manylinux2010_x86_64.whl", hash = "sha256:f6efa62ca1fe02cd34ec35f53446f04a15fe2c886a4e825f5679936a573d2cbf"}, - {file = "grpcio-1.36.1-cp27-cp27m-win32.whl", hash = "sha256:9a18299827a70be0507f98a65393b1c7f6c004fe2ca995fe23ffac534dd187a7"}, - {file = "grpcio-1.36.1-cp27-cp27m-win_amd64.whl", hash = "sha256:8a89190de1985a54ef311650cf9687ffb81de038973fd32e452636ddae36b29f"}, - {file = "grpcio-1.36.1-cp27-cp27mu-linux_armv7l.whl", hash = "sha256:3e75643d21db7d68acd541d3fec66faaa8061d12b511e101b529ff12a276bb9b"}, - {file = "grpcio-1.36.1-cp27-cp27mu-manylinux2010_i686.whl", hash = "sha256:3c5204e05e18268dd6a1099ca6c106fd9d00bcae1e37d5a5186094c55044c941"}, - {file = "grpcio-1.36.1-cp27-cp27mu-manylinux2010_x86_64.whl", hash = "sha256:24d4c2c5e540e666c52225953d6813afc8ccf9bf46db6a72edd4e8d606656248"}, - {file = "grpcio-1.36.1-cp35-cp35m-linux_armv7l.whl", hash = "sha256:4dc7295dc9673f7af22c1e38c2a2c24ecbd6773a4c5ed5a46ed38ad4dcf2bf6c"}, - {file = "grpcio-1.36.1-cp35-cp35m-macosx_10_10_intel.whl", hash = "sha256:f241116d4bf1a8037ff87f16914b606390824e50902bdbfa2262e855fbf07fe5"}, - {file = "grpcio-1.36.1-cp35-cp35m-manylinux2010_i686.whl", hash = "sha256:1056b558acfd575d774644826df449e1402a03e456a3192fafb6b06d1069bf80"}, - {file = "grpcio-1.36.1-cp35-cp35m-manylinux2010_x86_64.whl", hash = "sha256:52ec563da45d06319224ebbda53501d25594de64ee1b2786e119ba4a2f1ce40c"}, - {file = "grpcio-1.36.1-cp35-cp35m-manylinux2014_i686.whl", hash = "sha256:7cbeac9bbe6a4a7fce4a89c892c249135dd9f5f5219ede157174c34a456188f0"}, - {file = "grpcio-1.36.1-cp35-cp35m-manylinux2014_x86_64.whl", hash = "sha256:2abaa9f0d83bd0b26f6d0d1fc4b97d73bde3ceac36ab857f70d3cabcf31c5c79"}, - {file = "grpcio-1.36.1-cp35-cp35m-win32.whl", hash = "sha256:02030e1afd3247f2b159df9dff959ec79dd4047b1c4dd4eec9e3d1642efbd504"}, - {file = "grpcio-1.36.1-cp35-cp35m-win_amd64.whl", hash = "sha256:eafafc7e040e36aa926edc731ab52c23465981888779ae64bfc8ad85888ed4f3"}, - {file = "grpcio-1.36.1-cp36-cp36m-linux_armv7l.whl", hash = "sha256:1030e74ddd0fa6e3bad7944f0c68cf1251b15bcd70641f0ad3858fdf2b8602a0"}, - {file = "grpcio-1.36.1-cp36-cp36m-macosx_10_10_x86_64.whl", hash = "sha256:b003e24339030ed356f59505d1065b89e1f443ef41ce71ca9069be944c0d2e6b"}, - {file = "grpcio-1.36.1-cp36-cp36m-manylinux2010_i686.whl", hash = "sha256:76daa3c4d58fcf40f7969bdb4270335e96ee0382a050cadcd97d7332cd0251a3"}, - {file = "grpcio-1.36.1-cp36-cp36m-manylinux2010_x86_64.whl", hash = "sha256:f591597bb25eae0094ead5a965555e911453e5f35fdbdaa83be11ef107865697"}, - {file = "grpcio-1.36.1-cp36-cp36m-manylinux2014_i686.whl", hash = "sha256:cbd82c479338fc1c0e5c3db09752b61fe47d40c6e38e4be8657153712fa76674"}, - {file = "grpcio-1.36.1-cp36-cp36m-manylinux2014_x86_64.whl", hash = "sha256:7e32bc01dfaa7a51c547379644ea619a2161d6969affdac3bbd173478d26673d"}, - {file = "grpcio-1.36.1-cp36-cp36m-win32.whl", hash = "sha256:5378189fb897567f4929f75ab67a3e0da4f8967806246cb9cfa1fa06bfbdb0d5"}, - {file = "grpcio-1.36.1-cp36-cp36m-win_amd64.whl", hash = "sha256:3a6295aa692806218e97bb687a71cd768450ed99e2acddc488f18d738edef463"}, - {file = "grpcio-1.36.1-cp37-cp37m-macosx_10_10_x86_64.whl", hash = "sha256:6f6f8a8b57e40347d0bf32c2135037dae31d63d3b19007b4c426a11b76deaf65"}, - {file = "grpcio-1.36.1-cp37-cp37m-manylinux2010_i686.whl", hash = "sha256:4c05ed54b2a00df01e633bebec819b512bf0c60f8f5b3b36dd344dc673b02fea"}, - {file = "grpcio-1.36.1-cp37-cp37m-manylinux2010_x86_64.whl", hash = "sha256:e1b9e906aa6f7577016e86ed7f3a69cae7dab4e41356584dc7980f76ea65035f"}, - {file = "grpcio-1.36.1-cp37-cp37m-manylinux2014_i686.whl", hash = "sha256:a602d6b30760bbbb2fe776caaa914a0d404636cafc3f2322718bf8002d7b1e55"}, - {file = "grpcio-1.36.1-cp37-cp37m-manylinux2014_x86_64.whl", hash = "sha256:dee9971aef20fc09ed897420446c4d0926cd1d7630f343333288523ca5b44bb2"}, - {file = "grpcio-1.36.1-cp37-cp37m-win32.whl", hash = "sha256:ed16bfeda02268e75e038c58599d52afc7097d749916c079b26bc27a66900f7d"}, - {file = "grpcio-1.36.1-cp37-cp37m-win_amd64.whl", hash = "sha256:85a6035ae75ce964f78f19cf913938596ccf068b149fcd79f4371268bcb9aa7c"}, - {file = "grpcio-1.36.1-cp38-cp38-macosx_10_10_x86_64.whl", hash = "sha256:6b30682180053eebc87802c2f249d2f59b430e1a18e8808575dde0d22a968b2c"}, - {file = "grpcio-1.36.1-cp38-cp38-manylinux2010_i686.whl", hash = "sha256:5e4920a8fb5d17b2c5ba980db0ac1c925bbee3e5d70e96da3ec4fb1c8600d68f"}, - {file = "grpcio-1.36.1-cp38-cp38-manylinux2010_x86_64.whl", hash = "sha256:f7740d9d9451f3663df11b241ac05cafc0efaa052d2fdca6640c4d3748eaf6e2"}, - {file = "grpcio-1.36.1-cp38-cp38-manylinux2014_i686.whl", hash = "sha256:20b7c4c5513e1135a2261e56830c0e710f205fee92019b92fe132d7f16a5cfd8"}, - {file = "grpcio-1.36.1-cp38-cp38-manylinux2014_x86_64.whl", hash = "sha256:216fbd2a488e74c3b96e240e4054c85c4c99102a439bc9f556936991643f43bc"}, - {file = "grpcio-1.36.1-cp38-cp38-win32.whl", hash = "sha256:7863c2a140e829b1f4c6d67bf0bf15e5321ac4766d0a295e2682970d9dd4b091"}, - {file = "grpcio-1.36.1-cp38-cp38-win_amd64.whl", hash = "sha256:f214076eb13da9e65c1aa9877b51fca03f51a82bd8691358e1a1edd9ff341330"}, - {file = "grpcio-1.36.1-cp39-cp39-macosx_10_10_x86_64.whl", hash = "sha256:ec753c022b39656f88409fbf9f2d3b28497e3f17aa678f884d78776b41ebe6bd"}, - {file = "grpcio-1.36.1-cp39-cp39-manylinux2010_i686.whl", hash = "sha256:0648a6d5d7ddcd9c8462d7d961660ee024dad6b88152ee3a521819e611830edf"}, - {file = "grpcio-1.36.1-cp39-cp39-manylinux2010_x86_64.whl", hash = "sha256:45ea10dd133a43b10c0b4326834107ebccfee25dab59b312b78e018c2d72a1f0"}, - {file = "grpcio-1.36.1-cp39-cp39-manylinux2014_i686.whl", hash = "sha256:bab743cdac1d6d8326c65d1d091d0740b39966dfab06519f74a03b3d128b8454"}, - {file = "grpcio-1.36.1-cp39-cp39-manylinux2014_x86_64.whl", hash = "sha256:09af8ceb91860086216edc6e5ea15f9beb2cf81687faa43b7c03216f5b73e244"}, - {file = "grpcio-1.36.1-cp39-cp39-win32.whl", hash = "sha256:f3f70505207ee1cee65f60a799fd8e06e07861409aa0d55d834825a79b40c297"}, - {file = "grpcio-1.36.1-cp39-cp39-win_amd64.whl", hash = "sha256:f22c11772eff25ba1ca536e760b8c34ba56f2a9d66b6842cb11770a8f61f879d"}, - {file = "grpcio-1.36.1.tar.gz", hash = "sha256:a66ea59b20f3669df0f0c6a3bd57b985e5b2d1dcf3e4c29819bb8dc232d0fd38"}, + {file = "grpcio-1.37.0-cp27-cp27m-macosx_10_10_x86_64.whl", hash = "sha256:8a0517e7a6784439a3730e50597bd64debf776692adea3c18f869a36454952e1"}, + {file = "grpcio-1.37.0-cp27-cp27m-manylinux2010_i686.whl", hash = "sha256:96ca74522bcd979856d359fcca3128f760c69885d264dc22044fd1a468e0eb68"}, + {file = "grpcio-1.37.0-cp27-cp27m-manylinux2010_x86_64.whl", hash = "sha256:3da2b0b8afe3ef34c9e2f90329b1f170fc50db5c4d0bbe986946caa659e5ed17"}, + {file = "grpcio-1.37.0-cp27-cp27m-win32.whl", hash = "sha256:0634cd805c6725ab71bebaf3370da0e5d32339c26eb1b6ad0f73d64224e19ddf"}, + {file = "grpcio-1.37.0-cp27-cp27m-win_amd64.whl", hash = "sha256:fe14c86c58190463f6e714637bba366874ca1e518ff1f82723d90765e6e39288"}, + {file = "grpcio-1.37.0-cp27-cp27mu-manylinux2010_i686.whl", hash = "sha256:14d7a15030a3f72cfd16dde8018d9f0e29e3f52cb566506dc942220b69b65de8"}, + {file = "grpcio-1.37.0-cp27-cp27mu-manylinux2010_x86_64.whl", hash = "sha256:9d389f4e008edbd91082baff37507bbf4b25afd6c239c8070071f8936466a374"}, + {file = "grpcio-1.37.0-cp35-cp35m-macosx_10_10_intel.whl", hash = "sha256:a8b0914e6ac8987b8f59fcfb79519c5ce8df279b19d1c88bda2fc6e147821217"}, + {file = "grpcio-1.37.0-cp35-cp35m-manylinux2010_i686.whl", hash = "sha256:aaf44d496fe53ca1414677cab73b7935d01006f0b8ab4a32ab18704643a80ab5"}, + {file = "grpcio-1.37.0-cp35-cp35m-manylinux2010_x86_64.whl", hash = "sha256:fb6588a47d096cdaa0815d108b714d3e273361bfe03bc47725ddb1fdeaa56061"}, + {file = "grpcio-1.37.0-cp35-cp35m-manylinux2014_i686.whl", hash = "sha256:9b872b6c8ab618caa9bdee871c51021c7cc4890c141e7ee7bb6b923174bb299a"}, + {file = "grpcio-1.37.0-cp35-cp35m-manylinux2014_x86_64.whl", hash = "sha256:810d488804291f22cb696692cfddf75b12bbc9d34beca0159d99103286ac0091"}, + {file = "grpcio-1.37.0-cp35-cp35m-win32.whl", hash = "sha256:55fbdb9a2f81b28bd15af5c6e6669a2c8bb0bdb2add74c8818f9593a7428a164"}, + {file = "grpcio-1.37.0-cp35-cp35m-win_amd64.whl", hash = "sha256:fa6cfecbafbab8c4a229c42787b02cf58d0f128ad43c27b89c4df603b66d7f3c"}, + {file = "grpcio-1.37.0-cp36-cp36m-linux_armv7l.whl", hash = "sha256:b36eeb8a29f214f876ddda563990267a8b35d0a6da587edfa97effa4cdf6e5bd"}, + {file = "grpcio-1.37.0-cp36-cp36m-macosx_10_10_x86_64.whl", hash = "sha256:a89b5d2f64d588b46a8b77c04ada4c68ee1cfd0b7a148ff9108d72eefdc9b363"}, + {file = "grpcio-1.37.0-cp36-cp36m-manylinux2010_i686.whl", hash = "sha256:e0169f550dc9ba88da0bb60b8198437d9bd0e8600d600e3569cd3ba7d2ce0bc7"}, + {file = "grpcio-1.37.0-cp36-cp36m-manylinux2010_x86_64.whl", hash = "sha256:4408b2732fdf93f735ecb059193219528981d27483feaa822970226d5c66c143"}, + {file = "grpcio-1.37.0-cp36-cp36m-manylinux2014_i686.whl", hash = "sha256:5784d1e4877345efb6655f6851809441478769558565d8291a54e1bd3f19548b"}, + {file = "grpcio-1.37.0-cp36-cp36m-manylinux2014_x86_64.whl", hash = "sha256:96e3d85eb63d144656611eef4683f5b4003e1deec93bc2d6cbc5cf330f275a7e"}, + {file = "grpcio-1.37.0-cp36-cp36m-win32.whl", hash = "sha256:e1a5322d63346afdda8ad7ff8cf9933a0ab029546395eae31af7cd27ef75e47b"}, + {file = "grpcio-1.37.0-cp36-cp36m-win_amd64.whl", hash = "sha256:5e11b7176e7c14675868b7c46b7aa2da0b184cf7c189348f3ad7c98829de07be"}, + {file = "grpcio-1.37.0-cp37-cp37m-linux_armv7l.whl", hash = "sha256:6c2798eaef4eebcf3f9d62b49652bc1110787c684861605d20fec842580f6cee"}, + {file = "grpcio-1.37.0-cp37-cp37m-macosx_10_10_x86_64.whl", hash = "sha256:3e541240650f9173b4891f3e252234976199e487b9bd771e4f082403db50130d"}, + {file = "grpcio-1.37.0-cp37-cp37m-manylinux2010_i686.whl", hash = "sha256:b4f3ddfed733264c4f6431302e5fbafdd9c03f166b98b04d16a058fae3101a5d"}, + {file = "grpcio-1.37.0-cp37-cp37m-manylinux2010_x86_64.whl", hash = "sha256:f16e40ea37600fe21b51651617867c46d26dcb3f25a5912b7e61c7199b3f5a9f"}, + {file = "grpcio-1.37.0-cp37-cp37m-manylinux2014_aarch64.whl", hash = "sha256:b897b825fb464c940001a2cc1d631f418f5b071ccff64647148dbf99c775b98b"}, + {file = "grpcio-1.37.0-cp37-cp37m-manylinux2014_i686.whl", hash = "sha256:5e598af1d64ece6a91797b2dcacaf2d537ffb1c0075ecd184c62976068ce1f09"}, + {file = "grpcio-1.37.0-cp37-cp37m-manylinux2014_x86_64.whl", hash = "sha256:1a167d39b1db6e1b29653d69938ff79936602e95863db897ff9eeab81366b304"}, + {file = "grpcio-1.37.0-cp37-cp37m-win32.whl", hash = "sha256:c4f71341c20327bda9f8c28c35d1475af335bb27e591e7f6409d493b49e06223"}, + {file = "grpcio-1.37.0-cp37-cp37m-win_amd64.whl", hash = "sha256:e86acc1462bc796df672568492d24c6b4e7692e3f58b873d56b215dc65553ae1"}, + {file = "grpcio-1.37.0-cp38-cp38-linux_armv7l.whl", hash = "sha256:28f94700775ceca8820fa2c141501ec713e821de7362b966f8d7bf4d8e1eb93a"}, + {file = "grpcio-1.37.0-cp38-cp38-macosx_10_10_x86_64.whl", hash = "sha256:ca5c96c61289c001b9bcd607dcc1df3060eb8cc13088baf8a6e13268e4879a1f"}, + {file = "grpcio-1.37.0-cp38-cp38-manylinux2010_i686.whl", hash = "sha256:06cae65dc4557a445748092a61f2adb425ee472088a7e39826369f1f0ae9ffea"}, + {file = "grpcio-1.37.0-cp38-cp38-manylinux2010_x86_64.whl", hash = "sha256:6986d58240addd69e001e2e0e97c4b198370dd575162ab4bb1e3ea3816103e75"}, + {file = "grpcio-1.37.0-cp38-cp38-manylinux2014_aarch64.whl", hash = "sha256:606f0bbfac3860cb6f23f8ebabb974c14db8797317a86d6df063b132f64318f9"}, + {file = "grpcio-1.37.0-cp38-cp38-manylinux2014_i686.whl", hash = "sha256:1c611a4d137a40f8a6803933dd77ab43f04cc54c27fb0e07483fd37b70e7dae6"}, + {file = "grpcio-1.37.0-cp38-cp38-manylinux2014_x86_64.whl", hash = "sha256:3acfb47d930daec7127a7bc27a7e9c1c276d5e4ae3d2b04a4c7a33432712c811"}, + {file = "grpcio-1.37.0-cp38-cp38-win32.whl", hash = "sha256:575b49cbdd7286df9f77451709060a4a311a9c8767e89cf4e28d3b3200893de4"}, + {file = "grpcio-1.37.0-cp38-cp38-win_amd64.whl", hash = "sha256:04582b260ff0c953011819b1964e875139a7a43adb84621d3ab57f66d0f3d04e"}, + {file = "grpcio-1.37.0-cp39-cp39-linux_armv7l.whl", hash = "sha256:00f0acc463d9e6b1e74e71ce516c8cabd053619d08dd81765eb573492811de54"}, + {file = "grpcio-1.37.0-cp39-cp39-macosx_10_10_x86_64.whl", hash = "sha256:4eb3907fda03eda8bdb7d666f5371b6500a9054f355a547961da1ee231d2d6aa"}, + {file = "grpcio-1.37.0-cp39-cp39-manylinux2010_i686.whl", hash = "sha256:3eecf543aa66f7d8304f82854132df6116476279a8e3ba0665c5d93f1ef622de"}, + {file = "grpcio-1.37.0-cp39-cp39-manylinux2010_x86_64.whl", hash = "sha256:91f91388e6f72a5d15161124458ad62387470f3a0a16b488db169232f79dd4d2"}, + {file = "grpcio-1.37.0-cp39-cp39-manylinux2014_aarch64.whl", hash = "sha256:efb928f1a3fd5889b9045c323077d2696937cf9cdb7d2e60b90caa7da5bd1ce9"}, + {file = "grpcio-1.37.0-cp39-cp39-manylinux2014_i686.whl", hash = "sha256:93d990885d392f564ef95a97e0d6936cb09ee404418e8c986835a4d1786b882d"}, + {file = "grpcio-1.37.0-cp39-cp39-manylinux2014_x86_64.whl", hash = "sha256:ebbb2796ec138cb56373f328f5046ccb9e591046cd8aaccbb8af5bfc397d8b53"}, + {file = "grpcio-1.37.0-cp39-cp39-win32.whl", hash = "sha256:adfef1a3994220bd39e5e2dd57714ca94c4c38c9015f2812a0b09b39f86ddbe0"}, + {file = "grpcio-1.37.0-cp39-cp39-win_amd64.whl", hash = "sha256:df142d51d7de3f8d13aaa78f7ddc7d74088226f92ec5aae8d98d8ae5d328f74b"}, + {file = "grpcio-1.37.0.tar.gz", hash = "sha256:b3ce16aa91569760fdabd77ca901b2288152eb16941d28edd9a3a75a0c4a8a85"}, ] httplib2 = [ - {file = "httplib2-0.19.0-py3-none-any.whl", hash = "sha256:749c32603f9bf16c1277f59531d502e8f1c2ca19901ae653b49c4ed698f0820e"}, - {file = "httplib2-0.19.0.tar.gz", hash = "sha256:e0d428dad43c72dbce7d163b7753ffc7a39c097e6788ef10f4198db69b92f08e"}, + {file = "httplib2-0.19.1-py3-none-any.whl", hash = "sha256:2ad195faf9faf079723f6714926e9a9061f694d07724b846658ce08d40f522b4"}, + {file = "httplib2-0.19.1.tar.gz", hash = "sha256:0b12617eeca7433d4c396a100eaecfa4b08ee99aa881e6df6e257a7aad5d533d"}, ] idna = [ {file = "idna-2.10-py2.py3-none-any.whl", hash = "sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0"}, {file = "idna-2.10.tar.gz", hash = "sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6"}, ] importlib-metadata = [ - {file = "importlib_metadata-3.7.3-py3-none-any.whl", hash = "sha256:b74159469b464a99cb8cc3e21973e4d96e05d3024d337313fedb618a6e86e6f4"}, - {file = "importlib_metadata-3.7.3.tar.gz", hash = "sha256:742add720a20d0467df2f444ae41704000f50e1234f46174b51f9c6031a1bd71"}, + {file = "importlib_metadata-4.0.1-py3-none-any.whl", hash = "sha256:d7eb1dea6d6a6086f8be21784cc9e3bcfa55872b52309bc5fad53a8ea444465d"}, + {file = "importlib_metadata-4.0.1.tar.gz", hash = "sha256:8c501196e49fb9df5df43833bdb1e4328f64847763ec8a50703148b73784d581"}, ] iniconfig = [ {file = "iniconfig-1.1.1-py2.py3-none-any.whl", hash = "sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3"}, @@ -887,18 +876,10 @@ jmespath = [ {file = "jmespath-0.10.0-py2.py3-none-any.whl", hash = "sha256:cdf6525904cc597730141d61b36f2e4b8ecc257c420fa2f4549bac2c2d0cb72f"}, {file = "jmespath-0.10.0.tar.gz", hash = "sha256:b85d0567b8666149a93172712e68920734333c0ce7e89b78b3e987f71e5ed4f9"}, ] -jsonpickle = [ - {file = "jsonpickle-1.3-py2.py3-none-any.whl", hash = "sha256:efc6839cb341985f0c24f98650a4c1063a2877c236ffd3d7e1662f0c482bac93"}, - {file = "jsonpickle-1.3.tar.gz", hash = "sha256:71bca2b80ae28af4e3f86629ef247100af7f97032b5ca8d791c1f8725b411d95"}, -] jsonschema = [ {file = "jsonschema-3.2.0-py2.py3-none-any.whl", hash = "sha256:4e5b3cf8216f577bee9ce139cbe72eca3ea4f292ec60928ff24758ce626cd163"}, {file = "jsonschema-3.2.0.tar.gz", hash = "sha256:c8a85b28d377cc7737e46e2d9f2b4f44ee3c0e1deac6bf46ddefc7187d30797a"}, ] -more-itertools = [ - {file = "more-itertools-8.7.0.tar.gz", hash = "sha256:c5d6da9ca3ff65220c3bfd2a8db06d698f05d4d2b9be57e1deb2be5a45019713"}, - {file = "more_itertools-8.7.0-py3-none-any.whl", hash = "sha256:5652a9ac72209ed7df8d9c15daf4e1aa0e3d2ccd3c87f8265a0673cd9cbc9ced"}, -] packaging = [ {file = "packaging-20.9-py2.py3-none-any.whl", hash = "sha256:67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a"}, {file = "packaging-20.9.tar.gz", hash = "sha256:5b327ac1320dc863dca72f4514ecc086f31186744b84a230374cc1fd776feae5"}, @@ -908,26 +889,26 @@ pluggy = [ {file = "pluggy-0.13.1.tar.gz", hash = "sha256:15b2acde666561e1298d71b523007ed7364de07029219b604cf808bfa1c765b0"}, ] protobuf = [ - {file = "protobuf-3.15.6-cp27-cp27m-macosx_10_9_x86_64.whl", hash = "sha256:1771ef20e88759c4d81db213e89b7a1fc53937968e12af6603c658ee4bcbfa38"}, - {file = "protobuf-3.15.6-cp27-cp27mu-manylinux1_x86_64.whl", hash = "sha256:1a66261a402d05c8ad8c1fde8631837307bf8d7e7740a4f3941fc3277c2e1528"}, - {file = "protobuf-3.15.6-cp35-cp35m-macosx_10_9_intel.whl", hash = "sha256:eac23a3e56175b710f3da9a9e8e2aa571891fbec60e0c5a06db1c7b1613b5cfd"}, - {file = "protobuf-3.15.6-cp35-cp35m-manylinux1_x86_64.whl", hash = "sha256:9ec220d90eda8bb7a7a1434a8aed4fe26d7e648c1a051c2885f3f5725b6aa71a"}, - {file = "protobuf-3.15.6-cp35-cp35m-win32.whl", hash = "sha256:88d8f21d1ac205eedb6dea943f8204ed08201b081dba2a966ab5612788b9bb1e"}, - {file = "protobuf-3.15.6-cp35-cp35m-win_amd64.whl", hash = "sha256:eaada29bbf087dea7d8bce4d1d604fc768749e8809e9c295922accd7c8fce4d5"}, - {file = "protobuf-3.15.6-cp36-cp36m-macosx_10_9_x86_64.whl", hash = "sha256:256c0b2e338c1f3228d3280707606fe5531fde85ab9d704cde6fdeb55112531f"}, - {file = "protobuf-3.15.6-cp36-cp36m-manylinux1_x86_64.whl", hash = "sha256:b9069e45b6e78412fba4a314ea38b4a478686060acf470d2b131b3a2c50484ec"}, - {file = "protobuf-3.15.6-cp36-cp36m-win32.whl", hash = "sha256:24f4697f57b8520c897a401b7f9a5ae45c369e22c572e305dfaf8053ecb49687"}, - {file = "protobuf-3.15.6-cp36-cp36m-win_amd64.whl", hash = "sha256:d9ed0955b794f1e5f367e27f8a8ff25501eabe34573f003f06639c366ca75f73"}, - {file = "protobuf-3.15.6-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:822ac7f87fc2fb9b24edd2db390538b60ef50256e421ca30d65250fad5a3d477"}, - {file = "protobuf-3.15.6-cp37-cp37m-manylinux1_x86_64.whl", hash = "sha256:74ac159989e2b02d761188a2b6f4601ff5e494d9b9d863f5ad6e98e5e0c54328"}, - {file = "protobuf-3.15.6-cp37-cp37m-win32.whl", hash = "sha256:30fe4249a364576f9594180589c3f9c4771952014b5f77f0372923fc7bafbbe2"}, - {file = "protobuf-3.15.6-cp37-cp37m-win_amd64.whl", hash = "sha256:45a91fc6f9aa86d3effdeda6751882b02de628519ba06d7160daffde0c889ff8"}, - {file = "protobuf-3.15.6-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:83c7c7534f050cb25383bb817159416601d1cc46c40bc5e851ec8bbddfc34a2f"}, - {file = "protobuf-3.15.6-cp38-cp38-manylinux1_x86_64.whl", hash = "sha256:9ec20a6ded7d0888e767ad029dbb126e604e18db744ac0a428cf746e040ccecd"}, - {file = "protobuf-3.15.6-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:0f2da2fcc4102b6c3b57f03c9d8d5e37c63f8bc74deaa6cb54e0cc4524a77247"}, - {file = "protobuf-3.15.6-cp39-cp39-manylinux1_x86_64.whl", hash = "sha256:70054ae1ce5dea7dec7357db931fcf487f40ea45b02cb719ee6af07eb1e906fb"}, - {file = "protobuf-3.15.6-py2.py3-none-any.whl", hash = "sha256:1655fc0ba7402560d749de13edbfca1ac45d1753d8f4e5292989f18f5a00c215"}, - {file = "protobuf-3.15.6.tar.gz", hash = "sha256:2b974519a2ae83aa1e31cff9018c70bbe0e303a46a598f982943c49ae1d4fcd3"}, + {file = "protobuf-3.15.8-cp27-cp27m-macosx_10_9_x86_64.whl", hash = "sha256:fad4f971ec38d8df7f4b632c819bf9bbf4f57cfd7312cf526c69ce17ef32436a"}, + {file = "protobuf-3.15.8-cp27-cp27mu-manylinux1_x86_64.whl", hash = "sha256:f17b352d7ce33c81773cf81d536ca70849de6f73c96413f17309f4b43ae7040b"}, + {file = "protobuf-3.15.8-cp35-cp35m-macosx_10_9_intel.whl", hash = "sha256:4a054b0b5900b7ea7014099e783fb8c4618e4209fffcd6050857517b3f156e18"}, + {file = "protobuf-3.15.8-cp35-cp35m-manylinux1_x86_64.whl", hash = "sha256:efa4c4d4fc9ba734e5e85eaced70e1b63fb3c8d08482d839eb838566346f1737"}, + {file = "protobuf-3.15.8-cp35-cp35m-win32.whl", hash = "sha256:07eec4e2ccbc74e95bb9b3afe7da67957947ee95bdac2b2e91b038b832dd71f0"}, + {file = "protobuf-3.15.8-cp35-cp35m-win_amd64.whl", hash = "sha256:f9cadaaa4065d5dd4d15245c3b68b967b3652a3108e77f292b58b8c35114b56c"}, + {file = "protobuf-3.15.8-cp36-cp36m-macosx_10_9_x86_64.whl", hash = "sha256:2dc0e8a9e4962207bdc46a365b63a3f1aca6f9681a5082a326c5837ef8f4b745"}, + {file = "protobuf-3.15.8-cp36-cp36m-manylinux1_x86_64.whl", hash = "sha256:f80afc0a0ba13339bbab25ca0409e9e2836b12bb012364c06e97c2df250c3343"}, + {file = "protobuf-3.15.8-cp36-cp36m-win32.whl", hash = "sha256:c5566f956a26cda3abdfacc0ca2e21db6c9f3d18f47d8d4751f2209d6c1a5297"}, + {file = "protobuf-3.15.8-cp36-cp36m-win_amd64.whl", hash = "sha256:dab75b56a12b1ceb3e40808b5bd9dfdaef3a1330251956e6744e5b6ed8f8830b"}, + {file = "protobuf-3.15.8-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:3053f13207e7f13dc7be5e9071b59b02020172f09f648e85dc77e3fcb50d1044"}, + {file = "protobuf-3.15.8-cp37-cp37m-manylinux1_x86_64.whl", hash = "sha256:1f0b5d156c3df08cc54bc2c8b8b875648ea4cd7ebb2a9a130669f7547ec3488c"}, + {file = "protobuf-3.15.8-cp37-cp37m-win32.whl", hash = "sha256:90270fe5732c1f1ff664a3bd7123a16456d69b4e66a09a139a00443a32f210b8"}, + {file = "protobuf-3.15.8-cp37-cp37m-win_amd64.whl", hash = "sha256:f42c2f5fb67da5905bfc03733a311f72fa309252bcd77c32d1462a1ad519521e"}, + {file = "protobuf-3.15.8-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:f6077db37bfa16494dca58a4a02bfdacd87662247ad6bc1f7f8d13ff3f0013e1"}, + {file = "protobuf-3.15.8-cp38-cp38-manylinux1_x86_64.whl", hash = "sha256:510e66491f1a5ac5953c908aa8300ec47f793130097e4557482803b187a8ee05"}, + {file = "protobuf-3.15.8-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:5ff9fa0e67fcab442af9bc8d4ec3f82cb2ff3be0af62dba047ed4187f0088b7d"}, + {file = "protobuf-3.15.8-cp39-cp39-manylinux1_x86_64.whl", hash = "sha256:1c0e9e56202b9dccbc094353285a252e2b7940b74fdf75f1b4e1b137833fabd7"}, + {file = "protobuf-3.15.8-py2.py3-none-any.whl", hash = "sha256:a0a08c6b2e6d6c74a6eb5bf6184968eefb1569279e78714e239d33126e753403"}, + {file = "protobuf-3.15.8.tar.gz", hash = "sha256:0277f62b1e42210cafe79a71628c1d553348da81cbd553402a7f7549c50b11d0"}, ] py = [ {file = "py-1.10.0-py2.py3-none-any.whl", hash = "sha256:3b80836aa6d1feeaa108e046da6423ab8f6ceda6468545ae8d02d9d58d18818a"}, @@ -975,8 +956,8 @@ pyrsistent = [ {file = "pyrsistent-0.17.3.tar.gz", hash = "sha256:2e636185d9eb976a18a8a8e96efce62f2905fea90041958d8cc2a189756ebf3e"}, ] pytest = [ - {file = "pytest-6.0.2-py3-none-any.whl", hash = "sha256:0e37f61339c4578776e090c3b8f6b16ce4db333889d65d0efb305243ec544b40"}, - {file = "pytest-6.0.2.tar.gz", hash = "sha256:c8f57c2a30983f469bf03e68cdfa74dc474ce56b8f280ddcb080dfd91df01043"}, + {file = "pytest-6.2.3-py3-none-any.whl", hash = "sha256:6ad9c7bdf517a808242b998ac20063c41532a570d088d77eec1ee12b0b5574bc"}, + {file = "pytest-6.2.3.tar.gz", hash = "sha256:671238a46e4df0f3498d1c3270e5deb9b32d25134c99b7d75370a68cfbe9b634"}, ] python-dateutil = [ {file = "python-dateutil-2.8.1.tar.gz", hash = "sha256:73ebfe9dbf22e832286dafa60473e4cd239f8592f699aa5adaf10050e6e1823c"}, @@ -1025,8 +1006,8 @@ rsa = [ {file = "rsa-4.7.2.tar.gz", hash = "sha256:9d689e6ca1b3038bc82bf8d23e944b6b6037bc02301a574935b2dd946e0353b9"}, ] s3transfer = [ - {file = "s3transfer-0.3.6-py2.py3-none-any.whl", hash = "sha256:5d48b1fd2232141a9d5fb279709117aaba506cacea7f86f11bc392f06bfa8fc2"}, - {file = "s3transfer-0.3.6.tar.gz", hash = "sha256:c5dadf598762899d8cfaecf68eba649cd25b0ce93b6c954b156aaa3eed160547"}, + {file = "s3transfer-0.4.2-py2.py3-none-any.whl", hash = "sha256:9b3752887a2880690ce628bc263d6d13a3864083aeacff4890c1c9839a5eb0bc"}, + {file = "s3transfer-0.4.2.tar.gz", hash = "sha256:cb022f4b16551edebbb31a377d3f09600dbada7363d8c5db7976e7f47732e1b2"}, ] six = [ {file = "six-1.15.0-py2.py3-none-any.whl", hash = "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced"}, diff --git a/tools/c7n_gcp/pyproject.toml b/tools/c7n_gcp/pyproject.toml index 523a3e12590..42d8ce736d2 100644 --- a/tools/c7n_gcp/pyproject.toml +++ b/tools/c7n_gcp/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "c7n_gcp" -version = "0.4.10" +version = "0.4.11" description = "Cloud Custodian - Google Cloud Provider" readme = "readme.md" homepage = "https://cloudcustodian.io" @@ -9,6 +9,7 @@ documentation = "https://cloudcustodian.io/docs/" authors = ["Cloud Custodian Project"] license = "Apache-2.0" classifiers = [ + "License :: OSI Approved :: Apache Software License", "Topic :: System :: Systems Administration", "Topic :: System :: Distributed Computing" ] @@ -24,7 +25,7 @@ google-cloud-monitoring = "^0.34.0" google-cloud-storage = "^1.28.1" [tool.poetry.dev-dependencies] -pytest = "~6.0.0" +pytest = "^6.0.0" c7n = {path = "../..", develop = true} [build-system] diff --git a/tools/c7n_gcp/requirements.txt b/tools/c7n_gcp/requirements.txt index 59896b33dd9..7d703900405 100644 --- a/tools/c7n_gcp/requirements.txt +++ b/tools/c7n_gcp/requirements.txt @@ -2,22 +2,22 @@ cachetools==4.2.1; python_version >= "3.5" and python_version < "4.0" and (pytho certifi==2020.12.5; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" cffi==1.14.5; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" and python_version >= "3.6" chardet==4.0.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" -google-api-core==1.26.1; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" +google-api-core==1.26.3; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" google-api-python-client==1.12.8; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.4.0") google-auth-httplib2==0.1.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" -google-auth==1.28.0; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.6.0") +google-auth==1.29.0; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.6.0") google-cloud-core==1.6.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" google-cloud-logging==1.15.1; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.4.0") google-cloud-monitoring==0.34.0; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.4.0") -google-cloud-storage==1.36.2; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.6.0") +google-cloud-storage==1.37.1; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.6.0") google-crc32c==1.1.2; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" and python_version >= "3.6" google-resumable-media==1.2.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" googleapis-common-protos==1.53.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" and python_version >= "3.6" -grpcio==1.36.1; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" -httplib2==0.19.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" +grpcio==1.37.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" +httplib2==0.19.1; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" idna==2.10; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" packaging==20.9; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" -protobuf==3.15.6; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" and python_version >= "3.6" +protobuf==3.15.8; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" and python_version >= "3.6" pyasn1-modules==0.2.8; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" pyasn1==0.4.8; python_version >= "3.5" and python_full_version < "3.0.0" and python_version < "4" and (python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" and python_version >= "3.6") or python_version >= "3.5" and python_version < "4" and (python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" and python_version >= "3.6") and python_full_version >= "3.6.0" pycparser==2.20; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" and python_version >= "3.6" diff --git a/tools/c7n_gcp/setup.py b/tools/c7n_gcp/setup.py index 0b7e2e79f28..44edaf102ff 100644 --- a/tools/c7n_gcp/setup.py +++ b/tools/c7n_gcp/setup.py @@ -10,26 +10,25 @@ {'': ['*']} install_requires = \ -['argcomplete (>=1.12.2,<2.0.0)', +['argcomplete (>=1.12.3,<2.0.0)', 'attrs (>=20.3.0,<21.0.0)', - 'boto3 (>=1.17.33,<2.0.0)', - 'botocore (>=1.20.33,<2.0.0)', - 'c7n (>=0.9.11,<0.10.0)', + 'boto3 (>=1.17.57,<2.0.0)', + 'botocore (>=1.20.57,<2.0.0)', + 'c7n (>=0.9.12,<0.10.0)', 'google-api-python-client>=1.7,<2.0', 'google-auth>=1.11.0,<2.0.0', 'google-cloud-logging>=1.14,<2.0', 'google-cloud-monitoring>=0.34.0,<0.35.0', 'google-cloud-storage>=1.28.1,<2.0.0', - 'importlib-metadata (>=3.7.3,<4.0.0)', + 'importlib-metadata (>=4.0.1,<5.0.0)', 'jmespath (>=0.10.0,<0.11.0)', - 'jsonpickle (>=1.3,<2.0)', 'jsonschema (>=3.2.0,<4.0.0)', 'pyrsistent (>=0.17.3,<0.18.0)', 'python-dateutil (>=2.8.1,<3.0.0)', 'pyyaml (>=5.4.1,<6.0.0)', 'ratelimiter>=1.2.0,<2.0.0', 'retrying>=1.3.3,<2.0.0', - 's3transfer (>=0.3.6,<0.4.0)', + 's3transfer (>=0.4.2,<0.5.0)', 'six (>=1.15.0,<2.0.0)', 'tabulate (>=0.8.9,<0.9.0)', 'typing-extensions (>=3.7.4.3,<4.0.0.0)', @@ -38,8 +37,14 @@ setup_kwargs = { 'name': 'c7n-gcp', - 'version': '0.4.10', + 'version': '0.4.11', 'description': 'Cloud Custodian - Google Cloud Provider', + 'license': 'Apache-2.0', + 'classifiers': [ + 'License :: OSI Approved :: Apache Software License', + 'Topic :: System :: Systems Administration', + 'Topic :: System :: Distributed Computing' + ], 'long_description': '# Custodian GCP Support\n\nStatus - Alpha\n\n# Features\n\n - Serverless ✅\n - Api Subscriber ✅\n - Metrics ✅\n - Resource Query ✅\n - Multi Account (c7n-org) ✅\n\n# Getting Started\n\n\n## via pip\n\n```\npip install c7n_gcp\n```\n\nBy default custodian will use credentials associated to the gcloud cli, which will generate\nwarnings per google.auth (https://github.com/googleapis/google-auth-library-python/issues/292)\n\nThe recommended authentication form for production usage is to create a service account and\ncredentials, which will be picked up via by the custodian cli via setting the\n*GOOGLE_APPLICATION_CREDENTIALS* environment variable.\n\n\n# Serverless\n\nCustodian supports both periodic and api call events for serverless\npolicy execution.\n\nGCP Cloud Functions require cloudbuild api be enabled on the project\nthe functions are deployed to.\n\nPeriodic execution mode also requires cloudscheduler api be enabled on\na project. Cloudscheduler usage also requires an app engine instance\nin the same region as the function deployment.\n', 'long_description_content_type': 'text/markdown', 'author': 'Cloud Custodian Project', diff --git a/tools/c7n_gcp/tests/data/events/network-finding.json b/tools/c7n_gcp/tests/data/events/network-finding.json new file mode 100644 index 00000000000..6c83cd82936 --- /dev/null +++ b/tools/c7n_gcp/tests/data/events/network-finding.json @@ -0,0 +1,32 @@ + + { + "notificationConfigName": "organizations/111111111111/notificationConfigs/auto-custodian-scc-firewall", + "finding": { + "category": "FLOW_LOGS_DISABLED", + "createTime": "2021-03-02T18:45:20.121Z", + "eventTime": "2021-03-16T20:21:34.229Z", + "externalUri": "https://console.cloud.google.com/networking/subnetworks/details/asia-northeast1/default?project=cloud-custodian", + "name": "organizations/111111111111/sources/123456789/findings/333333333333", + "parent": "organizations/111111111111/sources/123456789", + "resourceName": "//compute.googleapis.com/projects/cloud-custodian/regions/asia-northeast1/subnetworks/a22222222222222222", + "securityMarks": { + "name": "organizations/111111111111/sources/123456789/findings/333333333333/securityMarks" + }, + "severity": "LOW", + "sourceProperties": { + "ExceptionInstructions": "Add the security mark \"allow_flow_logs_disabled\" to the asset with a value of \"true\" to prevent this finding from being activated again.", + "Explanation": "VPC Flow Logs record a sample of network flows sent from and received by VM instances. These logs can be used for network monitoring, forensics, real-time security analysis, and expense optimization. Learn more at: https://cloud.google.com/vpc/docs/using-flow-logs", + "ReactivationCount": 0, + "Recommendation": "Go to https://console.cloud.google.com/networking/subnetworks/details/asia-northeast1/default?project=cloud-custodian, click \"Edit\", and enable Flow Logs.", + "ScannerName": "SUBNETWORK_SCANNER" + }, + "state": "ACTIVE" + }, + "resource": { + "name": "//compute.googleapis.com/projects/cloud-custodian/regions/asia-northeast1/subnetworks/a22222222222222222", + "parentDisplayName": "cloud-custodian", + "parentName": "//cloudresourcemanager.googleapis.com/projects/99999999999", + "projectDisplayName": "cloud-custodian", + "project": "//cloudresourcemanager.googleapis.com/projects/99999999999" + } + } \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/dataflow-job/get-v1b3-projects-cloud-custodian-jobs-2021-04-27_08_34_20-8562643317148312878_1.json b/tools/c7n_gcp/tests/data/flights/dataflow-job/get-v1b3-projects-cloud-custodian-jobs-2021-04-27_08_34_20-8562643317148312878_1.json new file mode 100644 index 00000000000..374baba831f --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/dataflow-job/get-v1b3-projects-cloud-custodian-jobs-2021-04-27_08_34_20-8562643317148312878_1.json @@ -0,0 +1,1066 @@ +{ + "headers": { + "status": "200", + "content-length": "1193", + "x-xss-protection": "0", + "content-location": "https://dataflow.googleapis.com/v1b3/projects/cloud-custodian/jobs/2019-05-16_04_24_18-6110555549864901093?alt=json", + "x-content-type-options": "nosniff", + "transfer-encoding": "chunked", + "vary": "Origin, X-Origin, Referer", + "server": "ESF", + "-content-encoding": "gzip", + "cache-control": "private", + "date": "Thu, 16 May 2019 12:08:45 GMT", + "x-frame-options": "SAMEORIGIN", + "alt-svc": "quic=\":443\"; ma=2592000; v=\"46,44,43,39\"", + "content-type": "application/json; charset=UTF-8" + }, + "body": { + "id": "2021-04-27_08_34_20-8562643317148312878", + "projectId": "cloud-custodian", + "name": "test", + "type": "JOB_TYPE_STREAMING", + "environment": { + "tempStoragePrefix": "storage.googleapis.com/tmp/tmp", + "clusterManagerApiService": "instancegroup.googleapis.com", + "experiments": [ + "enable_streaming_pubsub_io_stackdriver_metrics", + "enable_throttled_based_rescaling", + "enable_streaming_service_billing", + "use_multi_hop_delegation", + "enable_billing_v_1_5", + "increase_igm_polling_interval", + "override_controller_service_account", + "merge_default_environment_in_per_pipeline_component", + "use_replica_pools", + "emit_autoscaling_rationales", + "use_host_networking", + "use_compute_esf_endpoint", + "shuffle_service_num_reserved_repartitioner_sources=200000", + "allow_portable_job_submission", + "emit_autoscaling_monitoring_events", + "use_workflow_job_manager_components_for_streaming", + "use_timer_backlog_in_streaming_autoscaling", + "shuffle_service_max_shuffle_log_stripes=15000", + "use_dataflow_service_account_in_igm", + "igm_stable_polling_delay_secs=120", + "use_worker_zone_chooser_by_default", + "enable_compute_default_service_account_org_policy", + "shuffle_service_use_partitioning_log_v3", + "autoscale_windmill_service_by_default", + "enable_streaming_scaling", + "use_ppm_for_windmill" + ], + "workerPools": [ + { + "kind": "harness", + "numWorkers": 2, + "packages": [ + { + "name": "teleport-all-bundled-_uGQoGj2e2zz5Uspavdbswu75ubbmt8_U5Z1LHjdAZo.jar", + "location": "storage.googleapis.com/dataflow-templates-libraries/2021-04-19-00_RC00/teleport-all-bundled-_uGQoGj2e2zz5Uspavdbswu75ubbmt8_U5Z1LHjdAZo.jar" + } + ], + "machineType": "n1-standard-1", + "teardownPolicy": "TEARDOWN_ALWAYS", + "diskSizeGb": 30, + "zone": "us-central1-f", + "onHostMaintenance": "MIGRATE", + "dataDisks": [ + { + "sizeGb": 10 + } + ], + "metadata": { + "job_name": "test", + "sdk_pipeline_options": "{\"display_data\":[{\"key\":\"jobName\",\"namespace\":\"org.apache.beam.sdk.options.PipelineOptions\",\"type\":\"STRING\",\"value\":\"pubsubtopubsub-dataflow0releaser-0419082627-8130e736\"},{\"key\":\"streaming\",\"namespace\":\"org.apache.beam.sdk.options.StreamingOptions\",\"type\":\"BOOLEAN\",\"value\":true},{\"key\":\"labels\",\"namespace\":\"org.apache.beam.runners.dataflow.options.DataflowPipelineOptions\",\"type\":\"STRING\",\"value\":\"{goog-dataflow-provided-template-name=cloud_pubsub_to_cloud_pubsub, goog-dataflow-provided-template-version=2021-04-19-00_rc00, goog-dataflow-provided-template-type=legacy}\"},{\"key\":\"autoscalingAlgorithm\",\"namespace\":\"org.apache.beam.runners.dataflow.options.DataflowPipelineWorkerPoolOptions\",\"type\":\"STRING\",\"value\":\"THROUGHPUT_BASED\"},{\"key\":\"stagingLocation\",\"namespace\":\"org.apache.beam.runners.dataflow.options.DataflowPipelineOptions\",\"type\":\"STRING\",\"value\":\"gs://dataflow-templates-libraries/2021-04-19-00_RC00\"},{\"key\":\"pipelineUrl\",\"namespace\":\"org.apache.beam.runners.dataflow.options.DataflowPipelineOptions\",\"type\":\"STRING\",\"value\":\"gs://dataflow-templates-libraries/2021-04-19-00_RC00/pipeline-T2clImR1XdMoJ4t-nPZUDhQdcflNPD6tuHFqqXCLTSA.pb\"},{\"key\":\"maxNumWorkers\",\"namespace\":\"org.apache.beam.runners.dataflow.options.DataflowPipelineWorkerPoolOptions\",\"type\":\"INTEGER\",\"value\":3},{\"key\":\"project\",\"namespace\":\"org.apache.beam.runners.dataflow.options.DataflowPipelineOptions\",\"type\":\"STRING\",\"value\":\"dataflow-templates\"},{\"key\":\"gcsUploadBufferSizeBytes\",\"namespace\":\"org.apache.beam.sdk.extensions.gcp.options.GcsOptions\",\"type\":\"INTEGER\",\"value\":1048576},{\"key\":\"userAgent\",\"namespace\":\"org.apache.beam.sdk.options.PipelineOptions\",\"type\":\"STRING\",\"value\":\"Apache_Beam_SDK_for_Java/2.27.0(JDK_11_environment)\"},{\"key\":\"tempLocation\",\"namespace\":\"org.apache.beam.sdk.options.PipelineOptions\",\"type\":\"STRING\",\"value\":\"gs://tf-state-service-accounts/tmp\"},{\"key\":\"appName\",\"namespace\":\"org.apache.beam.sdk.options.ApplicationNameOptions\",\"type\":\"STRING\",\"value\":\"PubsubToPubsub\"},{\"key\":\"region\",\"namespace\":\"org.apache.beam.runners.dataflow.options.DataflowPipelineOptions\",\"type\":\"STRING\",\"value\":\"us-central1\"},{\"key\":\"filesToStage\",\"namespace\":\"org.apache.beam.sdk.options.PortablePipelineOptions\",\"type\":\"STRING\",\"value\":\"[/export/hda3/borglet/remote_hdd_fs_dirs/0.rapid.runner-t2zfzvyb-xzn6-rgig-pryn-ouxnqent52mf.dataflow-releaser.798918173332.14b334fb3717c109/mount/rapid/workflows/e09982ac-8a02-4fd8-8bfc-39f83a073a9b/tmp/tmpxfq9vedq/teleport-all-bundled.jar]\"},{\"key\":\"templateLocation\",\"namespace\":\"org.apache.beam.runners.dataflow.options.DataflowPipelineOptions\",\"type\":\"STRING\",\"value\":\"gs://dataflow-templates-us-central1/latest/Cloud_PubSub_to_Cloud_PubSub\"},{\"key\":\"filesToStage\",\"namespace\":\"org.apache.beam.runners.dataflow.options.DataflowPipelineWorkerPoolOptions\",\"type\":\"STRING\",\"value\":\"[/export/hda3/borglet/remote_hdd_fs_dirs/0.rapid.runner-t2zfzvyb-xzn6-rgig-pryn-ouxnqent52mf.dataflow-releaser.798918173332.14b334fb3717c109/mount/rapid/workflows/e09982ac-8a02-4fd8-8bfc-39f83a073a9b/tmp/tmpxfq9vedq/teleport-all-bundled.jar]\"},{\"key\":\"runner\",\"namespace\":\"org.apache.beam.sdk.options.PipelineOptions\",\"shortValue\":\"DataflowRunner\",\"type\":\"JAVA_CLASS\",\"value\":\"org.apache.beam.runners.dataflow.DataflowRunner\"},{\"key\":\"gcpTempLocation\",\"namespace\":\"google.dataflow.v1beta3.TemplatesService\",\"type\":\"STRING\",\"value\":\"gs://tf-state-service-accounts/tmp\"}],\"options\":{\"apiRootUrl\":\"https://dataflow.googleapis.com/\",\"appName\":\"PubsubToPubsub\",\"autoscalingAlgorithm\":\"BASIC\",\"credentialFactoryClass\":\"org.apache.beam.sdk.extensions.gcp.auth.GcpCredentialFactory\",\"dataflowEndpoint\":\"\",\"dataflowJobId\":\"2021-04-27_08_34_20-8562643317148312878\",\"dataflowKmsKey\":null,\"dataflowWorkerJar\":null,\"defaultEnvironmentConfig\":null,\"defaultEnvironmentType\":null,\"diskSizeGb\":0,\"enableCloudDebugger\":false,\"enableStreamingEngine\":false,\"experiments\":null,\"filesToStage\":[\"/export/hda3/borglet/remote_hdd_fs_dirs/0.rapid.runner-t2zfzvyb-xzn6-rgig-pryn-ouxnqent52mf.dataflow-releaser.798918173332.14b334fb3717c109/mount/rapid/workflows/e09982ac-8a02-4fd8-8bfc-39f83a073a9b/tmp/tmpxfq9vedq/teleport-all-bundled.jar\"],\"filterKey\":null,\"filterValue\":null,\"gcpTempLocation\":\"gs://tf-state-service-accounts/tmp\",\"gcsPerformanceMetrics\":false,\"gcsUploadBufferSizeBytes\":1048576,\"googleApiTrace\":null,\"inputSubscription\":\"projects/cloud-custodian/subscriptions/test\",\"jobName\":\"pubsubtopubsub-dataflow0releaser-0419082627-8130e736\",\"labels\":{\"goog-dataflow-provided-template-name\":\"cloud_pubsub_to_cloud_pubsub\",\"goog-dataflow-provided-template-type\":\"legacy\",\"goog-dataflow-provided-template-version\":\"2021-04-19-00_rc00\"},\"maxNumWorkers\":3,\"network\":null,\"numWorkers\":2,\"numberOfWorkerHarnessThreads\":0,\"optionsId\":0,\"outputTopic\":\"projects/cloud-custodian/topics/topic\",\"overrideWindmillBinary\":null,\"pathValidatorClass\":\"org.apache.beam.sdk.extensions.gcp.storage.GcsPathValidator\",\"pipelineUrl\":\"gs://dataflow-templates-libraries/2021-04-19-00_RC00/pipeline-T2clImR1XdMoJ4t-nPZUDhQdcflNPD6tuHFqqXCLTSA.pb\",\"project\":\"cloud-custodian\",\"region\":\"us-central1\",\"runner\":\"org.apache.beam.runners.dataflow.DataflowRunner\",\"saveProfilesToGcs\":null,\"serviceAccount\":null,\"stableUniqueNames\":\"WARNING\",\"stagerClass\":\"org.apache.beam.runners.dataflow.util.GcsStager\",\"stagingLocation\":\"gs://dataflow-templates-libraries/2021-04-19-00_RC00\",\"streaming\":true,\"subnetwork\":null,\"tempLocation\":\"gs://tf-state-service-accounts/tmp\",\"templateLocation\":\"gs://dataflow-templates-us-central1/latest/Cloud_PubSub_to_Cloud_PubSub\",\"userAgent\":\"Apache_Beam_SDK_for_Java/2.27.0(JDK_11_environment)\",\"workerDiskType\":null,\"workerHarnessContainerImage\":\"gcr.io/cloud-dataflow/v1beta3/IMAGE:beam-2.27.0\",\"workerMachineType\":null,\"workerRegion\":null,\"zone\":null}}", + "packages": "gs://dataflow-templates-libraries/2021-04-19-00_RC00/teleport-all-bundled-_uGQoGj2e2zz5Uspavdbswu75ubbmt8_U5Z1LHjdAZo.jar|teleport-all-bundled-_uGQoGj2e2zz5Uspavdbswu75ubbmt8_U5Z1LHjdAZo.jar" + }, + "autoscalingSettings": { + "algorithm": "AUTOSCALING_ALGORITHM_BASIC", + "maxNumWorkers": 3 + }, + "poolArgs": {}, + "network": "default", + "workerHarnessContainerImage": "gcr.io/cloud-dataflow/v1beta3/beam-java11-streaming:beam-2.27.0" + } + ], + "userAgent": { + "name": "Apache Beam SDK for Java", + "legacy.environment.major.version": "8", + "version": "2.27.0", + "os.name": "Linux", + "container.version": "beam-2.27.0", + "fnapi.environment.major.version": "8", + "os.arch": "amd64", + "java.version": "11.0.10", + "java.vendor": "Google Inc.", + "os.version": "4.15.0-smp-911.32.0.0" + }, + "version": { + "major": "8", + "job_type": "STREAMING" + }, + "dataset": "bigquery.googleapis.com/cloud_dataflow", + "sdkPipelineOptions": { + "display_data": [ + { + "value": "pubsubtopubsub-dataflow0releaser-0419082627-8130e736", + "type": "STRING", + "namespace": "org.apache.beam.sdk.options.PipelineOptions", + "key": "jobName" + }, + { + "type": "BOOLEAN", + "value": true, + "namespace": "org.apache.beam.sdk.options.StreamingOptions", + "key": "streaming" + }, + { + "type": "STRING", + "key": "labels", + "namespace": "org.apache.beam.runners.dataflow.options.DataflowPipelineOptions", + "value": "{goog-dataflow-provided-template-name=cloud_pubsub_to_cloud_pubsub, goog-dataflow-provided-template-version=2021-04-19-00_rc00, goog-dataflow-provided-template-type=legacy}" + }, + { + "namespace": "org.apache.beam.runners.dataflow.options.DataflowPipelineWorkerPoolOptions", + "key": "autoscalingAlgorithm", + "value": "THROUGHPUT_BASED", + "type": "STRING" + }, + { + "value": "gs://dataflow-templates-libraries/2021-04-19-00_RC00", + "namespace": "org.apache.beam.runners.dataflow.options.DataflowPipelineOptions", + "key": "stagingLocation", + "type": "STRING" + }, + { + "key": "pipelineUrl", + "type": "STRING", + "value": "gs://dataflow-templates-libraries/2021-04-19-00_RC00/pipeline-T2clImR1XdMoJ4t-nPZUDhQdcflNPD6tuHFqqXCLTSA.pb", + "namespace": "org.apache.beam.runners.dataflow.options.DataflowPipelineOptions" + }, + { + "key": "maxNumWorkers", + "value": 3, + "namespace": "org.apache.beam.runners.dataflow.options.DataflowPipelineWorkerPoolOptions", + "type": "INTEGER" + }, + { + "key": "project", + "type": "STRING", + "namespace": "org.apache.beam.runners.dataflow.options.DataflowPipelineOptions", + "value": "dataflow-templates" + }, + { + "key": "gcsUploadBufferSizeBytes", + "namespace": "org.apache.beam.sdk.extensions.gcp.options.GcsOptions", + "value": 1048576, + "type": "INTEGER" + }, + { + "type": "STRING", + "key": "userAgent", + "namespace": "org.apache.beam.sdk.options.PipelineOptions", + "value": "Apache_Beam_SDK_for_Java/2.27.0(JDK_11_environment)" + }, + { + "value": "gs://tf-state-service-accounts/tmp", + "key": "tempLocation", + "type": "STRING", + "namespace": "org.apache.beam.sdk.options.PipelineOptions" + }, + { + "type": "STRING", + "key": "appName", + "namespace": "org.apache.beam.sdk.options.ApplicationNameOptions", + "value": "PubsubToPubsub" + }, + { + "value": "us-central1", + "key": "region", + "namespace": "org.apache.beam.runners.dataflow.options.DataflowPipelineOptions", + "type": "STRING" + }, + { + "value": "[/export/hda3/borglet/remote_hdd_fs_dirs/0.rapid.runner-t2zfzvyb-xzn6-rgig-pryn-ouxnqent52mf.dataflow-releaser.798918173332.14b334fb3717c109/mount/rapid/workflows/e09982ac-8a02-4fd8-8bfc-39f83a073a9b/tmp/tmpxfq9vedq/teleport-all-bundled.jar]", + "namespace": "org.apache.beam.sdk.options.PortablePipelineOptions", + "type": "STRING", + "key": "filesToStage" + }, + { + "type": "STRING", + "namespace": "org.apache.beam.runners.dataflow.options.DataflowPipelineOptions", + "value": "gs://dataflow-templates-us-central1/latest/Cloud_PubSub_to_Cloud_PubSub", + "key": "templateLocation" + }, + { + "type": "STRING", + "namespace": "org.apache.beam.runners.dataflow.options.DataflowPipelineWorkerPoolOptions", + "value": "[/export/hda3/borglet/remote_hdd_fs_dirs/0.rapid.runner-t2zfzvyb-xzn6-rgig-pryn-ouxnqent52mf.dataflow-releaser.798918173332.14b334fb3717c109/mount/rapid/workflows/e09982ac-8a02-4fd8-8bfc-39f83a073a9b/tmp/tmpxfq9vedq/teleport-all-bundled.jar]", + "key": "filesToStage" + }, + { + "key": "runner", + "namespace": "org.apache.beam.sdk.options.PipelineOptions", + "shortValue": "DataflowRunner", + "type": "JAVA_CLASS", + "value": "org.apache.beam.runners.dataflow.DataflowRunner" + }, + { + "type": "STRING", + "namespace": "google.dataflow.v1beta3.TemplatesService", + "value": "gs://tf-state-service-accounts/tmp", + "key": "gcpTempLocation" + } + ], + "options": { + "filterKey": null, + "credentialFactoryClass": "org.apache.beam.sdk.extensions.gcp.auth.GcpCredentialFactory", + "filterValue": null, + "numWorkers": 0, + "labels": { + "goog-dataflow-provided-template-name": "cloud_pubsub_to_cloud_pubsub", + "goog-dataflow-provided-template-version": "2021-04-19-00_rc00", + "goog-dataflow-provided-template-type": "legacy" + }, + "enableStreamingEngine": false, + "autoscalingAlgorithm": "THROUGHPUT_BASED", + "overrideWindmillBinary": null, + "saveProfilesToGcs": null, + "pathValidatorClass": "org.apache.beam.sdk.extensions.gcp.storage.GcsPathValidator", + "dataflowEndpoint": "", + "googleApiTrace": null, + "stagingLocation": "gs://dataflow-templates-libraries/2021-04-19-00_RC00", + "workerHarnessContainerImage": "gcr.io/cloud-dataflow/v1beta3/IMAGE:beam-2.27.0", + "filesToStage": [ + "/export/hda3/borglet/remote_hdd_fs_dirs/0.rapid.runner-t2zfzvyb-xzn6-rgig-pryn-ouxnqent52mf.dataflow-releaser.798918173332.14b334fb3717c109/mount/rapid/workflows/e09982ac-8a02-4fd8-8bfc-39f83a073a9b/tmp/tmpxfq9vedq/teleport-all-bundled.jar" + ], + "runner": "org.apache.beam.runners.dataflow.DataflowRunner", + "region": "us-central1", + "project": "dataflow-templates", + "optionsId": 0, + "stagerClass": "org.apache.beam.runners.dataflow.util.GcsStager", + "dataflowKmsKey": null, + "diskSizeGb": 0, + "tempLocation": "gs://tf-state-service-accounts/tmp", + "appName": "PubsubToPubsub", + "workerDiskType": null, + "workerMachineType": null, + "enableCloudDebugger": false, + "gcpTempLocation": "gs://tf-state-service-accounts/tmp", + "zone": null, + "dataflowWorkerJar": null, + "gcsUploadBufferSizeBytes": 1048576, + "defaultEnvironmentType": null, + "subnetwork": null, + "workerRegion": null, + "outputTopic": null, + "serviceAccount": null, + "inputSubscription": null, + "numberOfWorkerHarnessThreads": 0, + "gcsPerformanceMetrics": false, + "maxNumWorkers": 3, + "userAgent": "Apache_Beam_SDK_for_Java/2.27.0(JDK_11_environment)", + "streaming": true, + "templateLocation": "gs://dataflow-templates-us-central1/latest/Cloud_PubSub_to_Cloud_PubSub", + "apiRootUrl": "https://dataflow.googleapis.com/", + "pipelineUrl": "gs://dataflow-templates-libraries/2021-04-19-00_RC00/pipeline-T2clImR1XdMoJ4t-nPZUDhQdcflNPD6tuHFqqXCLTSA.pb", + "network": null, + "jobName": "pubsubtopubsub-dataflow0releaser-0419082627-8130e736", + "defaultEnvironmentConfig": null, + "experiments": null, + "stableUniqueNames": "WARNING" + } + } + }, + "steps": [ + { + "kind": "ParallelRead", + "name": "s1", + "properties": { + "pubsub_serialized_attributes_fn": { + "value": "%82SNAPPY%00%00%00%00%01%00%00%00%01%00%00%00%e7%c8%02%c8%ac%ed%00%05sr%00Aorg.apache.beam.runners.dataflow.DataflowRu%01%19%80$IdentityMessageFn%df+D%103N%8c%f1%02%00%00xr%00->P%00%d0sdk.transforms.SimpleFunction%e0XCU8%12%02%13%02%00%01L%00%02fnt%005Lorg/%09%91%00/%01%91%10/sdk/%19A(/Serializab%19G%10;xr%000zy%00%10Infer.5%00%1cBw%f7%f9]+V%c8%19|%040Lz|%00LProcessFunction;xppp", + "@type": "http://schema.org/Text" + }, + "format": { + "@type": "http://schema.org/Text", + "value": "pubsub" + }, + "pubsub_subscription_runtime_override": { + "value": "inputSubscription", + "@type": "http://schema.org/Text" + }, + "user_name": { + "value": "Read PubSub Events/PubsubUnboundedSource", + "@type": "http://schema.org/Text" + }, + "output_info": [ + { + "output_name": { + "value": "output", + "@type": "http://schema.org/Text" + }, + "user_name": { + "@type": "http://schema.org/Text", + "value": "Read PubSub Events/PubsubUnboundedSource.out0" + }, + "encoding": { + "@type": "kind:windowed_value", + "is_wrapper": { + "value": true, + "@type": "http://schema.org/Boolean" + }, + "component_encodings": [ + { + "serialized_coder": { + "@type": "http://schema.org/Text", + "value": "%82SNAPPY%00%00%00%00%01%00%00%00%01%00%00%00%92%bb%01%f0X%ac%ed%00%05sr%00Borg.apache.beam.sdk.io.gcp.pubsub.PubsubMessageWithAttributesCoder%de%88%17?%e0%93%d6U%02%00%00xr%00&NQ%004coders.CustomC%01%0d j%b0%08%9d%0b;%1d%0b%02%055%00 n5%00%01/0C%dd%d5%89%ae%bc~%f8%02%00%00xp" + }, + "type": { + "@type": "http://schema.org/Text", + "value": "org.apache.beam.sdk.io.gcp.pubsub.PubsubMessageWithAttributesCoder" + }, + "@type": "org.apache.beam.sdk.coders.CustomCoder" + }, + { + "@type": "kind:global_window" + } + ] + } + } + ] + } + }, + { + "kind": "ParallelDo", + "name": "s2", + "properties": { + "display_data": [ + { + "shortValue": { + "value": "PubsubIO$Read$$Lambda$133/0x0000000800d78440", + "@type": "http://schema.org/Text" + }, + "namespace": { + "@type": "http://schema.org/Text", + "value": "org.apache.beam.sdk.transforms.MapElements" + }, + "value": { + "@type": "http://schema.org/Text", + "value": "org.apache.beam.sdk.io.gcp.pubsub.PubsubIO$Read$$Lambda$133/0x0000000800d78440" + }, + "key": { + "@type": "http://schema.org/Text", + "value": "class" + }, + "type": { + "value": "JAVA_CLASS", + "@type": "http://schema.org/Text" + } + }, + { + "namespace": { + "@type": "http://schema.org/Text", + "value": "org.apache.beam.sdk.transforms.ParDo$SingleOutput" + }, + "type": { + "@type": "http://schema.org/Text", + "value": "JAVA_CLASS" + }, + "label": { + "value": "Transform Function", + "@type": "http://schema.org/Text" + }, + "value": { + "value": "org.apache.beam.sdk.transforms.MapElements$1", + "@type": "http://schema.org/Text" + }, + "key": { + "@type": "http://schema.org/Text", + "value": "fn" + }, + "shortValue": { + "@type": "http://schema.org/Text", + "value": "" + } + } + ], + "serialized_fn": { + "@type": "http://schema.org/Text", + "value": "%82SNAPPY%00%00%00%00%01%00%00%00%01%00%00%09G%ba%25%f0C%ac%ed%00%05sr%00!org.apache.beam.sdk.util.DoFnInfoU%02t%9cZ%d7]%d3%02%00%08L%00%04doFnt%00%25Lorg/a%057%00/%0170%00%18;xpsr%00,N%bf%019%88%90.MapElements$1%0e%05I%1e%f4%84%8d%b0%02%00%01L%00%06this$0t%00,Rw%00%19D%01%f2%11D%10;xr%00#zs%00!%fb(%acD#%06%ce%93%bd%9d%02%00%00%05%a7%00*z4%00%1d%a7%1c%d3`I%e6%a9%91h%c1%05%a5%14%02fnt%00+~%a1%00$Contextful%01%a0%00)zl%00%04PTQ%a7 ou%b8%af%8aC%ce%8c%03%01%a6%08xsr%82;%00%19i%5c%e6%22j%5c%cf%d4%d3%fd%02%00%02L%00%07closuret%00%12=%ee%14ObjectAM%14requir)%86%08t%00-~%cf%00%00R%1d/)%e6%00!A%7f%00.AD%f0F.invoke.SerializedLambdaoa%d0%94,)6%85%02%00%0aI%00%0eimplMethodKind[%00%0ccapturedArgst%00%13[N%a7%00%00%0e%09%25(ingClasst%00%11%1d&%05%13%1c;L%00%18funca%c4(alInterface%05%1c6%fc%00%04St%01H%0c;L%00%1dJ0%00%00M%05%9a%0cNamea5%0c%18L%00%22b%25%00%1cSignatur%11*%10%09impl%05p%0d;%1d%eb%1dQ%00%13%01'%09g>B%000%16instantiated%09#%08Typ%09`%1cxp%00%00%00%06ur1!)r-%c8%1c%90%ceX%9f%10s)lE%d3%0c%00%00%00%01%05%83%00%15%052%01%8d %1a%00%00%00%00vr%00/N%7f%028io.gcp.pubsub.P%05%078IO$Read%f6%f8%8c%f9@%db%90%97%01X%01H%0c%0ft%003z%1d%051%fd%81L%00F-%90,t%00%05applyt%00&(=%b8%0d%bd%00)F%13%00%00t%05%aa%00/%a9%fb%b9%c4%18io/gcp/%09%aa%00/2%aa%00%0ct%00%1clEmd$newBuilder$60328d98$1t%00d(R%db%02NS%00 Message;)%c22%00!$%04%25v%01%06%04%11t%85%ffB%c3%00%9d%bby%b1%08$Fn%014%0c!t%00%5cJ %01R%86%00^H%00%00$%0dVVV%01%81%7f%96%93%00%08t%00%14-P(fn$36334a93!H%00%8cVH%01%1d%90%18Process1%fd%00;F%df%01%00LzD%02%0d%c4%04fu!%1an%d2%00!6%10(sr%00+N%d8%02%19%93%00..%b6%04%1c>!%9aY%1dz0f%a5%c4%00%0a%f5%13%0cst%00%16%09%aa%e5J%10Colle%85M%89%e6%00%1f%85%e6%01%1b%00.%19%1bHs$EmptyListz%b8%17%b4<%a7%9e%dea*%c1%fc%00>z%92%00%10AutoV%e1%db%00_%c1%93BN%08%1c%e25%cb%d3%b7`%9a%ac%05%a5%04%11e%e9&%1cConverte%e1%f6%00%10%1d%ac%01%80%c1]%004zt%00Rj%00%1c%af%d5QB%d7}%01W%05%b9!P%100sr%00BNJ%00N(%04m+4WithAttributes%12%9a%08%1c%de%88%17?%e0%93%d6U%01X%08r%00&NQ%00%16%0d%09%18.Custom%055%1cj%b0%08%9d%0b;%1d%0b%095%00 n5%00%0eI%09%1cC%dd%d5%89%ae%bc~%f8%01/!uR%fe%07%16%a4%08%04.T%1aA%09D%b3%18yf[%c0z%b5%02%00%02Z%00%09gene%0e%e3%08%14dL%00%02id%01%ff%10%18xp%01tV%01%01%0dJ%00PY%01|.:402#e1121b0805e8b107sr%00%11Y5%b8HashMap%05%07%da%c1%c3%16`%d1%03%00%02F%00%0aloadFactorI%00%09thresholdxp?@%a1%b0%1c%00%0cw%08%00%00%00%10%a1%d0%01%9a%00:%a5%d5%005%0e%0c%08%00%5c>%1a%01|vendor.guava.v26_0_jre.com.googl%05%0b%10mon.cI%d8%14.Immut%a1%a4%0cMap$%b1%b4%14edForm%05|,%00%00%00%02%00%02[%00%04key%05x%0c%16[%00%06)%01%01%8c%08%16xp%d9Y%19%0a%0csr%00j%ee%9b%00%05%9b%18Regular2%a2%00e+%00sb%a9%00$%01L%00%03mapt%00OB[%04)%1a%00/%25%1a%00/5%1a%10/com/)%1a%01%0b%0cmon/-%1a%00/.x%00%04;xe%13%00@^%cd%0a)%11%04.W>%00%0bH9%8a%9e%e7%08%0d%19%e0%02%00%0cZ%00%18allow%0e%0d%09TtenessSpecifiedZ%00%0dmode%1d%10D%1atimestampCombiner%1d%1d%14%10trigg%1d%13%08L%00%0f:[%00%08t%00%18%25%01%10joda/%01L%0c/Dur%12%d7%0c%0c;L%00%0f%0e%0a%0a4ingBehaviort%00A%05->f%07%b98%00/%22%09%0c%1a%e3%0b%0c$Clo.C%00<;L%00%0denvironmentIiB%08L%00%04%01%d8%08t%00?R`%00)5%0dR%00i&e%0c%1c$Accumul%05%b0%08Mod%0e%8b%0c%18%0eonTime%19%b3%00@RS%00n%b3%00%00O2B%00%0e%df%0c!%192e%01%08t%00<%a6W%00%01%902>%00%0c;L%00%07-%9b%08t%002%aaI%00)%cf%10;L%00%08wEA%0e%bd%0e%003%a6@%00Iv%00F%c1%a1a%af%0csr%00%16a|!%fc%00.%01%e3%00.1%fc%1c%00%00%02?zQ%ce%d6%a1'%08r%00%1f6%25%00 base.Base%1d.DY%19:%f4%8e%02%00%01J%00%07iMillis%12~%0a%05%01%0c~r%00?%01BI6%04.b%1e%97%0f9%83%00.%09%ce%0cing.%09%a3>6%02%05H$%00%00%00%12%00%00xr%00%0e%a5%25%12@%0c%08Enu%95~%01%1dXpt%00%11FIRE_IF_NON_EMPTYt%00%01%84%00=N%84%00IZ%0dvnZ%02%01~%01%01%01e%81%cf8St%00%16DISCARDING_%01t D_PANES~r%82%cb%07B%ef%006r%02%01h%01%01%1dl%00%0b%01a%14_ALWAY%01a%00:N%cc%00RP%01B|%02%01Y%01%01%1d]D%0dEND_OF_WINDOWsr%007%a2_%00%18DefaultM%99%1cj%136%d1%8a%16%8b%1fI7%000%a2F%00%0d?%1c%be,k%b7f%f5%9b%80%12%c3%08%0c%0bsub%0d%18%c5@%002%a9Y%0el%08%006%a2Y%00%14GlobalIT$s%96%16%b9%14%02%8a%af%0f%02EE%00;%a2E%00$NonMerging%09I$FnW%06%0bg%d3%ee%a8%ab%09J%001%a2J%00%11@0%c6%04%19y%ba%8a%96W%02%00%00xp" + }, + "parallel_input": { + "step_name": "s1", + "output_name": "output", + "@type": "OutputReference" + }, + "user_name": { + "@type": "http://schema.org/Text", + "value": "Read PubSub Events/MapElements/Map" + }, + "user_fn": { + "value": "org.apache.beam.sdk.transforms.MapElements$1", + "@type": "http://schema.org/Text" + }, + "output_info": [ + { + "user_name": { + "value": "Read PubSub Events/MapElements/Map.out0", + "@type": "http://schema.org/Text" + }, + "encoding": { + "component_encodings": [ + { + "type": { + "value": "org.apache.beam.sdk.io.gcp.pubsub.PubsubMessageWithAttributesCoder", + "@type": "http://schema.org/Text" + }, + "@type": "org.apache.beam.sdk.coders.CustomCoder", + "serialized_coder": { + "@type": "http://schema.org/Text", + "value": "%82SNAPPY%00%00%00%00%01%00%00%00%01%00%00%00%92%bb%01%f0X%ac%ed%00%05sr%00Borg.apache.beam.sdk.io.gcp.pubsub.PubsubMessageWithAttributesCoder%de%88%17?%e0%93%d6U%02%00%00xr%00&NQ%004coders.CustomC%01%0d j%b0%08%9d%0b;%1d%0b%02%055%00 n5%00%01/0C%dd%d5%89%ae%bc~%f8%02%00%00xp" + } + }, + { + "@type": "kind:global_window" + } + ], + "@type": "kind:windowed_value", + "is_wrapper": { + "value": true, + "@type": "http://schema.org/Boolean" + } + }, + "output_name": { + "@type": "http://schema.org/Text", + "value": "org.apache.beam.sdk.values.PCollection.:402#e1121b0805e8b107" + } + } + ] + } + }, + { + "kind": "ParallelDo", + "name": "s3", + "properties": { + "output_info": [ + { + "user_name": { + "value": "Filter Events If Enabled.out0", + "@type": "http://schema.org/Text" + }, + "output_name": { + "@type": "http://schema.org/Text", + "value": "org.apache.beam.sdk.values.PCollection.:402#f0f5b4f22d0cd0f1" + }, + "encoding": { + "component_encodings": [ + { + "@type": "org.apache.beam.sdk.coders.CustomCoder", + "serialized_coder": { + "value": "%82SNAPPY%00%00%00%00%01%00%00%00%01%00%00%00%92%bb%01%f0X%ac%ed%00%05sr%00Borg.apache.beam.sdk.io.gcp.pubsub.PubsubMessageWithAttributesCoder%de%88%17?%e0%93%d6U%02%00%00xr%00&NQ%004coders.CustomC%01%0d j%b0%08%9d%0b;%1d%0b%02%055%00 n5%00%01/0C%dd%d5%89%ae%bc~%f8%02%00%00xp", + "@type": "http://schema.org/Text" + }, + "type": { + "@type": "http://schema.org/Text", + "value": "org.apache.beam.sdk.io.gcp.pubsub.PubsubMessageWithAttributesCoder" + } + }, + { + "@type": "kind:global_window" + } + ], + "@type": "kind:windowed_value", + "is_wrapper": { + "value": true, + "@type": "http://schema.org/Boolean" + } + } + } + ], + "user_fn": { + "@type": "http://schema.org/Text", + "value": "com.google.cloud.teleport.templates.AutoValue_PubsubToPubsub_ExtractAndFilterEventsFn" + }, + "parallel_input": { + "step_name": "s2", + "output_name": "org.apache.beam.sdk.values.PCollection.:402#e1121b0805e8b107", + "@type": "OutputReference" + }, + "serialized_fn": { + "@type": "http://schema.org/Text", + "value": "%82SNAPPY%00%00%00%00%01%00%00%00%01%00%00%07%bc%e3%1c%f0C%ac%ed%00%05sr%00!org.apache.beam.sdk.util.DoFnInfoU%02t%9cZ%d7]%d3%02%00%08L%00%04doFnt%00%25Lorg/a%057%00/%0170%00%f0<;xpsr%00Ucom.google.cloud.teleport.templates.AutoValue_PubsubTo%09%08%a0_ExtractAndFilterEventsFn+S%af>%dd%a1 %15%02%00%02L%00%09fi%01%1c%14Keyt%00+R%a3%00%04op!%d6%04s/%05d%18Provide!{%00%0b%09:%05%17! %10%0axr%00K%8e%b1%00%09%9f%11%a7%00$^%a7%00<%e90%9f%09%aa%a5%ec%dd%02%00%04L%00%08do%09%c5%08t%00%13=t%14BooleaA;%04%0ei!%af%09$%05%cd%00%12%1d'%10Strin!%fa%00%15%1d&%05%b9%1cRegext%00%19%09-E%03%00r%01%13%18/Patter%01Z%18%11isNull%09[%055 q%00~%00%0cxr%00#N^%03y'ed0%acD#%06%ce%93%bd%9d%02%00%00xp%01%01%0csr%00>N8%00-g%00.%05b1g%1c$Runtime2%15%00 Y%e91%e7%d4:%88%8a%02A%93%1c%0cdefault%05%22%00t2%f6%00DObject;L%00%05klasst%00%11%09%e6E%ae%00C%01%13eA%1cethodNam%05%d7%0c%0dL%00%09%0d%8a%10Idt%00%10%1d2%04Lo%25C %0cproperty%153%18xppvr%00:%ca%fb%01%00OI[%00%00%19%01%1cxpt%00%0cget)n%18Keysr%00%0ea%9f%00.%01%b6%00.%05%840%8b%e4%90%cc%8f#%df%02%00%01J%00%05eA%0cxr%00%10%19%254Number%86%ac%95%1d%0b%94%e0%8b%25y%11a%00t]%f0%18sq%00~%00%11p%01%06%0c%17t%00%0e%15u%25J%01%16%04%1bt2%e4%02^%b9%01=%f1y%8b%a1%22B%e2%04p%e25%cb%d3%b7`%9a%ac%02%00%01L%00%11elementConverte%81%8a-oE%87 List;xr%004N-%02%1dtRj%00%1c%af%d5QB%d7}%01W%05%fd%0csr%00%1f%25%1e%01X%18.Collece%d3%14$Empty%01i%1cz%b8%17%b4<%a7%9e%de%110%00BNu%00 io.gcp.pu%81fm%c6PMessageWithAttributes%a5Y%1c%de%88%17?%e0%93%d6U%01S%08r%00&NQ%00%a9%cc%18.Custom%055%1cj%b0%08%9d%0b;%1d%0b%095%00 n5%00%c1%08%1cC%dd%d5%89%ae%bc~%f8%01/%01%e7R%91%03E%22%08s.T%cd%00D%b3%18yf[%c0z%b5%02%00%02Z%00%09gene%a1%a2%14dL%00%02id!%f6%10%0dxp%01tV%01%01%0dJ%00P9C|.:402#f0f5b4f22d0cd0f1sr%00%119w%b8HashMap%05%07%da%c1%c3%16`%d1%03%00%02F%00%0aloadFactorI%00%09thresholdxp?@E%b1(%0cw%08%00%00%00%10%00%00%00%01%01%9a%00+%01%05%14)xsr%00%1e%19X%19%8c-%cf(MapY6%14%85Z%dc%e7%d01%17n/%00(Set%15%f5r%1d%b4%03%cb(%11/%00,Nw%01%0d%fcB%a9%06%b09%8a%9e%e7%08%0d%19%e0%02%00%0cZ%00%18allowedLatenessSpecifiedZ%00%0dmode%1d%10D%1atimestampCombiner%1d%1d%14%10trigg%1d%13%08L%00%0f:[%00%08t%00%18%c5%ae%10joda/%01L%0c/Dur%12%80%08T;L%00%0fclosingBehaviort%00A%05-%16%0a%09R%d3%08%f5%b2%ed%8c%04$C6C%00(;L%00%0denvirona%b6%00II,%08L%00%04%01%d8%08t%00?R`%00)5%0dR%00i&%0e%08%1c$Accumul%05%b0%08Mod%0e4%08%18%0eonTime%19%b3%00@RS%00y%faF%b3%00%00O2B%00%0e%88%08!%192e%01%08t%00<%a6W%00%01%902>%00%0c;L%00%07-%9b%08t%002%aaI%00)%cf%0c;L%00%08)h%10Fnt%003%a6@%00Iv%10Fn;xpa%19%0csr%00%16A%a4!%fc%00.%01%e3%00.1%fc%1c%00%00%02?zQ%ce%d6A%cb%08r%00%1f6%25%00 base.Base%1d.%10Y%19:%f4%8e%c5J%1c%07iMillis%09c%01%01%0c~r%00?%01BI6%04.b%1e@%0b9%83%00.%09%ce%0cing.%09%a3>6%02%01G%01%01%0c%12%00%00x2%c9%06%0cEnum%01%19%01%01%01%1dXpt%00%11FIRE_IF_NON_EMPTYt%00%01%84%00=N%84%00IZ%0dvnZ%02%01a%01%01%01e%81@8@t%00%16DISCARDING_%01t%1cD_PANES~Z%99%08n%ef%006r%02%01h%01%01%1dl%00%0b%01a%14_ALWAY%01a%00:N%cc%00Ra%00B|%02%01Y%01%01%1d]D%0dEND_OF_WINDOWsr%007%a2_%00%08Def%0e6%09M%99%1cj%136%d1%8a%16%8b%1fI7%000%a2F%00%0d?%1c%be,k%b7f%f5%9b%80%e5%d8%0c%0bsub%0d%18%12b%08%04!x%12c%08%10%25sr%006%a2Y%00%14GlobalIT$s%96%16%b9%14%02%8a%af%0f%02EE%00;%a2E%00$NonMerging%09I$FnW%06%0bg%d3%ee%a8%ab%09J%001%a2J%00%11@0%c6%04%19y%ba%8a%96W%02%00%00xp" + }, + "user_name": { + "value": "Filter Events If Enabled", + "@type": "http://schema.org/Text" + }, + "display_data": [ + { + "shortValue": { + "value": "AutoValue_PubsubToPubsub_ExtractAndFilterEventsFn", + "@type": "http://schema.org/Text" + }, + "label": { + "value": "Transform Function", + "@type": "http://schema.org/Text" + }, + "key": { + "@type": "http://schema.org/Text", + "value": "fn" + }, + "type": { + "@type": "http://schema.org/Text", + "value": "JAVA_CLASS" + }, + "namespace": { + "@type": "http://schema.org/Text", + "value": "org.apache.beam.sdk.transforms.ParDo$SingleOutput" + }, + "value": { + "@type": "http://schema.org/Text", + "value": "com.google.cloud.teleport.templates.AutoValue_PubsubToPubsub_ExtractAndFilterEventsFn" + } + } + ] + } + }, + { + "kind": "ParallelDo", + "name": "s4", + "properties": { + "user_fn": { + "value": "org.apache.beam.sdk.transforms.MapElements$1", + "@type": "http://schema.org/Text" + }, + "parallel_input": { + "step_name": "s3", + "output_name": "org.apache.beam.sdk.values.PCollection.:402#f0f5b4f22d0cd0f1", + "@type": "OutputReference" + }, + "serialized_fn": { + "value": "%82SNAPPY%00%00%00%00%01%00%00%00%01%00%00%09G%bc%25%f0C%ac%ed%00%05sr%00!org.apache.beam.sdk.util.DoFnInfoU%02t%9cZ%d7]%d3%02%00%08L%00%04doFnt%00%25Lorg/a%057%00/%0170%00%18;xpsr%00,N%bf%019%88%90.MapElements$1%0e%05I%1e%f4%84%8d%b0%02%00%01L%00%06this$0t%00,Rw%00%19D%01%f2%11D%10;xr%00#zs%00!%fb(%acD#%06%ce%93%bd%9d%02%00%00%05%a7%00*z4%00%1d%a7%1c%d3`I%e6%a9%91h%c1%05%a5%14%02fnt%00+~%a1%00$Contextful%01%a0%00)zl%00%04PTQ%a7 ou%b8%af%8aC%ce%8c%03%01%a6%08xsr%82;%00%19i%5c%e6%22j%5c%cf%d4%d3%fd%02%00%02L%00%07closuret%00%12=%ee%14ObjectAM%14requir)%86%08t%00-~%cf%00%00R%1d/)%e6%00!A%7f%00.AD%f0F.invoke.SerializedLambdaoa%d0%94,)6%85%02%00%0aI%00%0eimplMethodKind[%00%0ccapturedArgst%00%13[N%a7%00%00%0e%09%25(ingClasst%00%11%1d&%05%13%1c;L%00%18funca%c4(alInterface%05%1c6%fc%00%04St%01H%0c;L%00%1dJ0%00%00M%05%9a%0cNamea5%0c%18L%00%22b%25%00%1cSignatur%11*%10%09impl%05p%0d;%1d%eb%1dQ%00%13%01'%09g>B%000%16instantiated%09#%08Typ%09`%1cxp%00%00%00%06ur1!)r-%c8%1c%90%ceX%9f%10s)lE%d3%0c%00%00%00%01%05%83%00%15%052%01%8d %1a%00%00%00%00vr%000N%7f%028io.gcp.pubsub.P%05%07!%9aY%1dz0f%a5%c6%00%0a%f5%15%0cst%00%16%09%aa%e5L%10Colle%85O%89%e8%00%1f%85%e8%01%1b%00.%19%1bHs$EmptyListz%b8%17%b4<%a7%9e%dea+%c1%fe%00>z%92%00%10AutoV%e1%dd%00_%c1%95BP%08%1c%e25%cb%d3%b7`%9a%ac%05%a5%04%11e%e9(%1cConverte%e1%f8%00%10%1d%ac%01%80%c1_%004zt%00Rj%00%1c%af%d5QB%d7}%01W%05%b9!P%100sr%00BNJ%00N*%04m+4WithAttributes%12%9c%08%1c%de%88%17?%e0%93%d6U%01X%08r%00&NQ%00%16%0f%09%18.Custom%055%1cj%b0%08%9d%0b;%1d%0b%095%00 n5%00%0eK%09%1cC%dd%d5%89%ae%bc~%f8%01/!uR%00%08%16%a6%08%04.T%1aC%09D%b3%18yf[%c0z%b5%02%00%02Z%00%09gene%0e%e5%08%14dL%00%02id%01%ff%10%18xp%01tV%01%01%0dJ%00PY%01h.:402#4663620f501c927!G%00%11Y5%b8HashMap%05%07%da%c1%c3%16`%d1%03%00%02F%00%0aloadFactorI%00%09thresholdxp?@%a1%b2%1c%00%0cw%08%00%00%00%10%a1%d2%01%9a%00:%a5%d7%005%0e%0e%08%00%5c>%1a%01|vendor.guava.v26_0_jre.com.googl%05%0b%10mon.cI%d8%14.Immut%a1%a5%0cMap$%b1%b5%14edForm%05|,%00%00%00%02%00%02[%00%04key%05x%0c%16[%00%06)%01%01%8c%08%16xp%d9[%19%0a%0csr%00j%ee%9b%00%05%9b%18Regular2%a2%00e+%00sb%a9%00$%01L%00%03mapt%00OB[%04)%1a%00/%25%1a%00/5%1a%10/com/)%1a%01%0b%0cmon/-%1a%00/.x%00%04;xe%13%00@^%cf%0a)%11%04.W>%02%0bH9%8a%9e%e7%08%0d%19%e0%02%00%0cZ%00%18allow%0e%0f%09TtenessSpecifiedZ%00%0dmode%1d%10D%1atimestampCombiner%1d%1d%14%10trigg%1d%13%08L%00%0f:[%00%08t%00%18%25%01%10joda/%01L%0c/Dur%12%d9%0c%0c;L%00%0f%0e%0c%0a4ingBehaviort%00A%05->g%07%b98%00/%22%0b%0c%1a%e5%0b%0c$Clo.C%00<;L%00%0denvironmentIiB%08L%00%04%01%d8%08t%00?R`%00)5%0dR%00i&g%0c%1c$Accumul%05%b0%08Mod%0e%8d%0c%18%0eonTime%19%b3%00@RS%00n%b3%00%00O2B%00%0e%e1%0c!%192e%01%08t%00<%a6W%00%01%902>%00%0c;L%00%07-%9b%08t%002%aaI%00)%cf%10;L%00%08wEA%0e%bf%0e%003%a6@%00Iv%00F%c1%a1a%af%0csr%00%16a|!%fc%00.%01%e3%00.1%fc%1c%00%00%02?zQ%ce%d6%a1'%08r%00%1f6%25%00 base.Base%1d.DY%19:%f4%8e%02%00%01J%00%07iMillis%12%80%0a%05%01%0c~r%00?%01BI6%04.b%1e%99%0f9%83%00.%09%ce%0cing.%09%a3>6%02%05H$%00%00%00%12%00%00xr%00%0e%a5%25%12B%0c%08Enu%95~%01%1dXpt%00%11FIRE_IF_NON_EMPTYt%00%01%84%00=N%84%00IZ%0dvnZ%02%01~%01%01%01e%81%cf8St%00%16DISCARDING_%01t D_PANES~r%82%cb%07B%ef%006r%02%01h%01%01%1dl%00%0b%01a%14_ALWAY%01a%00:N%cc%00RP%01B|%02%01Y%01%01%1d]D%0dEND_OF_WINDOWsr%007%a2_%00%18DefaultM%99%1cj%136%d1%8a%16%8b%1fI7R=%0cV%a5%00I%d8%1c%be,k%b7f%f5%9b%80%12%c3%08%0c%0bsub%0d%18%c5@%002%a9Y%e1%25%006%a2%9f%00%14GlobalIT$s%96%16%b9%14%02%8a%af%0f%02EE%00;%a2E%00$NonMerging%09I$FnW%06%0bg%d3%ee%a8%ab%09J%001%a2J%00%11@0%c6%04%19y%ba%8a%96W%02%00%00xp", + "@type": "http://schema.org/Text" + }, + "display_data": [ + { + "shortValue": { + "value": "PubsubIO$Write$$Lambda$161/0x0000000800e1d040", + "@type": "http://schema.org/Text" + }, + "namespace": { + "value": "org.apache.beam.sdk.transforms.MapElements", + "@type": "http://schema.org/Text" + }, + "type": { + "value": "JAVA_CLASS", + "@type": "http://schema.org/Text" + }, + "value": { + "value": "org.apache.beam.sdk.io.gcp.pubsub.PubsubIO$Write$$Lambda$161/0x0000000800e1d040", + "@type": "http://schema.org/Text" + }, + "key": { + "value": "class", + "@type": "http://schema.org/Text" + } + }, + { + "shortValue": { + "value": "", + "@type": "http://schema.org/Text" + }, + "namespace": { + "@type": "http://schema.org/Text", + "value": "org.apache.beam.sdk.transforms.ParDo$SingleOutput" + }, + "label": { + "@type": "http://schema.org/Text", + "value": "Transform Function" + }, + "key": { + "value": "fn", + "@type": "http://schema.org/Text" + }, + "type": { + "@type": "http://schema.org/Text", + "value": "JAVA_CLASS" + }, + "value": { + "value": "org.apache.beam.sdk.transforms.MapElements$1", + "@type": "http://schema.org/Text" + } + } + ], + "output_info": [ + { + "encoding": { + "@type": "kind:windowed_value", + "is_wrapper": { + "value": true, + "@type": "http://schema.org/Boolean" + }, + "component_encodings": [ + { + "@type": "org.apache.beam.sdk.coders.CustomCoder", + "type": { + "@type": "http://schema.org/Text", + "value": "org.apache.beam.sdk.io.gcp.pubsub.PubsubMessageWithAttributesCoder" + }, + "serialized_coder": { + "value": "%82SNAPPY%00%00%00%00%01%00%00%00%01%00%00%00%92%bb%01%f0X%ac%ed%00%05sr%00Borg.apache.beam.sdk.io.gcp.pubsub.PubsubMessageWithAttributesCoder%de%88%17?%e0%93%d6U%02%00%00xr%00&NQ%004coders.CustomC%01%0d j%b0%08%9d%0b;%1d%0b%02%055%00 n5%00%01/0C%dd%d5%89%ae%bc~%f8%02%00%00xp", + "@type": "http://schema.org/Text" + } + }, + { + "@type": "kind:global_window" + } + ] + }, + "user_name": { + "@type": "http://schema.org/Text", + "value": "Write PubSub Events/MapElements/Map.out0" + }, + "output_name": { + "@type": "http://schema.org/Text", + "value": "org.apache.beam.sdk.values.PCollection.:402#4663620f501c9270" + } + } + ], + "user_name": { + "@type": "http://schema.org/Text", + "value": "Write PubSub Events/MapElements/Map" + } + } + }, + { + "kind": "ParallelWrite", + "name": "s5", + "properties": { + "parallel_input": { + "output_name": "org.apache.beam.sdk.values.PCollection.:402#4663620f501c9270", + "@type": "OutputReference", + "step_name": "s4" + }, + "encoding": { + "is_wrapper": { + "@type": "http://schema.org/Boolean", + "value": true + }, + "@type": "kind:windowed_value", + "component_encodings": [ + { + "@type": "org.apache.beam.sdk.coders.VoidCoder" + }, + { + "@type": "kind:global_window" + } + ] + }, + "pubsub_serialized_attributes_fn": { + "value": "%82SNAPPY%00%00%00%00%01%00%00%00%01%00%00%00%e7%c8%02%c8%ac%ed%00%05sr%00Aorg.apache.beam.runners.dataflow.DataflowRu%01%19%80$IdentityMessageFn%df+D%103N%8c%f1%02%00%00xr%00->P%00%d0sdk.transforms.SimpleFunction%e0XCU8%12%02%13%02%00%01L%00%02fnt%005Lorg/%09%91%00/%01%91%10/sdk/%19A(/Serializab%19G%10;xr%000zy%00%10Infer.5%00%1cBw%f7%f9]+V%c8%19|%040Lz|%00LProcessFunction;xppp", + "@type": "http://schema.org/Text" + }, + "user_name": { + "@type": "http://schema.org/Text", + "value": "Write PubSub Events/PubsubUnboundedSink" + }, + "pubsub_topic_runtime_override": { + "value": "outputTopic", + "@type": "http://schema.org/Text" + }, + "format": { + "@type": "http://schema.org/Text", + "value": "pubsub" + } + } + } + ], + "currentState": "JOB_STATE_RUNNING", + "currentStateTime": "2021-04-27T15:34:29.003405Z", + "createTime": "2021-04-27T15:34:21.567761Z", + "labels": { + "goog-dataflow-provided-template-name": "cloud_pubsub_to_cloud_pubsub", + "goog-dataflow-provided-template-type": "legacy", + "goog-dataflow-provided-template-version": "2021-04-19-00_rc00" + }, + "location": "us-central1", + "pipelineDescription": { + "originalPipelineTransform": [ + { + "id": "s5", + "name": "Write PubSub Events/PubsubUnboundedSink", + "inputCollectionName": [ + "Write PubSub Events/MapElements/Map.out0" + ] + }, + { + "kind": "READ_KIND", + "id": "s1", + "name": "Read PubSub Events/PubsubUnboundedSource", + "outputCollectionName": [ + "Read PubSub Events/PubsubUnboundedSource.out0" + ] + }, + { + "kind": "PAR_DO_KIND", + "id": "s4", + "name": "Write PubSub Events/MapElements/Map", + "displayData": [ + { + "key": "class", + "namespace": "org.apache.beam.sdk.transforms.MapElements", + "strValue": "org.apache.beam.sdk.io.gcp.pubsub.PubsubIO$Write$$Lambda$161/0x0000000800e1d040", + "shortStrValue": "PubsubIO$Write$$Lambda$161/0x0000000800e1d040" + }, + { + "key": "fn", + "namespace": "org.apache.beam.sdk.transforms.ParDo$SingleOutput", + "strValue": "org.apache.beam.sdk.transforms.MapElements$1", + "label": "Transform Function" + } + ], + "outputCollectionName": [ + "Write PubSub Events/MapElements/Map.out0" + ], + "inputCollectionName": [ + "Filter Events If Enabled.out0" + ] + }, + { + "kind": "PAR_DO_KIND", + "id": "s2", + "name": "Read PubSub Events/MapElements/Map", + "displayData": [ + { + "key": "class", + "namespace": "org.apache.beam.sdk.transforms.MapElements", + "strValue": "org.apache.beam.sdk.io.gcp.pubsub.PubsubIO$Read$$Lambda$133/0x0000000800d78440", + "shortStrValue": "PubsubIO$Read$$Lambda$133/0x0000000800d78440" + }, + { + "key": "fn", + "namespace": "org.apache.beam.sdk.transforms.ParDo$SingleOutput", + "strValue": "org.apache.beam.sdk.transforms.MapElements$1", + "label": "Transform Function" + } + ], + "outputCollectionName": [ + "Read PubSub Events/MapElements/Map.out0" + ], + "inputCollectionName": [ + "Read PubSub Events/PubsubUnboundedSource.out0" + ] + }, + { + "kind": "PAR_DO_KIND", + "id": "s3", + "name": "Filter Events If Enabled", + "displayData": [ + { + "key": "fn", + "namespace": "org.apache.beam.sdk.transforms.ParDo$SingleOutput", + "strValue": "com.google.cloud.teleport.templates.AutoValue_PubsubToPubsub_ExtractAndFilterEventsFn", + "shortStrValue": "AutoValue_PubsubToPubsub_ExtractAndFilterEventsFn", + "label": "Transform Function" + } + ], + "outputCollectionName": [ + "Filter Events If Enabled.out0" + ], + "inputCollectionName": [ + "Read PubSub Events/MapElements/Map.out0" + ] + } + ], + "executionPipelineStage": [ + { + "name": "F0", + "id": "S01", + "kind": "PAR_DO_KIND", + "componentTransform": [ + { + "userName": "Read PubSub Events/PubsubUnboundedSource", + "name": "s1", + "originalTransform": "Read PubSub Events/PubsubUnboundedSource" + }, + { + "userName": "Read PubSub Events/MapElements/Map", + "name": "s2", + "originalTransform": "Read PubSub Events/MapElements/Map" + }, + { + "userName": "Filter Events If Enabled", + "name": "s3", + "originalTransform": "Filter Events If Enabled" + }, + { + "userName": "Write PubSub Events/MapElements/Map", + "name": "s4", + "originalTransform": "Write PubSub Events/MapElements/Map" + }, + { + "userName": "Write PubSub Events/PubsubUnboundedSink", + "name": "s5", + "originalTransform": "Write PubSub Events/PubsubUnboundedSink" + } + ], + "componentSource": [ + { + "userName": "Read PubSub Events/PubsubUnboundedSource-out0", + "name": "s1.output", + "originalTransformOrCollection": "Read PubSub Events/PubsubUnboundedSource.out0" + }, + { + "userName": "Read PubSub Events/MapElements/Map-out0", + "name": "s2.org.apache.beam.sdk.values.PCollection.:402#e1121b0805e8b107", + "originalTransformOrCollection": "Read PubSub Events/MapElements/Map.out0" + }, + { + "userName": "Filter Events If Enabled-out0", + "name": "s3.org.apache.beam.sdk.values.PCollection.:402#f0f5b4f22d0cd0f1", + "originalTransformOrCollection": "Filter Events If Enabled.out0" + }, + { + "userName": "Write PubSub Events/MapElements/Map-out0", + "name": "s4.org.apache.beam.sdk.values.PCollection.:402#4663620f501c9270", + "originalTransformOrCollection": "Write PubSub Events/MapElements/Map.out0" + } + ] + } + ], + "displayData": [ + { + "key": "jobName", + "namespace": "org.apache.beam.sdk.options.PipelineOptions", + "strValue": "test" + }, + { + "key": "streaming", + "namespace": "org.apache.beam.sdk.options.StreamingOptions", + "boolValue": true + }, + { + "key": "labels", + "namespace": "org.apache.beam.runners.dataflow.options.DataflowPipelineOptions", + "strValue": "{goog-dataflow-provided-template-name=cloud_pubsub_to_cloud_pubsub, goog-dataflow-provided-template-version=2021-04-19-00_rc00, goog-dataflow-provided-template-type=legacy}" + }, + { + "key": "autoscalingAlgorithm", + "namespace": "org.apache.beam.runners.dataflow.options.DataflowPipelineWorkerPoolOptions", + "strValue": "THROUGHPUT_BASED" + }, + { + "key": "stagingLocation", + "namespace": "org.apache.beam.runners.dataflow.options.DataflowPipelineOptions", + "strValue": "gs://dataflow-templates-libraries/2021-04-19-00_RC00" + }, + { + "key": "pipelineUrl", + "namespace": "org.apache.beam.runners.dataflow.options.DataflowPipelineOptions", + "strValue": "gs://dataflow-templates-libraries/2021-04-19-00_RC00/pipeline-T2clImR1XdMoJ4t-nPZUDhQdcflNPD6tuHFqqXCLTSA.pb" + }, + { + "key": "maxNumWorkers", + "namespace": "org.apache.beam.runners.dataflow.options.DataflowPipelineWorkerPoolOptions", + "int64Value": "3" + }, + { + "key": "project", + "namespace": "org.apache.beam.runners.dataflow.options.DataflowPipelineOptions", + "strValue": "cloud-custodian" + }, + { + "key": "gcsUploadBufferSizeBytes", + "namespace": "org.apache.beam.sdk.extensions.gcp.options.GcsOptions", + "int64Value": "1048576" + }, + { + "key": "userAgent", + "namespace": "org.apache.beam.sdk.options.PipelineOptions", + "strValue": "Apache_Beam_SDK_for_Java/2.27.0(JDK_11_environment)" + }, + { + "key": "tempLocation", + "namespace": "org.apache.beam.sdk.options.PipelineOptions", + "strValue": "gs://tf-state-service-accounts/tmp" + }, + { + "key": "appName", + "namespace": "org.apache.beam.sdk.options.ApplicationNameOptions", + "strValue": "PubsubToPubsub" + }, + { + "key": "region", + "namespace": "org.apache.beam.runners.dataflow.options.DataflowPipelineOptions", + "strValue": "us-central1" + }, + { + "key": "filesToStage", + "namespace": "org.apache.beam.sdk.options.PortablePipelineOptions", + "strValue": "[/export/hda3/borglet/remote_hdd_fs_dirs/0.rapid.runner-t2zfzvyb-xzn6-rgig-pryn-ouxnqent52mf.dataflow-releaser.798918173332.14b334fb3717c109/mount/rapid/workflows/e09982ac-8a02-4fd8-8bfc-39f83a073a9b/tmp/tmpxfq9vedq/teleport-all-bundled.jar]" + }, + { + "key": "templateLocation", + "namespace": "org.apache.beam.runners.dataflow.options.DataflowPipelineOptions", + "strValue": "gs://dataflow-templates-us-central1/latest/Cloud_PubSub_to_Cloud_PubSub" + }, + { + "key": "filesToStage", + "namespace": "org.apache.beam.runners.dataflow.options.DataflowPipelineWorkerPoolOptions", + "strValue": "[/export/hda3/borglet/remote_hdd_fs_dirs/0.rapid.runner-t2zfzvyb-xzn6-rgig-pryn-ouxnqent52mf.dataflow-releaser.798918173332.14b334fb3717c109/mount/rapid/workflows/e09982ac-8a02-4fd8-8bfc-39f83a073a9b/tmp/tmpxfq9vedq/teleport-all-bundled.jar]" + }, + { + "key": "runner", + "namespace": "org.apache.beam.sdk.options.PipelineOptions", + "strValue": "org.apache.beam.runners.dataflow.DataflowRunner", + "shortStrValue": "DataflowRunner" + }, + { + "key": "gcpTempLocation", + "namespace": "google.dataflow.v1beta3.TemplatesService", + "strValue": "gs://tf-state-service-accounts/tmp" + }, + { + "key": "outputTopic", + "strValue": "projects/cloud-custodian/topics/topic" + }, + { + "key": "inputSubscription", + "strValue": "projects/cloud-custodian/subscriptions/test" + } + ] + }, + "stageStates": [ + { + "executionStageName": "move_attach_disks_step7", + "executionStageState": "JOB_STATE_PENDING", + "currentStateTime": "2021-04-27T15:34:28.992Z" + }, + { + "executionStageName": "pause_stop_computation_step9", + "executionStageState": "JOB_STATE_PENDING", + "currentStateTime": "2021-04-27T15:34:28.992Z" + }, + { + "executionStageName": "init_attach_disk_step2", + "executionStageState": "JOB_STATE_PENDING", + "currentStateTime": "2021-04-27T15:34:28.992Z" + }, + { + "executionStageName": "init_start_computation_step3", + "executionStageState": "JOB_STATE_PENDING", + "currentStateTime": "2021-04-27T15:34:28.992Z" + }, + { + "executionStageName": "move_start_computation_step8", + "executionStageState": "JOB_STATE_PENDING", + "currentStateTime": "2021-04-27T15:34:28.992Z" + }, + { + "executionStageName": "failure18", + "executionStageState": "JOB_STATE_PENDING", + "currentStateTime": "2021-04-27T15:34:28.992Z" + }, + { + "executionStageName": "setup_windmill1", + "executionStageState": "JOB_STATE_DONE", + "currentStateTime": "2021-04-27T15:34:29.450Z" + }, + { + "executionStageName": "setup_resource_disks_harness13", + "executionStageState": "JOB_STATE_DONE", + "currentStateTime": "2021-04-27T15:34:29.396Z" + }, + { + "executionStageName": "topology_move_in_disk_input_step", + "executionStageState": "JOB_STATE_PENDING", + "currentStateTime": "2021-04-27T15:34:28.992Z" + }, + { + "executionStageName": "start19", + "executionStageState": "JOB_STATE_DONE", + "currentStateTime": "2021-04-27T15:34:29.239Z" + }, + { + "executionStageName": "move_stop_computation_step5", + "executionStageState": "JOB_STATE_PENDING", + "currentStateTime": "2021-04-27T15:34:28.992Z" + }, + { + "executionStageName": "topology_init_attach_disk_input_step", + "executionStageState": "JOB_STATE_PENDING", + "currentStateTime": "2021-04-27T15:34:28.992Z" + }, + { + "executionStageName": "success17", + "executionStageState": "JOB_STATE_PENDING", + "currentStateTime": "2021-04-27T15:34:28.992Z" + }, + { + "executionStageName": "setup_resource_projects/cloud-custodian/subscriptions/test-filter15", + "executionStageState": "JOB_STATE_DONE", + "currentStateTime": "2021-04-27T15:34:29.365Z" + }, + { + "executionStageName": "teardown_resource_disks_harness14", + "executionStageState": "JOB_STATE_DONE", + "currentStateTime": "2021-04-27T15:34:29.482Z" + }, + { + "executionStageName": "move_wait_windmill_setup_step4", + "executionStageState": "JOB_STATE_PENDING", + "currentStateTime": "2021-04-27T15:34:28.992Z" + }, + { + "executionStageName": "move_detach_disks_step6", + "executionStageState": "JOB_STATE_PENDING", + "currentStateTime": "2021-04-27T15:34:28.992Z" + }, + { + "executionStageName": "teardown_resource_projects/cloud-custodian/subscriptions/test-filter16", + "executionStageState": "JOB_STATE_PENDING", + "currentStateTime": "2021-04-27T15:34:28.992Z" + }, + { + "executionStageName": "setup_resource_global_gce_worker_pool11", + "executionStageState": "JOB_STATE_DONE", + "currentStateTime": "2021-04-27T15:34:29.300Z" + }, + { + "executionStageName": "topology_pause_input_step", + "executionStageState": "JOB_STATE_PENDING", + "currentStateTime": "2021-04-27T15:34:28.992Z" + }, + { + "executionStageName": "topology_move_out_disk_input_step", + "executionStageState": "JOB_STATE_PENDING", + "currentStateTime": "2021-04-27T15:34:28.992Z" + }, + { + "executionStageName": "F0", + "executionStageState": "JOB_STATE_RUNNING", + "currentStateTime": "2021-04-27T15:34:29.394Z" + }, + { + "executionStageName": "teardown_resource_global_gce_worker_pool12", + "executionStageState": "JOB_STATE_DONE", + "currentStateTime": "2021-04-27T15:34:29.362Z" + }, + { + "executionStageName": "pause_detach_disk_step10", + "executionStageState": "JOB_STATE_PENDING", + "currentStateTime": "2021-04-27T15:34:28.992Z" + } + ], + "jobMetadata": { + "sdkVersion": { + "version": "2.27.0", + "versionDisplayName": "Apache Beam SDK for Java", + "sdkSupportStatus": "SUPPORTED" + } + }, + "startTime": "2021-04-27T15:34:21.567761Z" + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/dataflow-job/get-v1b3-projects-cloud-custodian-jobs-aggregated_1.json b/tools/c7n_gcp/tests/data/flights/dataflow-job/get-v1b3-projects-cloud-custodian-jobs-aggregated_1.json index 1f59fe26f28..df9417c4177 100644 --- a/tools/c7n_gcp/tests/data/flights/dataflow-job/get-v1b3-projects-cloud-custodian-jobs-aggregated_1.json +++ b/tools/c7n_gcp/tests/data/flights/dataflow-job/get-v1b3-projects-cloud-custodian-jobs-aggregated_1.json @@ -1,40 +1,25 @@ { + "headers":{}, "body": { "jobs": [ { - "name": "test", + "id": "2021-04-27_08_34_20-8562643317148312878", "projectId": "cloud-custodian", - "createTime": "2019-03-06T15:01:50.876626Z", + "name": "test", + "type": "JOB_TYPE_STREAMING", + "currentState": "JOB_STATE_RUNNING", + "currentStateTime": "2021-04-27T15:34:29.003405Z", + "createTime": "2021-04-27T15:34:21.567761Z", + "location": "us-central1", "jobMetadata": { "sdkVersion": { - "versionDisplayName": "Apache Beam SDK for Java", - "version": "2.10.0", + "version": "2.27.0", + "versionDisplayName": "Apache Beam SDK for Java", "sdkSupportStatus": "SUPPORTED" } - }, - "currentStateTime": "2019-03-06T15:01:52.612535Z", - "startTime": "2019-03-06T15:01:50.876626Z", - "type": "JOB_TYPE_BATCH", - "id": "2019-03-06_07_01_49-7812926814622315875", - "currentState": "JOB_STATE_FAILED", - "location": "us-central1" + }, + "startTime": "2021-04-27T15:34:21.567761Z" } ] - }, - "headers": { - "status": "200", - "content-length": "614", - "x-xss-protection": "1; mode=block", - "content-location": "https://dataflow.googleapis.com/v1b3/projects/cloud-custodian/jobs?alt=json", - "x-content-type-options": "nosniff", - "transfer-encoding": "chunked", - "vary": "Origin, X-Origin, Referer", - "server": "ESF", - "-content-encoding": "gzip", - "cache-control": "private", - "date": "Wed, 06 Mar 2019 15:20:07 GMT", - "x-frame-options": "SAMEORIGIN", - "alt-svc": "quic=\":443\"; ma=2592000; v=\"44,43,39\"", - "content-type": "application/json; charset=UTF-8" } -} +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/discovery/get-discovery-v1-apis-compute-v1-rest_1.json.bz2 b/tools/c7n_gcp/tests/data/flights/discovery/get-discovery-v1-apis-compute-v1-rest_1.json.bz2 index 13e039d6aa9..df8f5501f6c 100644 Binary files a/tools/c7n_gcp/tests/data/flights/discovery/get-discovery-v1-apis-compute-v1-rest_1.json.bz2 and b/tools/c7n_gcp/tests/data/flights/discovery/get-discovery-v1-apis-compute-v1-rest_1.json.bz2 differ diff --git a/tools/c7n_gcp/tests/data/flights/discovery/get-discovery-v1-apis-iam-v1-rest_1.json.bz2 b/tools/c7n_gcp/tests/data/flights/discovery/get-discovery-v1-apis-iam-v1-rest_1.json.bz2 index 59c755062bc..736f2534778 100644 Binary files a/tools/c7n_gcp/tests/data/flights/discovery/get-discovery-v1-apis-iam-v1-rest_1.json.bz2 and b/tools/c7n_gcp/tests/data/flights/discovery/get-discovery-v1-apis-iam-v1-rest_1.json.bz2 differ diff --git a/tools/c7n_gcp/tests/data/flights/discovery/get-discovery-v1-apis-securitycenter-v1-rest_1.json.bz2 b/tools/c7n_gcp/tests/data/flights/discovery/get-discovery-v1-apis-securitycenter-v1-rest_1.json.bz2 new file mode 100644 index 00000000000..4db8b8f7a92 Binary files /dev/null and b/tools/c7n_gcp/tests/data/flights/discovery/get-discovery-v1-apis-securitycenter-v1-rest_1.json.bz2 differ diff --git a/tools/c7n_gcp/tests/data/flights/filter-metrics/get-compute-v1-projects-cloud-custodian-aggregated-instances_1.json b/tools/c7n_gcp/tests/data/flights/filter-metrics/get-compute-v1-projects-cloud-custodian-aggregated-instances_1.json new file mode 100644 index 00000000000..1021cb935c8 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/filter-metrics/get-compute-v1-projects-cloud-custodian-aggregated-instances_1.json @@ -0,0 +1,106 @@ +{ + "headers": { + "etag": "bJ1Dx5Itfxv4MlBj6nEdfXUuMQs=/V0NXQ8Or-j4uTYqQbmrhEdns8dg=", + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Thu, 01 Apr 2021 18:36:49 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "27497", + "-content-encoding": "gzip", + "content-location": "https://compute.googleapis.com/compute/v1/projects/cloud-custodian/aggregated/instances?alt=json" + }, + "body": { + "id": "projects/cloud-custodian/aggregated/instances", + "items": { + "zones/us-east4-c": { + "instances": [ + { + "id": "402279439148739539", + "creationTimestamp": "2021-03-11T18:43:09.644-08:00", + "name": "iap-test-webapp", + "description": "", + "tags": { + "items": [ + "iap-test-webapp" + ], + "fingerprint": "5WnFYgcMLqI=" + }, + "machineType": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/zones/us-east4-c/machineTypes/e2-micro", + "status": "RUNNING", + "zone": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/zones/us-east4-c", + "canIpForward": false, + "disks": [ + { + "type": "PERSISTENT", + "mode": "READ_WRITE", + "source": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/zones/us-east4-c/disks/iap-test-webapp", + "deviceName": "iap-test-webapp", + "index": 0, + "boot": true, + "autoDelete": true, + "licenses": [ + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/global/licenses/debian-10-buster" + ], + "interface": "SCSI", + "guestOsFeatures": [ + { + "type": "UEFI_COMPATIBLE" + }, + { + "type": "VIRTIO_SCSI_MULTIQUEUE" + } + ], + "diskSizeGb": "10", + "kind": "compute#attachedDisk" + } + ], + "metadata": { + "fingerprint": "VcHG23KtyMw=", + "kind": "compute#metadata" + }, + "selfLink": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/zones/us-east4-c/instances/iap-test-webapp", + "scheduling": { + "onHostMaintenance": "MIGRATE", + "automaticRestart": true, + "preemptible": false + }, + "cpuPlatform": "Intel Broadwell", + "labelFingerprint": "42WmSpB8rSM=", + "startRestricted": false, + "deletionProtection": false, + "reservationAffinity": { + "consumeReservationType": "ANY_RESERVATION" + }, + "displayDevice": { + "enableDisplay": false + }, + "shieldedInstanceConfig": { + "enableSecureBoot": false, + "enableVtpm": true, + "enableIntegrityMonitoring": true + }, + "shieldedInstanceIntegrityPolicy": { + "updateAutoLearnPolicy": true + }, + "confidentialInstanceConfig": { + "enableConfidentialCompute": false + }, + "fingerprint": "dFfQJQEV6ng=", + "lastStartTimestamp": "2021-03-25T06:51:01.815-07:00", + "lastStopTimestamp": "2021-03-23T07:55:46.731-07:00", + "kind": "compute#instance" + } + ] + } + }, + "selfLink": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/aggregated/instances", + "kind": "compute#instanceAggregatedList" + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/filter-metrics/get-v3-projects-cloud-custodian-timeSeries_1.json b/tools/c7n_gcp/tests/data/flights/filter-metrics/get-v3-projects-cloud-custodian-timeSeries_1.json new file mode 100644 index 00000000000..2ffea64ea6b --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/filter-metrics/get-v3-projects-cloud-custodian-timeSeries_1.json @@ -0,0 +1,51 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Thu, 01 Apr 2021 18:36:09 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "777", + "-content-encoding": "gzip", + "content-location": "https://monitoring.googleapis.com/v3/projects/cloud-custodian/timeSeries?filter=metric.type+%3D+%22compute.googleapis.com%2Finstance%2Fcpu%2Futilization%22+AND+metric.labels.instance_name+%3D+%22iap-test-webapp%22+AND++resource.labels.zone+%3D+%22us-east4-c%22&interval.startTime=2021-03-18T18%3A36%3A07.478160%2B00%3A00&interval.endTime=2021-04-01T18%3A36%3A07.478160%2B00%3A00&aggregation.alignmentPeriod=1209600.0s&aggregation.perSeriesAligner=ALIGN_MEAN&aggregation.crossSeriesReducer=REDUCE_NONE&view=FULL&alt=json" + }, + "body": { + "timeSeries": [ + { + "metric": { + "labels": { + "instance_name": "iap-test-webapp" + }, + "type": "compute.googleapis.com/instance/cpu/utilization" + }, + "resource": { + "type": "gce_instance", + "labels": { + "zone": "us-east4-c", + "project_id": "cloud-custodian" + } + }, + "metricKind": "GAUGE", + "valueType": "DOUBLE", + "points": [ + { + "interval": { + "startTime": "2021-04-01T18:36:07.478160Z", + "endTime": "2021-04-01T18:36:07.478160Z" + }, + "value": { + "doubleValue": 0.0034935695658400334 + } + } + ] + } + ], + "unit": "10^2.%" + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/filter-no-metrics/get-compute-v1-projects-cloud-custodian-aggregated-instances_1.json b/tools/c7n_gcp/tests/data/flights/filter-no-metrics/get-compute-v1-projects-cloud-custodian-aggregated-instances_1.json new file mode 100644 index 00000000000..1021cb935c8 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/filter-no-metrics/get-compute-v1-projects-cloud-custodian-aggregated-instances_1.json @@ -0,0 +1,106 @@ +{ + "headers": { + "etag": "bJ1Dx5Itfxv4MlBj6nEdfXUuMQs=/V0NXQ8Or-j4uTYqQbmrhEdns8dg=", + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Thu, 01 Apr 2021 18:36:49 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "27497", + "-content-encoding": "gzip", + "content-location": "https://compute.googleapis.com/compute/v1/projects/cloud-custodian/aggregated/instances?alt=json" + }, + "body": { + "id": "projects/cloud-custodian/aggregated/instances", + "items": { + "zones/us-east4-c": { + "instances": [ + { + "id": "402279439148739539", + "creationTimestamp": "2021-03-11T18:43:09.644-08:00", + "name": "iap-test-webapp", + "description": "", + "tags": { + "items": [ + "iap-test-webapp" + ], + "fingerprint": "5WnFYgcMLqI=" + }, + "machineType": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/zones/us-east4-c/machineTypes/e2-micro", + "status": "RUNNING", + "zone": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/zones/us-east4-c", + "canIpForward": false, + "disks": [ + { + "type": "PERSISTENT", + "mode": "READ_WRITE", + "source": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/zones/us-east4-c/disks/iap-test-webapp", + "deviceName": "iap-test-webapp", + "index": 0, + "boot": true, + "autoDelete": true, + "licenses": [ + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/global/licenses/debian-10-buster" + ], + "interface": "SCSI", + "guestOsFeatures": [ + { + "type": "UEFI_COMPATIBLE" + }, + { + "type": "VIRTIO_SCSI_MULTIQUEUE" + } + ], + "diskSizeGb": "10", + "kind": "compute#attachedDisk" + } + ], + "metadata": { + "fingerprint": "VcHG23KtyMw=", + "kind": "compute#metadata" + }, + "selfLink": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/zones/us-east4-c/instances/iap-test-webapp", + "scheduling": { + "onHostMaintenance": "MIGRATE", + "automaticRestart": true, + "preemptible": false + }, + "cpuPlatform": "Intel Broadwell", + "labelFingerprint": "42WmSpB8rSM=", + "startRestricted": false, + "deletionProtection": false, + "reservationAffinity": { + "consumeReservationType": "ANY_RESERVATION" + }, + "displayDevice": { + "enableDisplay": false + }, + "shieldedInstanceConfig": { + "enableSecureBoot": false, + "enableVtpm": true, + "enableIntegrityMonitoring": true + }, + "shieldedInstanceIntegrityPolicy": { + "updateAutoLearnPolicy": true + }, + "confidentialInstanceConfig": { + "enableConfidentialCompute": false + }, + "fingerprint": "dFfQJQEV6ng=", + "lastStartTimestamp": "2021-03-25T06:51:01.815-07:00", + "lastStopTimestamp": "2021-03-23T07:55:46.731-07:00", + "kind": "compute#instance" + } + ] + } + }, + "selfLink": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/aggregated/instances", + "kind": "compute#instanceAggregatedList" + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/filter-no-metrics/get-v3-projects-cloud-custodian-timeSeries_1.json b/tools/c7n_gcp/tests/data/flights/filter-no-metrics/get-v3-projects-cloud-custodian-timeSeries_1.json new file mode 100644 index 00000000000..c9642594383 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/filter-no-metrics/get-v3-projects-cloud-custodian-timeSeries_1.json @@ -0,0 +1,21 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Thu, 01 Apr 2021 18:36:51 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "23", + "-content-encoding": "gzip", + "content-location": "https://monitoring.googleapis.com/v3/projects/cloud-custodian/timeSeries?filter=metric.type+%3D+%22compute.googleapis.com%2Finstance%2Fcpu%2Futilization%22+AND+metric.labels.instance_name+%3D+%22iap-test-webapp%22+AND++resource.labels.zone+%3D+%22us-east4-d%22&interval.startTime=2021-03-18T18%3A36%3A49.285503%2B00%3A00&interval.endTime=2021-04-01T18%3A36%3A49.285503%2B00%3A00&aggregation.alignmentPeriod=1209600.0s&aggregation.perSeriesAligner=ALIGN_MEAN&aggregation.crossSeriesReducer=REDUCE_NONE&view=FULL&alt=json" + }, + "body": { + "unit": "10^2.%" + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/filter-scc-findings/get-storage-v1-b_1.json b/tools/c7n_gcp/tests/data/flights/filter-scc-findings/get-storage-v1-b_1.json new file mode 100644 index 00000000000..d63a6a698b8 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/filter-scc-findings/get-storage-v1-b_1.json @@ -0,0 +1,92 @@ +{ + "headers": { + "x-guploader-uploadid": "ABg5-UwhjwACBDgtZP4a8yQ8C2vCm_77aJKR8JFArELolzngmz7pecz-e9n18vTWbACCNkvwPWCGFtZBcMFFnOgASQ", + "content-type": "application/json; charset=UTF-8", + "date": "Wed, 07 Apr 2021 14:23:12 GMT", + "vary": "Origin, X-Origin", + "cache-control": "private, max-age=0, must-revalidate, no-transform", + "expires": "Wed, 07 Apr 2021 14:23:12 GMT", + "content-length": "15985", + "server": "UploadServer", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "status": "200", + "content-location": "https://storage.googleapis.com/storage/v1/b?project=cloud-custodian&projection=full&alt=json" + }, + "body": { + "kind": "storage#buckets", + "items": [ + { + "kind": "storage#bucket", + "selfLink": "https://www.googleapis.com/storage/v1/b/gcf-sources-2222222222222-us-central1", + "id": "gcf-sources-2222222222222-us-central1", + "name": "gcf-sources-2222222222222-us-central1", + "projectNumber": "2222222222222", + "metageneration": "1", + "location": "US-CENTRAL1", + "storageClass": "STANDARD", + "etag": "CAE=", + "timeCreated": "2021-03-04T15:25:05.803Z", + "updated": "2021-03-04T15:25:05.803Z", + "cors": [ + { + "origin": [ + "https://*.cloud.google.com", + "https://*.corp.google.com", + "https://*.corp.google.com:*" + ], + "method": [ + "GET" + ] + } + ], + "iamConfiguration": { + "bucketPolicyOnly": { + "enabled": true, + "lockedTime": "2021-06-02T15:25:05.803Z" + }, + "uniformBucketLevelAccess": { + "enabled": true, + "lockedTime": "2021-06-02T15:25:05.803Z" + } + }, + "locationType": "region" + }, + { + "kind": "storage#bucket", + "selfLink": "https://www.googleapis.com/storage/v1/b/gcf-sources-2222222222222-us-east1", + "id": "gcf-sources-2222222222222-us-east1", + "name": "gcf-sources-2222222222222-us-east1", + "projectNumber": "2222222222222", + "metageneration": "1", + "location": "US-EAST1", + "storageClass": "STANDARD", + "etag": "CAE=", + "timeCreated": "2021-03-31T00:49:29.377Z", + "updated": "2021-03-31T00:49:29.377Z", + "cors": [ + { + "origin": [ + "https://*.cloud.google.com", + "https://*.corp.google.com", + "https://*.corp.google.com:*" + ], + "method": [ + "GET" + ] + } + ], + "iamConfiguration": { + "bucketPolicyOnly": { + "enabled": true, + "lockedTime": "2021-06-29T00:49:29.377Z" + }, + "uniformBucketLevelAccess": { + "enabled": true, + "lockedTime": "2021-06-29T00:49:29.377Z" + } + }, + "locationType": "region" + } + ] + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/filter-scc-findings/get-v1-organizations-111111111111-sources---findings_1.json b/tools/c7n_gcp/tests/data/flights/filter-scc-findings/get-v1-organizations-111111111111-sources---findings_1.json new file mode 100644 index 00000000000..743ff235628 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/filter-scc-findings/get-v1-organizations-111111111111-sources---findings_1.json @@ -0,0 +1,64 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Wed, 07 Apr 2021 14:23:15 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "25536", + "-content-encoding": "gzip", + "content-location": "https://securitycenter.googleapis.com/v1/organizations/111111111111/sources/-/findings?filter=resourceName%3A%22gcf-sources-2222222222222-us-central1%22+OR+resourceName%3A%22gcf-sources-2222222222222-us-east1%22&pageSize=1000&alt=json" + }, + "body": { + "listFindingsResults": [ + { + "finding": { + "name": "organizations/111111111111/sources/333333333333/findings/a2809d4331514d51fa3d117ead9a5c02", + "parent": "organizations/111111111111/sources/333333333333", + "resourceName": "//storage.googleapis.com/gcf-sources-2222222222222-us-east1", + "state": "ACTIVE", + "category": "BUCKET_LOGGING_DISABLED", + "externalUri": "https://cloud.google.com/storage/docs/access-logs", + "sourceProperties": { + "Recommendation": "To set up logging for a bucket, complete the usage logs & storage logs guide at: https://cloud.google.com/storage/docs/access-logs", + "ReactivationCount": 0, + "ExceptionInstructions": "Add the security mark \"allow_bucket_logging_disabled\" to the asset with a value of \"true\" to prevent this finding from being activated again.", + "Explanation": "To help investigate security issues and monitor storage consumption, enable usage logs and storage logs for your Cloud Storage buckets. Usage logs provide information for all of the requests made on a specified bucket, and the storage logs provide information about the storage consumption of that bucket.", + "ScannerName": "LOGGING_SCANNER", + "compliance_standards": { + "cis": [ + { + "ids": [ + "5.3" + ] + } + ] + } + }, + "securityMarks": { + "name": "organizations/111111111111/sources/333333333333/findings/a2809d4331514d51fa3d117ead9a5c02/securityMarks" + }, + "eventTime": "2021-03-31T00:49:31.333Z", + "createTime": "2021-03-31T00:49:32.095Z", + "severity": "LOW", + "canonicalName": "projects/cloud-custodian/sources/333333333333/findings/a2809d4331514d51fa3d117ead9a5c02" + }, + "resource": { + "name": "//storage.googleapis.com/gcf-sources-2222222222222-us-east1", + "projectName": "//cloudresourcemanager.googleapis.com/projects/2222222222222", + "projectDisplayName": "cloud-custodian", + "parentName": "//cloudresourcemanager.googleapis.com/projects/2222222222222", + "parentDisplayName": "cloud-custodian" + } + } + ], + "readTime": "2021-04-07T14:23:14.461Z", + "totalSize": 10 + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/iam-delete-service-account-key/delete-v1-projects-cloud-custodian-serviceAccounts-test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com-keys-2_1.json b/tools/c7n_gcp/tests/data/flights/iam-delete-service-account-key/delete-v1-projects-cloud-custodian-serviceAccounts-test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com-keys-2_1.json new file mode 100644 index 00000000000..ae62a308589 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/iam-delete-service-account-key/delete-v1-projects-cloud-custodian-serviceAccounts-test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com-keys-2_1.json @@ -0,0 +1,18 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Wed, 31 Mar 2021 15:25:30 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "3", + "-content-encoding": "gzip" + }, + "body": {} +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/iam-delete-service-account-key/get-v1-projects-cloud-custodian-serviceAccounts-test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com-keys-2_1.json b/tools/c7n_gcp/tests/data/flights/iam-delete-service-account-key/get-v1-projects-cloud-custodian-serviceAccounts-test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com-keys-2_1.json new file mode 100644 index 00000000000..c0dc012646d --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/iam-delete-service-account-key/get-v1-projects-cloud-custodian-serviceAccounts-test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com-keys-2_1.json @@ -0,0 +1,24 @@ +{ + "headers": { + "vary": "Origin, X-Origin, Referer", + "content-type": "application/json; charset=UTF-8", + "date": "Wed, 31 Mar 2021 15:25:31 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "404", + "content-length": "159", + "-content-encoding": "gzip" + }, + "body": { + "error": { + "code": 404, + "message": "Service account key 2 does not exist.", + "status": "NOT_FOUND" + } + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/iam-delete-service-account-key/get-v1-projects-cloud-custodian-serviceAccounts-test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com-keys_1.json b/tools/c7n_gcp/tests/data/flights/iam-delete-service-account-key/get-v1-projects-cloud-custodian-serviceAccounts-test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com-keys_1.json new file mode 100644 index 00000000000..2adc3ab4040 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/iam-delete-service-account-key/get-v1-projects-cloud-custodian-serviceAccounts-test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com-keys_1.json @@ -0,0 +1,30 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Wed, 31 Mar 2021 13:42:48 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "813", + "-content-encoding": "gzip", + "content-location": "https://iam.googleapis.com/v1/projects/cloud-custodian/serviceAccounts/test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com/keys?alt=json" + }, + "body": { + "keys": [ + { + "name": "projects/cloud-custodian/serviceAccounts/test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com/keys/2", + "validAfterTime": "2021-03-31T13:27:15Z", + "validBeforeTime": "9999-12-31T23:59:59Z", + "keyAlgorithm": "KEY_ALG_RSA_2048", + "keyOrigin": "GOOGLE_PROVIDED", + "keyType": "USER_MANAGED" + } + ] + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/iam-delete-service-account-key/get-v1-projects-cloud-custodian-serviceAccounts_1.json b/tools/c7n_gcp/tests/data/flights/iam-delete-service-account-key/get-v1-projects-cloud-custodian-serviceAccounts_1.json new file mode 100644 index 00000000000..e88708f82b8 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/iam-delete-service-account-key/get-v1-projects-cloud-custodian-serviceAccounts_1.json @@ -0,0 +1,30 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Wed, 31 Mar 2021 13:42:41 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "1876", + "-content-encoding": "gzip", + "content-location": "https://iam.googleapis.com/v1/projects/cloud-custodian/serviceAccounts?alt=json" + }, + "body": { + "accounts": [ + { + "name": "projects/cloud-custodian/serviceAccounts/test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com", + "projectId": "cloud-custodian", + "email": "test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com", + "displayName": "test-cutodian-scc", + "etag": "MDEwMjE5MjA=", + "description": "for testing custodian scc" + } + ] + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/iam-service-account-delete/delete-v1-projects-cloud-custodian-serviceAccounts-test-sa-actions@cloud-custodian.iam.gserviceaccount.com_1.json b/tools/c7n_gcp/tests/data/flights/iam-service-account-delete/delete-v1-projects-cloud-custodian-serviceAccounts-test-sa-actions@cloud-custodian.iam.gserviceaccount.com_1.json new file mode 100644 index 00000000000..c0529d60a6c --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/iam-service-account-delete/delete-v1-projects-cloud-custodian-serviceAccounts-test-sa-actions@cloud-custodian.iam.gserviceaccount.com_1.json @@ -0,0 +1,18 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Mon, 26 Apr 2021 16:00:26 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "3", + "-content-encoding": "gzip" + }, + "body": {} +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/iam-service-account-delete/get-v1-projects-cloud-custodian-serviceAccounts-test-sa-actions@cloud-custodian.iam.gserviceaccount.com_1.json b/tools/c7n_gcp/tests/data/flights/iam-service-account-delete/get-v1-projects-cloud-custodian-serviceAccounts-test-sa-actions@cloud-custodian.iam.gserviceaccount.com_1.json new file mode 100644 index 00000000000..a106c755894 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/iam-service-account-delete/get-v1-projects-cloud-custodian-serviceAccounts-test-sa-actions@cloud-custodian.iam.gserviceaccount.com_1.json @@ -0,0 +1,24 @@ +{ + "headers": { + "vary": "Origin, X-Origin, Referer", + "content-type": "application/json; charset=UTF-8", + "date": "Mon, 26 Apr 2021 16:00:28 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "404", + "content-length": "112", + "-content-encoding": "gzip" + }, + "body": { + "error": { + "code": 404, + "message": "Account deleted: 1111111111", + "status": "NOT_FOUND" + } + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/iam-service-account-delete/get-v1-projects-cloud-custodian-serviceAccounts_1.json b/tools/c7n_gcp/tests/data/flights/iam-service-account-delete/get-v1-projects-cloud-custodian-serviceAccounts_1.json new file mode 100644 index 00000000000..75f614ed3df --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/iam-service-account-delete/get-v1-projects-cloud-custodian-serviceAccounts_1.json @@ -0,0 +1,29 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Mon, 26 Apr 2021 15:54:36 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "2724", + "-content-encoding": "gzip", + "content-location": "https://iam.googleapis.com/v1/projects/cloud-custodian/serviceAccounts?alt=json" + }, + "body": { + "accounts": [ + { + "name": "projects/cloud-custodian/serviceAccounts/test-sa-actions@cloud-custodian.iam.gserviceaccount.com", + "projectId": "cloud-custodian", + "email": "test-sa-actions@cloud-custodian.iam.gserviceaccount.com", + "displayName": "test-sa-actions", + "etag": "MDEwMjE5MjA=" + } + ] + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/iam-service-account-disable/get-v1-projects-cloud-custodian-serviceAccounts-test-sa-actions@cloud-custodian.iam.gserviceaccount.com_1.json b/tools/c7n_gcp/tests/data/flights/iam-service-account-disable/get-v1-projects-cloud-custodian-serviceAccounts-test-sa-actions@cloud-custodian.iam.gserviceaccount.com_1.json new file mode 100644 index 00000000000..5db75c0a515 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/iam-service-account-disable/get-v1-projects-cloud-custodian-serviceAccounts-test-sa-actions@cloud-custodian.iam.gserviceaccount.com_1.json @@ -0,0 +1,28 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Mon, 26 Apr 2021 15:51:36 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "407", + "-content-encoding": "gzip", + "content-location": "https://iam.googleapis.com/v1/projects/cloud-custodian/serviceAccounts/test-sa-actions@cloud-custodian.iam.gserviceaccount.com?alt=json" + }, + "body": { + "name": "projects/cloud-custodian/serviceAccounts/test-sa-actions@cloud-custodian.iam.gserviceaccount.com", + "projectId": "cloud-custodian", + "uniqueId": "110148766213080050189", + "email": "test-sa-actions@cloud-custodian.iam.gserviceaccount.com", + "displayName": "test-sa-actions", + "etag": "MDEwMjE5MjA=", + "oauth2ClientId": "110148766213080050189", + "disabled": true + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/iam-service-account-disable/get-v1-projects-cloud-custodian-serviceAccounts_1.json b/tools/c7n_gcp/tests/data/flights/iam-service-account-disable/get-v1-projects-cloud-custodian-serviceAccounts_1.json new file mode 100644 index 00000000000..75f614ed3df --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/iam-service-account-disable/get-v1-projects-cloud-custodian-serviceAccounts_1.json @@ -0,0 +1,29 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Mon, 26 Apr 2021 15:54:36 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "2724", + "-content-encoding": "gzip", + "content-location": "https://iam.googleapis.com/v1/projects/cloud-custodian/serviceAccounts?alt=json" + }, + "body": { + "accounts": [ + { + "name": "projects/cloud-custodian/serviceAccounts/test-sa-actions@cloud-custodian.iam.gserviceaccount.com", + "projectId": "cloud-custodian", + "email": "test-sa-actions@cloud-custodian.iam.gserviceaccount.com", + "displayName": "test-sa-actions", + "etag": "MDEwMjE5MjA=" + } + ] + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/iam-service-account-disable/post-v1-projects-cloud-custodian-serviceAccounts-test-sa-actions@cloud-custodian.iam.gserviceaccount.com-disable_1.json b/tools/c7n_gcp/tests/data/flights/iam-service-account-disable/post-v1-projects-cloud-custodian-serviceAccounts-test-sa-actions@cloud-custodian.iam.gserviceaccount.com-disable_1.json new file mode 100644 index 00000000000..b4b83017351 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/iam-service-account-disable/post-v1-projects-cloud-custodian-serviceAccounts-test-sa-actions@cloud-custodian.iam.gserviceaccount.com-disable_1.json @@ -0,0 +1,18 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Mon, 26 Apr 2021 15:51:35 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "3", + "-content-encoding": "gzip" + }, + "body": {} +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/iam-service-account-enable/get-v1-projects-cloud-custodian-serviceAccounts-test-sa-actions@cloud-custodian.iam.gserviceaccount.com_1.json b/tools/c7n_gcp/tests/data/flights/iam-service-account-enable/get-v1-projects-cloud-custodian-serviceAccounts-test-sa-actions@cloud-custodian.iam.gserviceaccount.com_1.json new file mode 100644 index 00000000000..d2cc6264c76 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/iam-service-account-enable/get-v1-projects-cloud-custodian-serviceAccounts-test-sa-actions@cloud-custodian.iam.gserviceaccount.com_1.json @@ -0,0 +1,27 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Mon, 26 Apr 2021 15:54:38 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "387", + "-content-encoding": "gzip", + "content-location": "https://iam.googleapis.com/v1/projects/cloud-custodian/serviceAccounts/test-sa-actions@cloud-custodian.iam.gserviceaccount.com?alt=json" + }, + "body": { + "name": "projects/cloud-custodian/serviceAccounts/test-sa-actions@cloud-custodian.iam.gserviceaccount.com", + "projectId": "cloud-custodian", + "uniqueId": "110148766213080050189", + "email": "test-sa-actions@cloud-custodian.iam.gserviceaccount.com", + "displayName": "test-sa-actions", + "etag": "MDEwMjE5MjA=", + "oauth2ClientId": "110148766213080050189" + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/iam-service-account-enable/get-v1-projects-cloud-custodian-serviceAccounts_1.json b/tools/c7n_gcp/tests/data/flights/iam-service-account-enable/get-v1-projects-cloud-custodian-serviceAccounts_1.json new file mode 100644 index 00000000000..eff6939a388 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/iam-service-account-enable/get-v1-projects-cloud-custodian-serviceAccounts_1.json @@ -0,0 +1,30 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Mon, 26 Apr 2021 15:54:36 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "2724", + "-content-encoding": "gzip", + "content-location": "https://iam.googleapis.com/v1/projects/cloud-custodian/serviceAccounts?alt=json" + }, + "body": { + "accounts": [ + { + "name": "projects/cloud-custodian/serviceAccounts/test-sa-actions@cloud-custodian.iam.gserviceaccount.com", + "projectId": "cloud-custodian", + "email": "test-sa-actions@cloud-custodian.iam.gserviceaccount.com", + "displayName": "test-sa-actions", + "etag": "MDEwMjE5MjA=", + "disabled": true + } + ] + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/iam-service-account-enable/post-v1-projects-cloud-custodian-serviceAccounts-test-sa-actions@cloud-custodian.iam.gserviceaccount.com-enable_1.json b/tools/c7n_gcp/tests/data/flights/iam-service-account-enable/post-v1-projects-cloud-custodian-serviceAccounts-test-sa-actions@cloud-custodian.iam.gserviceaccount.com-enable_1.json new file mode 100644 index 00000000000..9d907a97c99 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/iam-service-account-enable/post-v1-projects-cloud-custodian-serviceAccounts-test-sa-actions@cloud-custodian.iam.gserviceaccount.com-enable_1.json @@ -0,0 +1,18 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Mon, 26 Apr 2021 15:54:37 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "3", + "-content-encoding": "gzip" + }, + "body": {} +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/iam-service-account-key-query/get-v1-projects-cloud-custodian-serviceAccounts-test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com-keys_1.json b/tools/c7n_gcp/tests/data/flights/iam-service-account-key-query/get-v1-projects-cloud-custodian-serviceAccounts-test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com-keys_1.json new file mode 100644 index 00000000000..0f423431ec6 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/iam-service-account-key-query/get-v1-projects-cloud-custodian-serviceAccounts-test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com-keys_1.json @@ -0,0 +1,38 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Wed, 31 Mar 2021 13:42:48 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "813", + "-content-encoding": "gzip", + "content-location": "https://iam.googleapis.com/v1/projects/cloud-custodian/serviceAccounts/test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com/keys?alt=json" + }, + "body": { + "keys": [ + { + "name": "projects/cloud-custodian/serviceAccounts/test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com/keys/1", + "validAfterTime": "2021-03-23T14:07:01Z", + "validBeforeTime": "2021-04-09T14:07:01Z", + "keyAlgorithm": "KEY_ALG_RSA_2048", + "keyOrigin": "GOOGLE_PROVIDED", + "keyType": "SYSTEM_MANAGED" + }, + { + "name": "projects/cloud-custodian/serviceAccounts/test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com/keys/2", + "validAfterTime": "2021-03-31T13:27:15Z", + "validBeforeTime": "9999-12-31T23:59:59Z", + "keyAlgorithm": "KEY_ALG_RSA_2048", + "keyOrigin": "GOOGLE_PROVIDED", + "keyType": "USER_MANAGED" + } + ] + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/iam-service-account-key-query/get-v1-projects-cloud-custodian-serviceAccounts_1.json b/tools/c7n_gcp/tests/data/flights/iam-service-account-key-query/get-v1-projects-cloud-custodian-serviceAccounts_1.json new file mode 100644 index 00000000000..e88708f82b8 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/iam-service-account-key-query/get-v1-projects-cloud-custodian-serviceAccounts_1.json @@ -0,0 +1,30 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Wed, 31 Mar 2021 13:42:41 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "1876", + "-content-encoding": "gzip", + "content-location": "https://iam.googleapis.com/v1/projects/cloud-custodian/serviceAccounts?alt=json" + }, + "body": { + "accounts": [ + { + "name": "projects/cloud-custodian/serviceAccounts/test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com", + "projectId": "cloud-custodian", + "email": "test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com", + "displayName": "test-cutodian-scc", + "etag": "MDEwMjE5MjA=", + "description": "for testing custodian scc" + } + ] + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/iam-service-account-key/get-v1-projects-cloud-custodian-serviceAccounts-111111111111111-keys-2222_1.json b/tools/c7n_gcp/tests/data/flights/iam-service-account-key/get-v1-projects-cloud-custodian-serviceAccounts-111111111111111-keys-2222_1.json new file mode 100644 index 00000000000..8be7f64e90d --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/iam-service-account-key/get-v1-projects-cloud-custodian-serviceAccounts-111111111111111-keys-2222_1.json @@ -0,0 +1,26 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Wed, 31 Mar 2021 13:35:44 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "363", + "-content-encoding": "gzip", + "content-location": "https://iam.googleapis.com/v1/projects/cloud-custodian/serviceAccounts/111111111111111/keys/2222?alt=json" + }, + "body": { + "name": "projects/cloud-custodian/serviceAccounts/test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com/keys/2222", + "validAfterTime": "2021-03-31T13:27:15Z", + "validBeforeTime": "9999-12-31T23:59:59Z", + "keyAlgorithm": "KEY_ALG_RSA_2048", + "keyOrigin": "GOOGLE_PROVIDED", + "keyType": "USER_MANAGED" + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/iam-service-account-key/get-v1-projects-cloud-custodian-serviceAccounts-test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com_1.json b/tools/c7n_gcp/tests/data/flights/iam-service-account-key/get-v1-projects-cloud-custodian-serviceAccounts-test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com_1.json new file mode 100644 index 00000000000..7a1d6e95403 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/iam-service-account-key/get-v1-projects-cloud-custodian-serviceAccounts-test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com_1.json @@ -0,0 +1,28 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Wed, 31 Mar 2021 13:35:45 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "439", + "-content-encoding": "gzip", + "content-location": "https://iam.googleapis.com/v1/projects/cloud-custodian/serviceAccounts/test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com?alt=json" + }, + "body": { + "name": "projects/cloud-custodian/serviceAccounts/test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com", + "projectId": "cloud-custodian", + "uniqueId": "111111111111111", + "email": "test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com", + "displayName": "test-cutodian-scc", + "etag": "MDEwMjE5MjA=", + "description": "for testing custodian scc", + "oauth2ClientId": "111111111111111" + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/instance-effective-firewall/get-compute-v1-projects-cloud-custodian-aggregated-instances_1.json b/tools/c7n_gcp/tests/data/flights/instance-effective-firewall/get-compute-v1-projects-cloud-custodian-aggregated-instances_1.json new file mode 100644 index 00000000000..71e5bde201c --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/instance-effective-firewall/get-compute-v1-projects-cloud-custodian-aggregated-instances_1.json @@ -0,0 +1,1016 @@ +{ + "headers": { + "etag": "3QMREDsNuoLEkOchUIyLEfgzgeg=/dEdZIz7_dyYmtRquG2tSXCEnBVs=", + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Tue, 30 Mar 2021 14:09:47 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "27497", + "-content-encoding": "gzip", + "content-location": "https://compute.googleapis.com/compute/v1/projects/cloud-custodian/aggregated/instances?alt=json" + }, + "body": { + "id": "projects/cloud-custodian/aggregated/instances", + "items": { + "zones/us-central1-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-central1-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-central1-a" + } + ] + } + }, + "zones/us-central1-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-central1-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-central1-b" + } + ] + } + }, + "zones/us-central1-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-central1-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-central1-c" + } + ] + } + }, + "zones/us-central1-f": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-central1-f' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-central1-f" + } + ] + } + }, + "zones/europe-west1-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-west1-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-west1-b" + } + ] + } + }, + "zones/europe-west1-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-west1-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-west1-c" + } + ] + } + }, + "zones/europe-west1-d": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-west1-d' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-west1-d" + } + ] + } + }, + "zones/us-west1-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-west1-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-west1-a" + } + ] + } + }, + "zones/us-west1-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-west1-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-west1-b" + } + ] + } + }, + "zones/us-west1-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-west1-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-west1-c" + } + ] + } + }, + "zones/asia-east1-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-east1-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-east1-a" + } + ] + } + }, + "zones/asia-east1-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-east1-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-east1-b" + } + ] + } + }, + "zones/asia-east1-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-east1-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-east1-c" + } + ] + } + }, + "zones/us-east1-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-east1-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-east1-b" + } + ] + } + }, + "zones/us-east1-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-east1-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-east1-c" + } + ] + } + }, + "zones/us-east1-d": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-east1-d' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-east1-d" + } + ] + } + }, + "zones/asia-northeast1-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-northeast1-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-northeast1-a" + } + ] + } + }, + "zones/asia-northeast1-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-northeast1-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-northeast1-b" + } + ] + } + }, + "zones/asia-northeast1-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-northeast1-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-northeast1-c" + } + ] + } + }, + "zones/asia-southeast1-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-southeast1-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-southeast1-a" + } + ] + } + }, + "zones/asia-southeast1-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-southeast1-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-southeast1-b" + } + ] + } + }, + "zones/asia-southeast1-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-southeast1-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-southeast1-c" + } + ] + } + }, + "zones/us-east4-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-east4-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-east4-a" + } + ] + } + }, + "zones/us-east4-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-east4-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-east4-b" + } + ] + } + }, + "zones/us-east4-c": { + "instances": [ + { + "id": "402279439148739539", + "creationTimestamp": "2021-03-11T18:43:09.644-08:00", + "name": "iap-test-webapp", + "description": "", + "tags": { + "items": [ + "iap-test-webapp" + ], + "fingerprint": "5WnFYgcMLqI=" + }, + "machineType": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/zones/us-east4-c/machineTypes/e2-micro", + "status": "RUNNING", + "zone": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/zones/us-east4-c", + "canIpForward": false, + "networkInterfaces": [ + { + "network": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/global/networks/default", + "subnetwork": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/us-east4/subnetworks/default", + "networkIP": "10.150.0.2", + "name": "nic0", + "fingerprint": "gyC4hDfoKLM=", + "kind": "compute#networkInterface" + } + ], + "disks": [ + { + "type": "PERSISTENT", + "mode": "READ_WRITE", + "source": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/zones/us-east4-c/disks/iap-test-webapp", + "deviceName": "iap-test-webapp", + "index": 0, + "boot": true, + "autoDelete": true, + "licenses": [ + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/global/licenses/debian-10-buster" + ], + "interface": "SCSI", + "guestOsFeatures": [ + { + "type": "UEFI_COMPATIBLE" + }, + { + "type": "VIRTIO_SCSI_MULTIQUEUE" + } + ], + "diskSizeGb": "10", + "kind": "compute#attachedDisk" + } + ], + "metadata": { + "fingerprint": "VcHG23KtyMw=", + "kind": "compute#metadata" + }, + "selfLink": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/zones/us-east4-c/instances/iap-test-webapp", + "scheduling": { + "onHostMaintenance": "MIGRATE", + "automaticRestart": true, + "preemptible": false + }, + "cpuPlatform": "Intel Broadwell", + "labelFingerprint": "42WmSpB8rSM=", + "startRestricted": false, + "deletionProtection": false, + "reservationAffinity": { + "consumeReservationType": "ANY_RESERVATION" + }, + "displayDevice": { + "enableDisplay": false + }, + "shieldedInstanceConfig": { + "enableSecureBoot": false, + "enableVtpm": true, + "enableIntegrityMonitoring": true + }, + "shieldedInstanceIntegrityPolicy": { + "updateAutoLearnPolicy": true + }, + "confidentialInstanceConfig": { + "enableConfidentialCompute": false + }, + "fingerprint": "dFfQJQEV6ng=", + "lastStartTimestamp": "2021-03-25T06:51:01.815-07:00", + "lastStopTimestamp": "2021-03-23T07:55:46.731-07:00", + "kind": "compute#instance" + } + ] + }, + "zones/australia-southeast1-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/australia-southeast1-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/australia-southeast1-c" + } + ] + } + }, + "zones/australia-southeast1-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/australia-southeast1-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/australia-southeast1-a" + } + ] + } + }, + "zones/australia-southeast1-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/australia-southeast1-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/australia-southeast1-b" + } + ] + } + }, + "zones/europe-west2-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-west2-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-west2-a" + } + ] + } + }, + "zones/europe-west2-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-west2-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-west2-b" + } + ] + } + }, + "zones/europe-west2-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-west2-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-west2-c" + } + ] + } + }, + "zones/europe-west3-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-west3-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-west3-c" + } + ] + } + }, + "zones/europe-west3-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-west3-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-west3-a" + } + ] + } + }, + "zones/europe-west3-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-west3-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-west3-b" + } + ] + } + }, + "zones/southamerica-east1-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/southamerica-east1-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/southamerica-east1-a" + } + ] + } + }, + "zones/southamerica-east1-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/southamerica-east1-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/southamerica-east1-b" + } + ] + } + }, + "zones/southamerica-east1-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/southamerica-east1-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/southamerica-east1-c" + } + ] + } + }, + "zones/asia-south1-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-south1-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-south1-b" + } + ] + } + }, + "zones/asia-south1-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-south1-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-south1-a" + } + ] + } + }, + "zones/asia-south1-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-south1-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-south1-c" + } + ] + } + }, + "zones/northamerica-northeast1-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/northamerica-northeast1-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/northamerica-northeast1-a" + } + ] + } + }, + "zones/northamerica-northeast1-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/northamerica-northeast1-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/northamerica-northeast1-b" + } + ] + } + }, + "zones/northamerica-northeast1-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/northamerica-northeast1-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/northamerica-northeast1-c" + } + ] + } + }, + "zones/europe-west4-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-west4-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-west4-c" + } + ] + } + }, + "zones/europe-west4-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-west4-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-west4-b" + } + ] + } + }, + "zones/europe-west4-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-west4-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-west4-a" + } + ] + } + }, + "zones/europe-north1-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-north1-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-north1-b" + } + ] + } + }, + "zones/europe-north1-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-north1-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-north1-c" + } + ] + } + }, + "zones/europe-north1-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-north1-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-north1-a" + } + ] + } + }, + "zones/us-west2-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-west2-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-west2-c" + } + ] + } + }, + "zones/us-west2-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-west2-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-west2-b" + } + ] + } + }, + "zones/us-west2-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-west2-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-west2-a" + } + ] + } + }, + "zones/asia-east2-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-east2-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-east2-c" + } + ] + } + }, + "zones/asia-east2-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-east2-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-east2-b" + } + ] + } + }, + "zones/asia-east2-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-east2-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-east2-a" + } + ] + } + }, + "zones/europe-west6-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-west6-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-west6-b" + } + ] + } + }, + "zones/europe-west6-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-west6-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-west6-c" + } + ] + } + }, + "zones/europe-west6-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-west6-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-west6-a" + } + ] + } + }, + "zones/asia-northeast2-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-northeast2-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-northeast2-b" + } + ] + } + }, + "zones/asia-northeast2-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-northeast2-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-northeast2-c" + } + ] + } + }, + "zones/asia-northeast2-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-northeast2-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-northeast2-a" + } + ] + } + }, + "zones/asia-northeast3-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-northeast3-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-northeast3-a" + } + ] + } + }, + "zones/asia-northeast3-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-northeast3-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-northeast3-c" + } + ] + } + }, + "zones/asia-northeast3-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-northeast3-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-northeast3-b" + } + ] + } + }, + "zones/us-west3-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-west3-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-west3-a" + } + ] + } + }, + "zones/us-west3-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-west3-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-west3-b" + } + ] + } + }, + "zones/us-west3-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-west3-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-west3-c" + } + ] + } + }, + "zones/us-west4-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-west4-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-west4-c" + } + ] + } + }, + "zones/us-west4-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-west4-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-west4-a" + } + ] + } + }, + "zones/us-west4-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/us-west4-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/us-west4-b" + } + ] + } + }, + "zones/asia-southeast2-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-southeast2-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-southeast2-a" + } + ] + } + }, + "zones/asia-southeast2-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-southeast2-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-southeast2-c" + } + ] + } + }, + "zones/asia-southeast2-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/asia-southeast2-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/asia-southeast2-b" + } + ] + } + }, + "zones/europe-central2-b": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-central2-b' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-central2-b" + } + ] + } + }, + "zones/europe-central2-c": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-central2-c' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-central2-c" + } + ] + } + }, + "zones/europe-central2-a": { + "warning": { + "code": "NO_RESULTS_ON_PAGE", + "message": "There are no results for scope 'zones/europe-central2-a' on this page.", + "data": [ + { + "key": "scope", + "value": "zones/europe-central2-a" + } + ] + } + } + }, + "selfLink": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/aggregated/instances", + "kind": "compute#instanceAggregatedList" + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/instance-effective-firewall/get-compute-v1-projects-cloud-custodian-zones-us-east4-c-instances-iap-test-webapp-getEffectiveFirewalls_1.json b/tools/c7n_gcp/tests/data/flights/instance-effective-firewall/get-compute-v1-projects-cloud-custodian-zones-us-east4-c-instances-iap-test-webapp-getEffectiveFirewalls_1.json new file mode 100644 index 00000000000..9eac2b0a2ac --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/instance-effective-firewall/get-compute-v1-projects-cloud-custodian-zones-us-east4-c-instances-iap-test-webapp-getEffectiveFirewalls_1.json @@ -0,0 +1,115 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Tue, 30 Mar 2021 14:09:49 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "5971", + "-content-encoding": "gzip", + "content-location": "https://compute.googleapis.com/compute/v1/projects/cloud-custodian/zones/us-east4-c/instances/iap-test-webapp/getEffectiveFirewalls?networkInterface=nic0&alt=json" + }, + "body": { + "firewalls": [ + { + "id": "4713402177317714233", + "creationTimestamp": "2021-03-02T10:45:42.112-08:00", + "name": "default-allow-ssh", + "description": "Allow SSH from anywhere", + "network": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/global/networks/default", + "priority": 65534, + "sourceRanges": [ + "36.235.250.0/20" + ], + "allowed": [ + { + "IPProtocol": "tcp", + "ports": [ + "22" + ] + } + ], + "direction": "INGRESS", + "logConfig": { + "enable": true, + "metadata": "EXCLUDE_ALL_METADATA" + }, + "disabled": true, + "selfLink": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/global/firewalls/default-allow-ssh", + "kind": "compute#firewall" + }, + { + "id": "358824338733749616", + "creationTimestamp": "2021-03-16T10:32:15.618-07:00", + "name": "ssh-access-via-iap", + "description": "allows ssh access via iap", + "network": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/global/networks/default", + "priority": 499, + "sourceRanges": [ + "35.235.240.0/20" + ], + "allowed": [ + { + "IPProtocol": "tcp", + "ports": [ + "22", + "3389" + ] + } + ], + "direction": "INGRESS", + "logConfig": { + "enable": true, + "metadata": "EXCLUDE_ALL_METADATA" + }, + "disabled": true, + "selfLink": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/global/firewalls/ssh-access-via-iap", + "kind": "compute#firewall" + }, + { + "id": "6315777690029996345", + "creationTimestamp": "2021-03-02T10:45:42.110-08:00", + "name": "default-allow-internal", + "description": "Allow internal traffic on the default network", + "network": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/global/networks/default", + "priority": 65534, + "sourceRanges": [ + "10.128.0.0/9" + ], + "allowed": [ + { + "IPProtocol": "tcp", + "ports": [ + "0-65535" + ] + }, + { + "IPProtocol": "udp", + "ports": [ + "0-65535" + ] + }, + { + "IPProtocol": "icmp" + } + ], + "direction": "INGRESS", + "logConfig": { + "enable": true, + "metadata": "EXCLUDE_ALL_METADATA" + }, + "disabled": false, + "selfLink": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/global/firewalls/default-allow-internal", + "kind": "compute#firewall" + } + ], + "firewallPolicys": [ + ] + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber-run/get-compute-v1-projects-cloud-custodian-regions-asia-northeast1-subnetworks-a22222222222222222_1.json b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber-run/get-compute-v1-projects-cloud-custodian-regions-asia-northeast1-subnetworks-a22222222222222222_1.json new file mode 100644 index 00000000000..74fb99451a3 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber-run/get-compute-v1-projects-cloud-custodian-regions-asia-northeast1-subnetworks-a22222222222222222_1.json @@ -0,0 +1,30 @@ +{ + "headers": { + "etag": "sbdFmx77i1RbY1n5Y5HAh3_gEbA=/6I-SqQNS4M73JMOHf149Vxf66OQ=", + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Mon, 29 Mar 2021 15:41:30 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "649", + "-content-encoding": "gzip", + "content-location": "https://compute.googleapis.com/compute/v1/projects/cloud-custodian/regions/asia-northeast1/subnetworks/a22222222222222222?alt=json" + }, + "body": { + "id": "a22222222222222222", + "creationTimestamp": "2021-03-02T10:45:17.960-08:00", + "name": "default", + "network": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/global/networks/default", + "region": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/asia-northeast1", + "selfLink": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/asia-northeast1/subnetworks/default", + "fingerprint": "QmcEMdCHRrc=", + "purpose": "PRIVATE", + "kind": "compute#subnetwork" + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/delete-v1-organizations-111111111111-notificationConfigs-custodian-auto-scc-bucket_1.json b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/delete-v1-organizations-111111111111-notificationConfigs-custodian-auto-scc-bucket_1.json new file mode 100644 index 00000000000..da565a79abf --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/delete-v1-organizations-111111111111-notificationConfigs-custodian-auto-scc-bucket_1.json @@ -0,0 +1,18 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Mon, 29 Mar 2021 14:19:02 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "3", + "-content-encoding": "gzip" + }, + "body": {} +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/delete-v1-projects-cloud-custodian-locations-us-central1-functions-test-scc_1.json b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/delete-v1-projects-cloud-custodian-locations-us-central1-functions-test-scc_1.json new file mode 100644 index 00000000000..c7477a033bf --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/delete-v1-projects-cloud-custodian-locations-us-central1-functions-test-scc_1.json @@ -0,0 +1,29 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Mon, 29 Mar 2021 14:19:03 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "447", + "-content-encoding": "gzip" + }, + "body": { + "name": "operations/cHJlbWlzZS1nb3Zlcm5hbmNlLXJkL3VzLWNlbnRyYWwxL3Rlc3Qtc2NjLzRsZVBXbWp4WVpV", + "metadata": { + "@type": "type.googleapis.com/google.cloud.functions.v1.OperationMetadataV1", + "target": "projects/cloud-custodian/locations/us-central1/functions/test-scc", + "type": "DELETE_FUNCTION", + "request": { + "@type": "type.googleapis.com/google.protobuf.Empty" + }, + "updateTime": "2021-03-29T14:19:03Z" + } + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/delete-v1-projects-cloud-custodian-topics-custodian-auto-scc-bucket_1.json b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/delete-v1-projects-cloud-custodian-topics-custodian-auto-scc-bucket_1.json new file mode 100644 index 00000000000..a63ca220094 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/delete-v1-projects-cloud-custodian-topics-custodian-auto-scc-bucket_1.json @@ -0,0 +1,18 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Mon, 29 Mar 2021 14:15:12 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "3", + "-content-encoding": "gzip" + }, + "body": {} +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/get-v1-organizations-111111111111-notificationConfigs-custodian-auto-scc-bucket_1.json b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/get-v1-organizations-111111111111-notificationConfigs-custodian-auto-scc-bucket_1.json new file mode 100644 index 00000000000..2019a2bdd83 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/get-v1-organizations-111111111111-notificationConfigs-custodian-auto-scc-bucket_1.json @@ -0,0 +1,24 @@ +{ + "headers": { + "vary": "Origin, X-Origin, Referer", + "content-type": "application/json; charset=UTF-8", + "date": "Mon, 29 Mar 2021 13:59:51 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "404", + "content-length": "114", + "-content-encoding": "gzip" + }, + "body": { + "error": { + "code": 404, + "message": "Requested entity was not found.", + "status": "NOT_FOUND" + } + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/get-v1-organizations-111111111111-notificationConfigs-custodian-auto-scc-bucket_2.json b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/get-v1-organizations-111111111111-notificationConfigs-custodian-auto-scc-bucket_2.json new file mode 100644 index 00000000000..38dcf6fecb3 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/get-v1-organizations-111111111111-notificationConfigs-custodian-auto-scc-bucket_2.json @@ -0,0 +1,27 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Mon, 29 Mar 2021 13:59:54 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "447", + "-content-encoding": "gzip", + "content-location": "https://securitycenter.googleapis.com/v1/organizations/111111111111/notificationConfigs/custodian-auto-scc-bucket?alt=json" + }, + "body": { + "name": "organizations/111111111111/notificationConfigs/custodian-auto-scc-bucket", + "description": "auto created by cloud custodian for resource bucket", + "pubsubTopic": "projects/cloud-custodian/topics/custodian-auto-scc-bucket", + "serviceAccount": "service-org-111111111111@gcp-sa-scc-notification.iam.gserviceaccount.com", + "streamingConfig": { + "filter": "resource.type=\"google.cloud.storage.Bucket\"" + } + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/get-v1-projects-cloud-custodian-locations-us-central1-functions-test-scc_1.json b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/get-v1-projects-cloud-custodian-locations-us-central1-functions-test-scc_1.json new file mode 100644 index 00000000000..558f9b5e5ff --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/get-v1-projects-cloud-custodian-locations-us-central1-functions-test-scc_1.json @@ -0,0 +1,24 @@ +{ + "headers": { + "vary": "Origin, X-Origin, Referer", + "content-type": "application/json; charset=UTF-8", + "date": "Mon, 29 Mar 2021 13:59:42 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "404", + "content-length": "170", + "-content-encoding": "gzip" + }, + "body": { + "error": { + "code": 404, + "message": "Function test-scc in region us-central1 in project cloud-custodian does not exist", + "status": "NOT_FOUND" + } + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/get-v1-projects-cloud-custodian-locations-us-central1-functions-test-scc_2.json b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/get-v1-projects-cloud-custodian-locations-us-central1-functions-test-scc_2.json new file mode 100644 index 00000000000..958e56deac6 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/get-v1-projects-cloud-custodian-locations-us-central1-functions-test-scc_2.json @@ -0,0 +1,41 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Mon, 29 Mar 2021 13:59:54 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "1375", + "-content-encoding": "gzip", + "content-location": "https://cloudfunctions.googleapis.com/v1/projects/cloud-custodian/locations/us-central1/functions/test-scc?alt=json" + }, + "body": { + "name": "projects/cloud-custodian/locations/us-central1/functions/test-scc", + "eventTrigger": { + "eventType": "providers/cloud.pubsub/eventTypes/topic.publish", + "resource": "projects/cloud-custodian/topics/custodian-auto-scc-bucket", + "service": "pubsub.googleapis.com", + "failurePolicy": {} + }, + "status": "DEPLOY_IN_PROGRESS", + "entryPoint": "run", + "timeout": "60s", + "availableMemoryMb": 512, + "serviceAccountEmail": "cloud-custodian@appspot.gserviceaccount.com", + "updateTime": "2021-03-29T13:59:52.634Z", + "versionId": "1", + "labels": { + "deployment-tool": "custodian" + }, + "sourceUploadUrl": "https://storage.googleapis.com/gcf-upload-us-central1-db550cf8-9d78-456c-96b1-6069320edaa3/f89d2596-4ecf-4488-a79e-ac6ca774c786.zip?GoogleAccessId=service-99999999999@gcf-admin-robot.iam.gserviceaccount.com&Expires=1617028182&Signature=vMAJdLOJSWspft8eLsqjs0sDI4JgkZQrrxR88Vq1iRkoHqoIM%2BC61ALIrHPTOi60ILcOh4B3y2ORQ469M5mk9ti7xy6KU3JXUwk67v2sV%2B4zVEQ9stdgNujPUxPCamtP65%2BeGwc5eBwLNNppTO0j%2BR2hmB%2BVRnaVI1MvGm3hQUyWmFAwwHfDtTUh%2F%2FPEd%2FKBsbURFYgbToOMuEzePDcFxYDvuVIzri%2F1oiid1PIVgaosJP1%2BZ4srQbHBlVde62TDSqZwkG9RfA3rRIj1Q22UxzoZAQSGUD9RCBiY1M6Q4Z%2FVqnBFa4r76rmv49ENEuI9KyzI%2BtLw5jO2qv3XbRWSIA%3D%3D", + "runtime": "python37", + "ingressSettings": "ALLOW_ALL", + "buildId": "57089f74-d57a-4bc3-aa10-80d8e6ca5415" + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/get-v1-projects-cloud-custodian-topics-custodian-auto-scc-bucket_1.json b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/get-v1-projects-cloud-custodian-topics-custodian-auto-scc-bucket_1.json new file mode 100644 index 00000000000..45c823226dc --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/get-v1-projects-cloud-custodian-topics-custodian-auto-scc-bucket_1.json @@ -0,0 +1,21 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Mon, 29 Mar 2021 13:59:50 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "80", + "-content-encoding": "gzip", + "content-location": "https://pubsub.googleapis.com/v1/projects/cloud-custodian/topics/custodian-auto-scc-bucket?alt=json" + }, + "body": { + "name": "projects/cloud-custodian/topics/custodian-auto-scc-bucket" + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/get-v1-projects-cloud-custodian-topics-custodian-auto-scc-bucket_2.json b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/get-v1-projects-cloud-custodian-topics-custodian-auto-scc-bucket_2.json new file mode 100644 index 00000000000..6f1c8086d98 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/get-v1-projects-cloud-custodian-topics-custodian-auto-scc-bucket_2.json @@ -0,0 +1,21 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Mon, 29 Mar 2021 13:59:54 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "80", + "-content-encoding": "gzip", + "content-location": "https://pubsub.googleapis.com/v1/projects/cloud-custodian/topics/custodian-auto-scc-bucket?alt=json" + }, + "body": { + "name": "projects/cloud-custodian/topics/custodian-auto-scc-bucket" + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/post-v1-organizations-111111111111-notificationConfigs_1.json b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/post-v1-organizations-111111111111-notificationConfigs_1.json new file mode 100644 index 00000000000..332859ee951 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/post-v1-organizations-111111111111-notificationConfigs_1.json @@ -0,0 +1,26 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Mon, 29 Mar 2021 13:59:52 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "447", + "-content-encoding": "gzip" + }, + "body": { + "name": "organizations/111111111111/notificationConfigs/custodian-auto-scc-bucket", + "description": "auto created by cloud custodian for resource bucket", + "pubsubTopic": "projects/cloud-custodian/topics/custodian-auto-scc-bucket", + "serviceAccount": "service-org-111111111111@gcp-sa-scc-notification.iam.gserviceaccount.com", + "streamingConfig": { + "filter": "resource.type=\"google.cloud.storage.Bucket\"" + } + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/post-v1-projects-cloud-custodian-locations-us-central1-functions-generateUploadUrl_1.json b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/post-v1-projects-cloud-custodian-locations-us-central1-functions-generateUploadUrl_1.json new file mode 100644 index 00000000000..00a1ed67ee3 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/post-v1-projects-cloud-custodian-locations-us-central1-functions-generateUploadUrl_1.json @@ -0,0 +1,20 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Mon, 29 Mar 2021 13:59:43 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "631", + "-content-encoding": "gzip" + }, + "body": { + "uploadUrl": "https://storage.googleapis.com/gcf-upload-us-central1-db550cf8-9d78-456c-96b1-6069320edaa3/f89d2596-4ecf-4488-a79e-ac6ca774c786.zip?GoogleAccessId=service-99999999999@gcf-admin-robot.iam.gserviceaccount.com&Expires=1617028182&Signature=vMAJdLOJSWspft8eLsqjs0sDI4JgkZQrrxR88Vq1iRkoHqoIM%2BC61ALIrHPTOi60ILcOh4B3y2ORQ469M5mk9ti7xy6KU3JXUwk67v2sV%2B4zVEQ9stdgNujPUxPCamtP65%2BeGwc5eBwLNNppTO0j%2BR2hmB%2BVRnaVI1MvGm3hQUyWmFAwwHfDtTUh%2F%2FPEd%2FKBsbURFYgbToOMuEzePDcFxYDvuVIzri%2F1oiid1PIVgaosJP1%2BZ4srQbHBlVde62TDSqZwkG9RfA3rRIj1Q22UxzoZAQSGUD9RCBiY1M6Q4Z%2FVqnBFa4r76rmv49ENEuI9KyzI%2BtLw5jO2qv3XbRWSIA%3D%3D" + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/post-v1-projects-cloud-custodian-locations-us-central1-functions_1.json b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/post-v1-projects-cloud-custodian-locations-us-central1-functions_1.json new file mode 100644 index 00000000000..ddcdcee1d6f --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/post-v1-projects-cloud-custodian-locations-us-central1-functions_1.json @@ -0,0 +1,45 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Mon, 29 Mar 2021 13:59:52 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "1656", + "-content-encoding": "gzip" + }, + "body": { + "name": "operations/cHJlbWlzZS1nb3Zlcm5hbmNlLXJkL3VzLWNlbnRyYWwxL3Rlc3Qtc2NjL2tETm9iSGRxOUtN", + "metadata": { + "@type": "type.googleapis.com/google.cloud.functions.v1.OperationMetadataV1", + "target": "projects/cloud-custodian/locations/us-central1/functions/test-scc", + "type": "CREATE_FUNCTION", + "request": { + "@type": "type.googleapis.com/google.cloud.functions.v1.CloudFunction", + "name": "projects/cloud-custodian/locations/us-central1/functions/test-scc", + "eventTrigger": { + "eventType": "providers/cloud.pubsub/eventTypes/topic.publish", + "resource": "projects/cloud-custodian/topics/custodian-auto-scc-bucket", + "service": "pubsub.googleapis.com", + "failurePolicy": {} + }, + "entryPoint": "run", + "timeout": "60s", + "availableMemoryMb": 512, + "labels": { + "deployment-tool": "custodian" + }, + "sourceUploadUrl": "https://storage.googleapis.com/gcf-upload-us-central1-db550cf8-9d78-456c-96b1-6069320edaa3/f89d2596-4ecf-4488-a79e-ac6ca774c786.zip?GoogleAccessId=service-99999999999@gcf-admin-robot.iam.gserviceaccount.com&Expires=1617028182&Signature=vMAJdLOJSWspft8eLsqjs0sDI4JgkZQrrxR88Vq1iRkoHqoIM%2BC61ALIrHPTOi60ILcOh4B3y2ORQ469M5mk9ti7xy6KU3JXUwk67v2sV%2B4zVEQ9stdgNujPUxPCamtP65%2BeGwc5eBwLNNppTO0j%2BR2hmB%2BVRnaVI1MvGm3hQUyWmFAwwHfDtTUh%2F%2FPEd%2FKBsbURFYgbToOMuEzePDcFxYDvuVIzri%2F1oiid1PIVgaosJP1%2BZ4srQbHBlVde62TDSqZwkG9RfA3rRIj1Q22UxzoZAQSGUD9RCBiY1M6Q4Z%2FVqnBFa4r76rmv49ENEuI9KyzI%2BtLw5jO2qv3XbRWSIA%3D%3D", + "runtime": "python37" + }, + "versionId": "1", + "updateTime": "2021-03-29T13:59:52Z" + } + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/put-gcf-upload-us-central1-db550cf8-9d78-456c-96b1-6069320edaa3-f89d2596-4ecf-4488-a79e-ac6ca774c786.zip_1.json b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/put-gcf-upload-us-central1-db550cf8-9d78-456c-96b1-6069320edaa3-f89d2596-4ecf-4488-a79e-ac6ca774c786.zip_1.json new file mode 100644 index 00000000000..9754d3027fb --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/mu-scc-subscriber/put-gcf-upload-us-central1-db550cf8-9d78-456c-96b1-6069320edaa3-f89d2596-4ecf-4488-a79e-ac6ca774c786.zip_1.json @@ -0,0 +1,19 @@ +{ + "headers": { + "x-guploader-uploadid": "ABg5-UyEP_BF1ev_ivYVFwqcPyLTnBJ8h7-PtU4OmwEbrWIljBID0U6STbKcR_xdUHy3sGrDyCWrzMPHi0_SAetWx8k", + "etag": "\"49b0fbd0cc9416b132a59028866ac6d7\"", + "x-goog-generation": "1617026389575135", + "x-goog-metageneration": "1", + "x-goog-hash": "crc32c=lb0B9A==, md5=SbD70MyUFrEypZAohmrG1w==", + "x-goog-stored-content-length": "537277", + "x-goog-stored-content-encoding": "identity", + "vary": "Origin", + "content-length": "0", + "date": "Mon, 29 Mar 2021 13:59:49 GMT", + "server": "UploadServer", + "content-type": "text/html; charset=UTF-8", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "status": "200" + }, + "body": {} +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/network-get-resource/get-compute-v1-projects-cloud-custodian-global-networks-default_1.json b/tools/c7n_gcp/tests/data/flights/network-get-resource/get-compute-v1-projects-cloud-custodian-global-networks-default_1.json new file mode 100644 index 00000000000..44f1dc4a45b --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/network-get-resource/get-compute-v1-projects-cloud-custodian-global-networks-default_1.json @@ -0,0 +1,60 @@ +{ + "headers": { + "etag": "Vanao6mecwmafzAn2riFZlLu2mI=/FM-l2gkkt05fmyytYLBmxdJRFhI=", + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Tue, 30 Mar 2021 16:38:30 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "4426", + "-content-encoding": "gzip", + "content-location": "https://compute.googleapis.com/compute/v1/projects/cloud-custodian/global/networks/default?alt=json" + }, + "body": { + "id": "6962489933903903064", + "creationTimestamp": "2021-03-02T10:45:11.079-08:00", + "name": "default", + "description": "Default network for the project", + "selfLink": "https://www.googleapis.com/compute/v1/projects/cloud-custodian/global/networks/default", + "autoCreateSubnetworks": true, + "subnetworks": [ + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/asia-northeast3/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/us-west2/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/southamerica-east1/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/us-east1/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/us-east4/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/europe-west3/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/us-west1/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/asia-southeast2/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/us-west4/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/europe-west6/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/europe-north1/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/europe-west1/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/northamerica-northeast1/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/asia-south1/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/asia-east1/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/europe-central2/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/europe-west2/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/asia-east2/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/asia-northeast1/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/asia-southeast1/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/us-west3/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/europe-west4/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/asia-northeast2/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/australia-southeast1/subnetworks/default", + "https://www.googleapis.com/compute/v1/projects/cloud-custodian/regions/us-central1/subnetworks/default" + ], + "peerings": [ + ], + "routingConfig": { + "routingMode": "REGIONAL" + }, + "kind": "compute#network" + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/organization-get-resource/get-v1-organizations-111111111111_1.json b/tools/c7n_gcp/tests/data/flights/organization-get-resource/get-v1-organizations-111111111111_1.json new file mode 100644 index 00000000000..9f218f39c7b --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/organization-get-resource/get-v1-organizations-111111111111_1.json @@ -0,0 +1,23 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Tue, 30 Mar 2021 16:51:35 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "server-timing": "gfet4t7; dur=134", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "208", + "-content-encoding": "gzip", + "content-location": "https://cloudresourcemanager.googleapis.com/v1/organizations/111111111111?alt=json" + }, + "body": { + "displayName": "custodian.com", + "lifecycleState": "ACTIVE", + "name": "organizations/111111111111" + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/data/flights/project-get-resource/get-v1-projects-cloud-custodian_1.json b/tools/c7n_gcp/tests/data/flights/project-get-resource/get-v1-projects-cloud-custodian_1.json new file mode 100644 index 00000000000..5275026e641 --- /dev/null +++ b/tools/c7n_gcp/tests/data/flights/project-get-resource/get-v1-projects-cloud-custodian_1.json @@ -0,0 +1,26 @@ +{ + "headers": { + "content-type": "application/json; charset=UTF-8", + "vary": "Origin, X-Origin, Referer", + "date": "Tue, 30 Mar 2021 16:46:39 GMT", + "server": "ESF", + "cache-control": "private", + "x-xss-protection": "0", + "x-frame-options": "SAMEORIGIN", + "x-content-type-options": "nosniff", + "server-timing": "gfet4t7; dur=117", + "alt-svc": "h3-29=\":443\"; ma=2592000,h3-T051=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"", + "transfer-encoding": "chunked", + "status": "200", + "content-length": "317", + "-content-encoding": "gzip", + "content-location": "https://cloudresourcemanager.googleapis.com/v1/projects/cloud-custodian?alt=json" + }, + "body": { + "projectNumber": "111111111111", + "projectId": "cloud-custodian", + "lifecycleState": "ACTIVE", + "name": "cloud-custodian", + "createTime": "2021-03-02T18:34:12.155Z" + } +} \ No newline at end of file diff --git a/tools/c7n_gcp/tests/test_compute.py b/tools/c7n_gcp/tests/test_compute.py index 85554cbc6a6..868baf8d5fe 100644 --- a/tools/c7n_gcp/tests/test_compute.py +++ b/tools/c7n_gcp/tests/test_compute.py @@ -169,6 +169,22 @@ def test_create_machine_instance_from_instance(self): resources = p.run() self.assertEqual(len(resources), 1) + def test_filter_effective_firewall(self): + project_id = 'cloud-custodian' + factory = self.replay_flight_data('instance-effective-firewall', project_id=project_id) + p = self.load_policy( + {'name': 'test-instance-effective-firewall', + 'resource': 'gcp.instance', + 'filters': [ + {'type': 'effective-firewall', + 'key': 'firewalls[*].name', + 'value': 'default-allow-ssh', + 'op': 'in', + 'value_type': 'swap'}]}, + session_factory=factory) + resources = p.run() + self.assertEqual(len(resources), 1) + class DiskTest(BaseTest): diff --git a/tools/c7n_gcp/tests/test_dataflow.py b/tools/c7n_gcp/tests/test_dataflow.py index a294116de57..832f7e54fdf 100644 --- a/tools/c7n_gcp/tests/test_dataflow.py +++ b/tools/c7n_gcp/tests/test_dataflow.py @@ -18,6 +18,7 @@ def test_query(self): self.assertEqual(resource[0]['name'], 'test') self.assertEqual(resource[0]['projectId'], project_id) self.assertEqual(resource[0]['location'], 'us-central1') + self.assertTrue(resource[0].get("environment")) def test_job_get(self): project_id = 'cloud-custodian' diff --git a/tools/c7n_gcp/tests/test_filters.py b/tools/c7n_gcp/tests/test_filters.py new file mode 100644 index 00000000000..5713f4e689d --- /dev/null +++ b/tools/c7n_gcp/tests/test_filters.py @@ -0,0 +1,124 @@ +# Copyright The Cloud Custodian Authors. +# SPDX-License-Identifier: Apache-2.0 +from gcp_common import BaseTest +from c7n_gcp.filters.metrics import GCPMetricsFilter + + +class TestGCPMetricsFilter(BaseTest): + + def test_metrics(self): + + session_factory = self.replay_flight_data("filter-metrics") + + p = self.load_policy( + { + "name": "test-metrics", + "resource": "gcp.instance", + "filters": [ + {'type': 'metrics', + 'name': 'compute.googleapis.com/instance/cpu/utilization', + 'metric-key': 'metric.labels.instance_name', + 'resource-key': 'name', + 'aligner': 'ALIGN_MEAN', + 'days': 14, + 'value': .1, + 'filter': ' resource.labels.zone = "us-east4-c"', + 'op': 'less-than'}], + }, + session_factory=session_factory, + ) + resources = p.run() + self.assertEqual(len(resources), 1) + metric_name = 'compute.googleapis.com/instance/cpu/utilization.ALIGN_MEAN.REDUCE_NONE' + metric = resources[0]['c7n.metrics'][metric_name] + self.assertGreater(.1, metric['points'][0]['value']['doubleValue']) + + def test_no_metrics_found(self): + + session_factory = self.replay_flight_data("filter-no-metrics") + + p = self.load_policy( + { + "name": "test-metrics", + "resource": "gcp.instance", + "filters": [ + {'type': 'metrics', + 'name': 'compute.googleapis.com/instance/cpu/utilization', + 'metric-key': 'metric.labels.instance_name', + 'resource-key': 'name', + 'aligner': 'ALIGN_MEAN', + 'days': 14, + 'value': .1, + 'filter': ' resource.labels.zone = "us-east4-d"', + 'op': 'less-than'}], + }, + session_factory=session_factory, + ) + resources = p.run() + self.assertEqual(len(resources), 0) + + def test_batch_resources(self): + policy = self.load_policy({ + "name": "test_batch_resources", + "resource": "gcp.instance"}) + + metric_filter = GCPMetricsFilter({'type': 'metrics', + 'name': 'compute.googleapis.com/instance/cpu/utilization', + 'metric-key': 'metric.labels.instance_name', + 'resource-key': 'name', + 'value': .1, + 'filter': ' resource.labels.zone = "us-east4-d"', + 'op': 'less-than'}, manager=policy.resource_manager) + resources = [{ + "name": "test_very_long_name" + }] * 300 + metric_filter.process([]) + batch = metric_filter.get_batched_query_filter(resources) + + self.assertEqual(len(batch), 2) + self.assertLess(len(batch[0]), 11000) + self.assertIn('resource.labels.zone = "us-east4-d"', batch[0]) + self.assertIn('metric.type = "compute.googleapis.com/instance/cpu/utilization"', batch[0]) + self.assertIn('resource.labels.zone = "us-east4-d"', batch[1]) + self.assertIn('metric.type = "compute.googleapis.com/instance/cpu/utilization"', batch[1]) + + +class TestSecurityComandCenterFindingsFilter(BaseTest): + + def test_findings(self): + + session_factory = self.replay_flight_data("filter-scc-findings") + + p = self.load_policy( + { + "name": "test-scc-findings", + "resource": "gcp.bucket", + "filters": [ + {'type': 'scc-findings', + 'org': 111111111111, + 'key': 'category', + 'value': 'BUCKET_LOGGING_DISABLED'}], + }, + session_factory=session_factory, + ) + resources = p.run() + self.assertEqual(len(resources), 1) + self.assertEqual(resources[0]['c7n:matched-findings'][0]['category'], + 'BUCKET_LOGGING_DISABLED') + + def test_findings_no_key(self): + + session_factory = self.replay_flight_data("filter-scc-findings") + + p = self.load_policy( + { + "name": "test-scc-findings", + "resource": "gcp.bucket", + "filters": [ + {'type': 'scc-findings', + 'org': 111111111111}], + }, + session_factory=session_factory, + ) + resources = p.run() + self.assertEqual(len(resources), 1) diff --git a/tools/c7n_gcp/tests/test_gcp_iam.py b/tools/c7n_gcp/tests/test_gcp_iam.py index 68a27438a7a..eab7da20e7c 100644 --- a/tools/c7n_gcp/tests/test_gcp_iam.py +++ b/tools/c7n_gcp/tests/test_gcp_iam.py @@ -1,7 +1,10 @@ # Copyright The Cloud Custodian Authors. # SPDX-License-Identifier: Apache-2.0 +import time + from gcp_common import BaseTest, event_data +from googleapiclient.errors import HttpError class ProjectRoleTest(BaseTest): @@ -39,6 +42,107 @@ def test_get(self): 'unique_id': '110936229421407410679'}) self.assertEqual(resource['displayName'], 'devtest') + def test_disable(self): + factory = self.replay_flight_data('iam-service-account-disable') + p = self.load_policy({ + 'name': 'sa-disable', + 'resource': 'gcp.service-account', + 'actions': ['disable']}, + session_factory=factory) + resources = p.run() + self.assertEqual(len(resources), 1) + if self.recording: + time.sleep(1) + client = p.resource_manager.get_client() + result = client.execute_query('get', {'name': resources[0]["name"]}) + self.assertTrue(result['disabled']) + + def test_enable(self): + factory = self.replay_flight_data('iam-service-account-enable') + p = self.load_policy({ + 'name': 'sa-enable', + 'resource': 'gcp.service-account', + 'actions': ['enable']}, + session_factory=factory) + resources = p.run() + self.assertEqual(len(resources), 1) + if self.recording: + time.sleep(1) + client = p.resource_manager.get_client() + result = client.execute_query('get', {'name': resources[0]["name"]}) + self.assertIsNone(result.get('disabled')) + + def test_delete(self): + factory = self.replay_flight_data('iam-service-account-delete') + p = self.load_policy({ + 'name': 'sa-delete', + 'resource': 'gcp.service-account', + 'actions': ['delete']}, + session_factory=factory) + resources = p.run() + self.assertEqual(len(resources), 1) + if self.recording: + time.sleep(1) + client = p.resource_manager.get_client() + try: + client.execute_query('get', {'name': resources[0]["name"]}) + self.fail('found deleted service account') + except HttpError as e: + self.assertTrue("Account deleted" in str(e)) + + +class ServiceAccountKeyTest(BaseTest): + + def test_service_account_key_query(self): + project_id = "cloud-custodian" + + session_factory = self.replay_flight_data( + 'iam-service-account-key-query', project_id) + + policy = self.load_policy( + { + 'name': 'iam-service-account-key-query', + 'resource': 'gcp.service-account-key' + }, + session_factory=session_factory) + + resources = policy.run() + self.assertEqual(len(resources), 2) + self.assertEqual(resources[0]["keyType"], "SYSTEM_MANAGED") + self.assertEqual(resources[1]["keyType"], "USER_MANAGED") + + def test_get_service_account_key(self): + factory = self.replay_flight_data('iam-service-account-key') + p = self.load_policy({ + 'name': 'sa-key-get', + 'resource': 'gcp.service-account-key'}, + session_factory=factory) + resource = p.resource_manager.get_resource( + {'resourceName': '//iam.googleapis.com/projects/cloud-custodian/' + 'serviceAccounts/111111111111111/keys/2222'}) + self.assertEqual(resource['keyType'], 'USER_MANAGED') + self.assertEqual(resource["c7n:service-account"]["email"], + "test-cutodian-scc@cloud-custodian.iam.gserviceaccount.com") + + def test_delete_service_account_key(self): + factory = self.replay_flight_data('iam-delete-service-account-key') + p = self.load_policy({ + 'name': 'sa-key-delete', + 'resource': 'gcp.service-account-key', + 'actions': ['delete']}, + session_factory=factory) + resources = p.run() + self.assertEqual(len(resources), 1) + if self.recording: + time.sleep(1) + client = p.resource_manager.get_client() + try: + result = client.execute_query( + 'get', {'name': resources[0]["name"]}) + self.fail('found deleted service account key: %s' % result) + except HttpError as e: + self.assertTrue("does not exist" in str(e)) + class IAMRoleTest(BaseTest): diff --git a/tools/c7n_gcp/tests/test_mu_gcp.py b/tools/c7n_gcp/tests/test_mu_gcp.py index 3cedc550872..a0335533e3f 100644 --- a/tools/c7n_gcp/tests/test_mu_gcp.py +++ b/tools/c7n_gcp/tests/test_mu_gcp.py @@ -262,3 +262,80 @@ def test_api_subscriber(self): # function requirements building primarily. time.sleep(42) p.get_execution_mode().deprovision() + + @functional + def test_scc_subscriber(self): + + project_id = 'cloud-custodian' + org = 111111111111 + factory = self.replay_flight_data('mu-scc-subscriber', project_id=project_id) + p = self.load_policy( + {'name': 'test-scc', + 'resource': 'gcp.bucket', + 'mode': { + 'type': 'gcp-scc', + 'org': org}}, + session_factory=factory) + + # Create all policy resources. + p.provision() + + session = factory() + region = 'us-central1' + func_client = session.client('cloudfunctions', 'v1', 'projects.locations.functions') + pubsub_client = session.client('pubsub', 'v1', 'projects.topics') + notification_client = session.client('securitycenter', 'v1', + 'organizations.notificationConfigs') + + # Check on the resources for the scc subscription + + pubsub_topic = 'projects/{}/topics/custodian-auto-scc-bucket'.format( + project_id) + # check function exists + func_info = func_client.execute_command( + 'get', {'name': 'projects/{}/locations/{}/functions/test-scc'.format( + project_id, region)}) + self.assertEqual( + func_info['eventTrigger']['eventType'], + 'providers/cloud.pubsub/eventTypes/topic.publish') + self.assertEqual( + func_info['eventTrigger']['resource'], + pubsub_topic) + + # check notification config exists + config_name = "organizations/{}/notificationConfigs/{}".format(org, + "custodian-auto-scc-bucket") + + notification_config = notification_client.execute_command( + 'get', {'name': config_name}) + self.assertEqual( + notification_config['pubsubTopic'], pubsub_topic) + + # check topic exists + topic_info = pubsub_client.execute_command( + 'get', {'topic': pubsub_topic}) + self.assertEqual( + topic_info['name'], pubsub_topic) + + if self.recording: + # we sleep to allow time for in progress operations on creation to complete + # function requirements building primarily. + time.sleep(42) + p.get_execution_mode().deprovision() + + def test_scc_subscriber_run(self): + project_id = "cloud-custodian" + factory = self.replay_flight_data('mu-scc-subscriber-run', project_id=project_id) + p = self.load_policy({ + 'name': 'test-scc-run', + 'resource': 'gcp.subnet', + 'mode': { + 'type': 'gcp-scc', + 'org': 111111111111}}, + session_factory=factory) + exec_mode = p.get_execution_mode() + self.assertTrue(isinstance(exec_mode, policy.SecurityCenterMode)) + event = event_data('network-finding.json') + resources = exec_mode.run(event, None) + self.assertEqual(len(resources), 1) + self.assertEqual(resources[0]['id'], "a22222222222222222") diff --git a/tools/c7n_gcp/tests/test_network.py b/tools/c7n_gcp/tests/test_network.py index 00c799e2145..b747c166ee7 100644 --- a/tools/c7n_gcp/tests/test_network.py +++ b/tools/c7n_gcp/tests/test_network.py @@ -61,6 +61,21 @@ def test_firewall_delete(self): self.assertTrue("was not found" in str(e)) +class NetworkTest(BaseTest): + + def test_network_get(self): + factory = self.replay_flight_data( + 'network-get-resource', project_id='cloud-custodian') + p = self.load_policy({'name': 'network', 'resource': 'gcp.vpc'}, + session_factory=factory) + network = p.resource_manager.get_resource({ + "resourceName": + "//compute.googleapis.com/projects/cloud-custodian/" + "global/networks/default"}) + self.assertEqual(network['name'], 'default') + self.assertEqual(network['autoCreateSubnetworks'], True) + + class SubnetTest(BaseTest): def test_subnet_get(self): @@ -69,9 +84,10 @@ def test_subnet_get(self): p = self.load_policy({'name': 'subnet', 'resource': 'gcp.subnet'}, session_factory=factory) subnet = p.resource_manager.get_resource({ - "location": "us-central1", + "resourceName": + "//compute.googleapis.com/projects/cloud-custodian/" + "regions/us-central1/subnetworks/default", "project_id": "cloud-custodian", - "subnetwork_id": "4686700484947109325", "subnetwork_name": "default"}) self.assertEqual(subnet['name'], 'default') self.assertEqual(subnet['privateIpGoogleAccess'], True) diff --git a/tools/c7n_gcp/tests/test_resourcemanager.py b/tools/c7n_gcp/tests/test_resourcemanager.py index 18e8df2b0b2..8d0059bd3ff 100644 --- a/tools/c7n_gcp/tests/test_resourcemanager.py +++ b/tools/c7n_gcp/tests/test_resourcemanager.py @@ -53,6 +53,16 @@ def test_policy_resource_limits_count(self): class OrganizationTest(BaseTest): + def test_project_get(self): + factory = self.replay_flight_data( + 'organization-get-resource', project_id='cloud-custodian') + p = self.load_policy({'name': 'organization', 'resource': 'gcp.organization'}, + session_factory=factory) + org = p.resource_manager.get_resource({ + "resourceName": "//cloudresourcemanager.googleapis.com/" + "organizations/111111111111"}) + self.assertEqual(org['lifecycleState'], 'ACTIVE') + self.assertEqual(org['displayName'], 'custodian.com') def test_organization_query(self): organization_name = 'organizations/851339424791' @@ -125,6 +135,17 @@ def test_folder_query(self): class ProjectTest(BaseTest): + def test_project_get(self): + factory = self.replay_flight_data( + 'project-get-resource', project_id='cloud-custodian') + p = self.load_policy({'name': 'project', 'resource': 'gcp.project'}, + session_factory=factory) + project = p.resource_manager.get_resource({ + "resourceName": "//cloudresourcemanager.googleapis.com/" + "projects/cloud-custodian"}) + self.assertEqual(project['lifecycleState'], 'ACTIVE') + self.assertEqual(project['name'], 'cloud-custodian') + @pytest.mark.skipif( sys.platform.startswith('win'), reason='windows file path fun') def test_propagate_tags(self): diff --git a/tools/c7n_guardian/setup.py b/tools/c7n_guardian/setup.py index 9148a7a839e..93a93faa059 100644 --- a/tools/c7n_guardian/setup.py +++ b/tools/c7n_guardian/setup.py @@ -16,6 +16,7 @@ long_description=description, long_description_content_type='text/markdown', classifiers=[ + "License :: OSI Approved :: Apache Software License", "Topic :: System :: Systems Administration", "Topic :: System :: Distributed Computing" ], diff --git a/tools/c7n_kube/poetry.lock b/tools/c7n_kube/poetry.lock index 4d81804c537..7640b02ad9a 100644 --- a/tools/c7n_kube/poetry.lock +++ b/tools/c7n_kube/poetry.lock @@ -1,13 +1,13 @@ [[package]] name = "argcomplete" -version = "1.12.2" +version = "1.12.3" description = "Bash tab completion for argparse" category = "dev" optional = false python-versions = "*" [package.dependencies] -importlib-metadata = {version = ">=0.23,<4", markers = "python_version == \"3.6\" or python_version == \"3.7\""} +importlib-metadata = {version = ">=0.23,<5", markers = "python_version == \"3.6\" or python_version == \"3.7\""} [package.extras] test = ["coverage", "flake8", "pexpect", "wheel"] @@ -36,20 +36,20 @@ tests_no_zope = ["coverage[toml] (>=5.0.2)", "hypothesis", "pympler", "pytest (> [[package]] name = "boto3" -version = "1.17.33" +version = "1.17.57" description = "The AWS SDK for Python" category = "dev" optional = false python-versions = ">= 2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" [package.dependencies] -botocore = ">=1.20.33,<1.21.0" +botocore = ">=1.20.57,<1.21.0" jmespath = ">=0.7.1,<1.0.0" -s3transfer = ">=0.3.0,<0.4.0" +s3transfer = ">=0.4.0,<0.5.0" [[package]] name = "botocore" -version = "1.20.33" +version = "1.20.57" description = "Low-level, data-driven core of boto 3." category = "dev" optional = false @@ -61,11 +61,11 @@ python-dateutil = ">=2.1,<3.0.0" urllib3 = ">=1.25.4,<1.27" [package.extras] -crt = ["awscrt (==0.10.8)"] +crt = ["awscrt (==0.11.11)"] [[package]] name = "c7n" -version = "0.9.11" +version = "0.9.12" description = "Cloud Custodian - Policy Rules Engine" category = "dev" optional = false @@ -76,7 +76,6 @@ develop = true argcomplete = "^1.11.1" boto3 = "^1.12.31" importlib-metadata = ">1.7.0;python_version<3.8" -jsonpickle = "1.3" jsonschema = "^3.2.0" python-dateutil = "^2.8.1" pyyaml = "^5.3" @@ -120,7 +119,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" [[package]] name = "google-auth" -version = "1.28.0" +version = "1.29.0" description = "Google Authentication Library" category = "main" optional = false @@ -135,6 +134,7 @@ six = ">=1.9.0" [package.extras] aiohttp = ["aiohttp (>=3.6.2,<4.0.0dev)"] pyopenssl = ["pyopenssl (>=20.0.0)"] +reauth = ["pyu2f (>=0.1.5)"] [[package]] name = "idna" @@ -146,7 +146,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" [[package]] name = "importlib-metadata" -version = "3.7.3" +version = "4.0.1" description = "Read metadata from Python packages" category = "dev" optional = false @@ -158,7 +158,7 @@ zipp = ">=0.5" [package.extras] docs = ["sphinx", "jaraco.packaging (>=8.2)", "rst.linker (>=1.9)"] -testing = ["pytest (>=3.5,!=3.7.3)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pytest-cov", "pytest-enabler", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] +testing = ["pytest (>=4.6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-cov", "pytest-enabler (>=1.0.1)", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] [[package]] name = "iniconfig" @@ -176,14 +176,6 @@ category = "dev" optional = false python-versions = ">=2.6, !=3.0.*, !=3.1.*, !=3.2.*" -[[package]] -name = "jsonpickle" -version = "1.3" -description = "Python library for serializing any arbitrary object graph into JSON" -category = "dev" -optional = false -python-versions = "*" - [[package]] name = "jsonschema" version = "3.2.0" @@ -224,14 +216,6 @@ websocket-client = ">=0.32.0,<0.40.0 || >0.40.0,<0.41.0 || >=0.43.0" [package.extras] adal = ["adal (>=1.0.2)"] -[[package]] -name = "more-itertools" -version = "8.7.0" -description = "More routines for operating on iterables, beyond itertools" -category = "dev" -optional = false -python-versions = ">=3.5" - [[package]] name = "multidict" version = "5.1.0" @@ -323,26 +307,24 @@ python-versions = ">=3.5" [[package]] name = "pytest" -version = "6.0.2" +version = "6.2.3" description = "pytest: simple powerful testing with Python" category = "dev" optional = false -python-versions = ">=3.5" +python-versions = ">=3.6" [package.dependencies] atomicwrites = {version = ">=1.0", markers = "sys_platform == \"win32\""} -attrs = ">=17.4.0" +attrs = ">=19.2.0" colorama = {version = "*", markers = "sys_platform == \"win32\""} importlib-metadata = {version = ">=0.12", markers = "python_version < \"3.8\""} iniconfig = "*" -more-itertools = ">=4.0.0" packaging = "*" -pluggy = ">=0.12,<1.0" +pluggy = ">=0.12,<1.0.0a1" py = ">=1.8.2" toml = "*" [package.extras] -checkqa_mypy = ["mypy (==0.780)"] testing = ["argcomplete", "hypothesis (>=3.56)", "mock", "nose", "requests", "xmlschema"] [[package]] @@ -410,7 +392,7 @@ pyasn1 = ">=0.1.3" [[package]] name = "s3transfer" -version = "0.3.6" +version = "0.4.2" description = "An Amazon S3 Transfer Manager" category = "dev" optional = false @@ -419,6 +401,9 @@ python-versions = "*" [package.dependencies] botocore = ">=1.12.36,<2.0a.0" +[package.extras] +crt = ["botocore[crt] (>=1.20.29,<2.0a.0)"] + [[package]] name = "six" version = "1.15.0" @@ -528,12 +513,12 @@ testing = ["pytest (>=4.6)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pyt [metadata] lock-version = "1.1" python-versions = "^3.6" -content-hash = "1317e2fb13f11513874877778e288d350280385692d0f0b1ed87709a267149f6" +content-hash = "5a2cc5bd6e6b95ff5c56d11c63e877bbe98ae6694448326d210f2956e7b8c3f3" [metadata.files] argcomplete = [ - {file = "argcomplete-1.12.2-py2.py3-none-any.whl", hash = "sha256:17f01a9b9b9ece3e6b07058eae737ad6e10de8b4e149105f84614783913aba71"}, - {file = "argcomplete-1.12.2.tar.gz", hash = "sha256:de0e1282330940d52ea92a80fea2e4b9e0da1932aaa570f84d268939d1897b04"}, + {file = "argcomplete-1.12.3-py2.py3-none-any.whl", hash = "sha256:291f0beca7fd49ce285d2f10e4c1c77e9460cf823eef2de54df0c0fec88b0d81"}, + {file = "argcomplete-1.12.3.tar.gz", hash = "sha256:2c7dbffd8c045ea534921e63b0be6fe65e88599990d8dc408ac8c542b72a5445"}, ] atomicwrites = [ {file = "atomicwrites-1.4.0-py2.py3-none-any.whl", hash = "sha256:6d1784dea7c0c8d4a5172b6c620f40b6e4cbfdf96d783691f2e1302a7b88e197"}, @@ -544,12 +529,12 @@ attrs = [ {file = "attrs-20.3.0.tar.gz", hash = "sha256:832aa3cde19744e49938b91fea06d69ecb9e649c93ba974535d08ad92164f700"}, ] boto3 = [ - {file = "boto3-1.17.33-py2.py3-none-any.whl", hash = "sha256:3306dad87f993703b102a0a70ca19c549b7f41e7f70fa7b4c579735c9f79351d"}, - {file = "boto3-1.17.33.tar.gz", hash = "sha256:0cac2fffc1ba915f7bb5ecee539318532db51f218c928a228fafe3e501e9472e"}, + {file = "boto3-1.17.57-py2.py3-none-any.whl", hash = "sha256:2783947ec34dd84fc36093e8fc8a9a24679cf912a97bc9a0c47f4966ed059a29"}, + {file = "boto3-1.17.57.tar.gz", hash = "sha256:6b4a79691a48740816f03c4cb1e8ef46f8335ad2019d9c4a95da73eb5cb98f05"}, ] botocore = [ - {file = "botocore-1.20.33-py2.py3-none-any.whl", hash = "sha256:a33e862685259fe22d9790d9c9f3567feda8b824d44d3c62a3617af1133543a4"}, - {file = "botocore-1.20.33.tar.gz", hash = "sha256:e355305309699d3aca1e0050fc21d48595b40db046cb0d2491cd57ff5b26920b"}, + {file = "botocore-1.20.57-py2.py3-none-any.whl", hash = "sha256:fa430bc773363a3d332c11c55bd8c0c0a5819d576121eb6990528a1bdaa89bcd"}, + {file = "botocore-1.20.57.tar.gz", hash = "sha256:ae4ac72921f23d35ad54a5fb0989fc00c6fff8a39e24f26128b9315cc6209fec"}, ] c7n = [] cachetools = [ @@ -569,16 +554,16 @@ colorama = [ {file = "colorama-0.4.4.tar.gz", hash = "sha256:5941b2b48a20143d2267e95b1c2a7603ce057ee39fd88e7329b0c292aa16869b"}, ] google-auth = [ - {file = "google-auth-1.28.0.tar.gz", hash = "sha256:9bd436d19ab047001a1340720d2b629eb96dd503258c524921ec2af3ee88a80e"}, - {file = "google_auth-1.28.0-py2.py3-none-any.whl", hash = "sha256:dcaba3aa9d4e0e96fd945bf25a86b6f878fcb05770b67adbeb50a63ca4d28a5e"}, + {file = "google-auth-1.29.0.tar.gz", hash = "sha256:010f011c4e27d3d5eb01106fba6aac39d164842dfcd8709955c4638f5b11ccf8"}, + {file = "google_auth-1.29.0-py2.py3-none-any.whl", hash = "sha256:f30a672a64d91cc2e3137765d088c5deec26416246f7a9e956eaf69a8d7ed49c"}, ] idna = [ {file = "idna-2.10-py2.py3-none-any.whl", hash = "sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0"}, {file = "idna-2.10.tar.gz", hash = "sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6"}, ] importlib-metadata = [ - {file = "importlib_metadata-3.7.3-py3-none-any.whl", hash = "sha256:b74159469b464a99cb8cc3e21973e4d96e05d3024d337313fedb618a6e86e6f4"}, - {file = "importlib_metadata-3.7.3.tar.gz", hash = "sha256:742add720a20d0467df2f444ae41704000f50e1234f46174b51f9c6031a1bd71"}, + {file = "importlib_metadata-4.0.1-py3-none-any.whl", hash = "sha256:d7eb1dea6d6a6086f8be21784cc9e3bcfa55872b52309bc5fad53a8ea444465d"}, + {file = "importlib_metadata-4.0.1.tar.gz", hash = "sha256:8c501196e49fb9df5df43833bdb1e4328f64847763ec8a50703148b73784d581"}, ] iniconfig = [ {file = "iniconfig-1.1.1-py2.py3-none-any.whl", hash = "sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3"}, @@ -588,10 +573,6 @@ jmespath = [ {file = "jmespath-0.10.0-py2.py3-none-any.whl", hash = "sha256:cdf6525904cc597730141d61b36f2e4b8ecc257c420fa2f4549bac2c2d0cb72f"}, {file = "jmespath-0.10.0.tar.gz", hash = "sha256:b85d0567b8666149a93172712e68920734333c0ce7e89b78b3e987f71e5ed4f9"}, ] -jsonpickle = [ - {file = "jsonpickle-1.3-py2.py3-none-any.whl", hash = "sha256:efc6839cb341985f0c24f98650a4c1063a2877c236ffd3d7e1662f0c482bac93"}, - {file = "jsonpickle-1.3.tar.gz", hash = "sha256:71bca2b80ae28af4e3f86629ef247100af7f97032b5ca8d791c1f8725b411d95"}, -] jsonschema = [ {file = "jsonschema-3.2.0-py2.py3-none-any.whl", hash = "sha256:4e5b3cf8216f577bee9ce139cbe72eca3ea4f292ec60928ff24758ce626cd163"}, {file = "jsonschema-3.2.0.tar.gz", hash = "sha256:c8a85b28d377cc7737e46e2d9f2b4f44ee3c0e1deac6bf46ddefc7187d30797a"}, @@ -600,10 +581,6 @@ kubernetes = [ {file = "kubernetes-10.0.1-py2.py3-none-any.whl", hash = "sha256:a6dee02a1b39ea4bb9c4c2cc415ea0ada33d8ea0a920f7d4fb6d166989dcac01"}, {file = "kubernetes-10.0.1.tar.gz", hash = "sha256:3770a496663396ad1def665eeadb947b3f45217a08b64b10c01a57e981ac8592"}, ] -more-itertools = [ - {file = "more-itertools-8.7.0.tar.gz", hash = "sha256:c5d6da9ca3ff65220c3bfd2a8db06d698f05d4d2b9be57e1deb2be5a45019713"}, - {file = "more_itertools-8.7.0-py3-none-any.whl", hash = "sha256:5652a9ac72209ed7df8d9c15daf4e1aa0e3d2ccd3c87f8265a0673cd9cbc9ced"}, -] multidict = [ {file = "multidict-5.1.0-cp36-cp36m-macosx_10_14_x86_64.whl", hash = "sha256:b7993704f1a4b204e71debe6095150d43b2ee6150fa4f44d6d966ec356a8d61f"}, {file = "multidict-5.1.0-cp36-cp36m-manylinux1_i686.whl", hash = "sha256:9dd6e9b1a913d096ac95d0399bd737e00f2af1e1594a787e00f7975778c8b2bf"}, @@ -697,8 +674,8 @@ pyrsistent = [ {file = "pyrsistent-0.17.3.tar.gz", hash = "sha256:2e636185d9eb976a18a8a8e96efce62f2905fea90041958d8cc2a189756ebf3e"}, ] pytest = [ - {file = "pytest-6.0.2-py3-none-any.whl", hash = "sha256:0e37f61339c4578776e090c3b8f6b16ce4db333889d65d0efb305243ec544b40"}, - {file = "pytest-6.0.2.tar.gz", hash = "sha256:c8f57c2a30983f469bf03e68cdfa74dc474ce56b8f280ddcb080dfd91df01043"}, + {file = "pytest-6.2.3-py3-none-any.whl", hash = "sha256:6ad9c7bdf517a808242b998ac20063c41532a570d088d77eec1ee12b0b5574bc"}, + {file = "pytest-6.2.3.tar.gz", hash = "sha256:671238a46e4df0f3498d1c3270e5deb9b32d25134c99b7d75370a68cfbe9b634"}, ] python-dateutil = [ {file = "python-dateutil-2.8.1.tar.gz", hash = "sha256:73ebfe9dbf22e832286dafa60473e4cd239f8592f699aa5adaf10050e6e1823c"}, @@ -741,8 +718,8 @@ rsa = [ {file = "rsa-4.7.2.tar.gz", hash = "sha256:9d689e6ca1b3038bc82bf8d23e944b6b6037bc02301a574935b2dd946e0353b9"}, ] s3transfer = [ - {file = "s3transfer-0.3.6-py2.py3-none-any.whl", hash = "sha256:5d48b1fd2232141a9d5fb279709117aaba506cacea7f86f11bc392f06bfa8fc2"}, - {file = "s3transfer-0.3.6.tar.gz", hash = "sha256:c5dadf598762899d8cfaecf68eba649cd25b0ce93b6c954b156aaa3eed160547"}, + {file = "s3transfer-0.4.2-py2.py3-none-any.whl", hash = "sha256:9b3752887a2880690ce628bc263d6d13a3864083aeacff4890c1c9839a5eb0bc"}, + {file = "s3transfer-0.4.2.tar.gz", hash = "sha256:cb022f4b16551edebbb31a377d3f09600dbada7363d8c5db7976e7f47732e1b2"}, ] six = [ {file = "six-1.15.0-py2.py3-none-any.whl", hash = "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced"}, diff --git a/tools/c7n_kube/pyproject.toml b/tools/c7n_kube/pyproject.toml index c38704ccc8c..ac57268f00c 100644 --- a/tools/c7n_kube/pyproject.toml +++ b/tools/c7n_kube/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "c7n_kube" -version = "0.2.10" +version = "0.2.11" description = "Cloud Custodian - Kubernetes Provider" readme = "readme.md" homepage = "https://cloudcustodian.io" @@ -9,6 +9,7 @@ documentation = "https://cloudcustodian.io/docs/" authors = ["Cloud Custodian Project"] license = "Apache-2.0" classifiers = [ + "License :: OSI Approved :: Apache Software License", "Topic :: System :: Systems Administration", "Topic :: System :: Distributed Computing" ] @@ -19,7 +20,7 @@ kubernetes = "^10.0.1" [tool.poetry.dev-dependencies] c7n = {path = "../..", develop = true} -pytest = "~6.0.0" +pytest = "^6.0.0" vcrpy = "^4.0.2" [build-system] diff --git a/tools/c7n_kube/requirements.txt b/tools/c7n_kube/requirements.txt index 83919fc2f76..34e68cd7a54 100644 --- a/tools/c7n_kube/requirements.txt +++ b/tools/c7n_kube/requirements.txt @@ -1,7 +1,7 @@ cachetools==4.2.1; python_version >= "3.5" and python_version < "4.0" and (python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0") certifi==2020.12.5; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" chardet==4.0.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" -google-auth==1.28.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" +google-auth==1.29.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" idna==2.10; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" kubernetes==10.0.1 oauthlib==3.1.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" diff --git a/tools/c7n_kube/setup.py b/tools/c7n_kube/setup.py index 76af377db05..c44be913b23 100644 --- a/tools/c7n_kube/setup.py +++ b/tools/c7n_kube/setup.py @@ -14,20 +14,19 @@ {'': ['*']} install_requires = \ -['argcomplete (>=1.12.2,<2.0.0)', +['argcomplete (>=1.12.3,<2.0.0)', 'attrs (>=20.3.0,<21.0.0)', - 'boto3 (>=1.17.33,<2.0.0)', - 'botocore (>=1.20.33,<2.0.0)', - 'c7n (>=0.9.11,<0.10.0)', - 'importlib-metadata (>=3.7.3,<4.0.0)', + 'boto3 (>=1.17.57,<2.0.0)', + 'botocore (>=1.20.57,<2.0.0)', + 'c7n (>=0.9.12,<0.10.0)', + 'importlib-metadata (>=4.0.1,<5.0.0)', 'jmespath (>=0.10.0,<0.11.0)', - 'jsonpickle (>=1.3,<2.0)', 'jsonschema (>=3.2.0,<4.0.0)', 'kubernetes>=10.0.1,<11.0.0', 'pyrsistent (>=0.17.3,<0.18.0)', 'python-dateutil (>=2.8.1,<3.0.0)', 'pyyaml (>=5.4.1,<6.0.0)', - 's3transfer (>=0.3.6,<0.4.0)', + 's3transfer (>=0.4.2,<0.5.0)', 'six (>=1.15.0,<2.0.0)', 'tabulate (>=0.8.9,<0.9.0)', 'typing-extensions (>=3.7.4.3,<4.0.0.0)', @@ -36,8 +35,14 @@ setup_kwargs = { 'name': 'c7n-kube', - 'version': '0.2.10', + 'version': '0.2.11', 'description': 'Cloud Custodian - Kubernetes Provider', + 'license': 'Apache-2.0', + 'classifiers': [ + 'License :: OSI Approved :: Apache Software License', + 'Topic :: System :: Systems Administration', + 'Topic :: System :: Distributed Computing' + ], 'long_description': '# Custodian Kubernetes Support\n\n\nWork in Progress - Not Ready For Use.\n\n', 'long_description_content_type': 'text/markdown', 'author': 'Cloud Custodian Project', diff --git a/tools/c7n_logexporter/poetry.lock b/tools/c7n_logexporter/poetry.lock index b440bafb083..3fd4d687220 100644 --- a/tools/c7n_logexporter/poetry.lock +++ b/tools/c7n_logexporter/poetry.lock @@ -1,13 +1,13 @@ [[package]] name = "argcomplete" -version = "1.12.2" +version = "1.12.3" description = "Bash tab completion for argparse" category = "dev" optional = false python-versions = "*" [package.dependencies] -importlib-metadata = {version = ">=0.23,<4", markers = "python_version == \"3.6\" or python_version == \"3.7\""} +importlib-metadata = {version = ">=0.23,<5", markers = "python_version == \"3.6\" or python_version == \"3.7\""} [package.extras] test = ["coverage", "flake8", "pexpect", "wheel"] @@ -28,20 +28,20 @@ tests_no_zope = ["coverage[toml] (>=5.0.2)", "hypothesis", "pympler", "pytest (> [[package]] name = "boto3" -version = "1.17.33" +version = "1.17.57" description = "The AWS SDK for Python" category = "dev" optional = false python-versions = ">= 2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" [package.dependencies] -botocore = ">=1.20.33,<1.21.0" +botocore = ">=1.20.57,<1.21.0" jmespath = ">=0.7.1,<1.0.0" -s3transfer = ">=0.3.0,<0.4.0" +s3transfer = ">=0.4.0,<0.5.0" [[package]] name = "botocore" -version = "1.20.33" +version = "1.20.57" description = "Low-level, data-driven core of boto 3." category = "dev" optional = false @@ -53,11 +53,11 @@ python-dateutil = ">=2.1,<3.0.0" urllib3 = ">=1.25.4,<1.27" [package.extras] -crt = ["awscrt (==0.10.8)"] +crt = ["awscrt (==0.11.11)"] [[package]] name = "c7n" -version = "0.9.11" +version = "0.9.12" description = "Cloud Custodian - Policy Rules Engine" category = "dev" optional = false @@ -68,7 +68,6 @@ develop = true argcomplete = "^1.11.1" boto3 = "^1.12.31" importlib-metadata = ">1.7.0;python_version<3.8" -jsonpickle = "1.3" jsonschema = "^3.2.0" python-dateutil = "^2.8.1" pyyaml = "^5.3" @@ -88,7 +87,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" [[package]] name = "importlib-metadata" -version = "3.7.3" +version = "4.0.1" description = "Read metadata from Python packages" category = "dev" optional = false @@ -100,7 +99,7 @@ zipp = ">=0.5" [package.extras] docs = ["sphinx", "jaraco.packaging (>=8.2)", "rst.linker (>=1.9)"] -testing = ["pytest (>=3.5,!=3.7.3)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pytest-cov", "pytest-enabler", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] +testing = ["pytest (>=4.6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-cov", "pytest-enabler (>=1.0.1)", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] [[package]] name = "jmespath" @@ -110,14 +109,6 @@ category = "dev" optional = false python-versions = ">=2.6, !=3.0.*, !=3.1.*, !=3.2.*" -[[package]] -name = "jsonpickle" -version = "1.3" -description = "Python library for serializing any arbitrary object graph into JSON" -category = "dev" -optional = false -python-versions = "*" - [[package]] name = "jsonschema" version = "3.2.0" @@ -165,7 +156,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" [[package]] name = "s3transfer" -version = "0.3.6" +version = "0.4.2" description = "An Amazon S3 Transfer Manager" category = "dev" optional = false @@ -174,6 +165,9 @@ python-versions = "*" [package.dependencies] botocore = ">=1.12.36,<2.0a.0" +[package.extras] +crt = ["botocore[crt] (>=1.20.29,<2.0a.0)"] + [[package]] name = "six" version = "1.15.0" @@ -233,20 +227,20 @@ content-hash = "5b44828a798b7f0748ca1954487c3ee43dde75bb63538af5df382bf0ba7da008 [metadata.files] argcomplete = [ - {file = "argcomplete-1.12.2-py2.py3-none-any.whl", hash = "sha256:17f01a9b9b9ece3e6b07058eae737ad6e10de8b4e149105f84614783913aba71"}, - {file = "argcomplete-1.12.2.tar.gz", hash = "sha256:de0e1282330940d52ea92a80fea2e4b9e0da1932aaa570f84d268939d1897b04"}, + {file = "argcomplete-1.12.3-py2.py3-none-any.whl", hash = "sha256:291f0beca7fd49ce285d2f10e4c1c77e9460cf823eef2de54df0c0fec88b0d81"}, + {file = "argcomplete-1.12.3.tar.gz", hash = "sha256:2c7dbffd8c045ea534921e63b0be6fe65e88599990d8dc408ac8c542b72a5445"}, ] attrs = [ {file = "attrs-20.3.0-py2.py3-none-any.whl", hash = "sha256:31b2eced602aa8423c2aea9c76a724617ed67cf9513173fd3a4f03e3a929c7e6"}, {file = "attrs-20.3.0.tar.gz", hash = "sha256:832aa3cde19744e49938b91fea06d69ecb9e649c93ba974535d08ad92164f700"}, ] boto3 = [ - {file = "boto3-1.17.33-py2.py3-none-any.whl", hash = "sha256:3306dad87f993703b102a0a70ca19c549b7f41e7f70fa7b4c579735c9f79351d"}, - {file = "boto3-1.17.33.tar.gz", hash = "sha256:0cac2fffc1ba915f7bb5ecee539318532db51f218c928a228fafe3e501e9472e"}, + {file = "boto3-1.17.57-py2.py3-none-any.whl", hash = "sha256:2783947ec34dd84fc36093e8fc8a9a24679cf912a97bc9a0c47f4966ed059a29"}, + {file = "boto3-1.17.57.tar.gz", hash = "sha256:6b4a79691a48740816f03c4cb1e8ef46f8335ad2019d9c4a95da73eb5cb98f05"}, ] botocore = [ - {file = "botocore-1.20.33-py2.py3-none-any.whl", hash = "sha256:a33e862685259fe22d9790d9c9f3567feda8b824d44d3c62a3617af1133543a4"}, - {file = "botocore-1.20.33.tar.gz", hash = "sha256:e355305309699d3aca1e0050fc21d48595b40db046cb0d2491cd57ff5b26920b"}, + {file = "botocore-1.20.57-py2.py3-none-any.whl", hash = "sha256:fa430bc773363a3d332c11c55bd8c0c0a5819d576121eb6990528a1bdaa89bcd"}, + {file = "botocore-1.20.57.tar.gz", hash = "sha256:ae4ac72921f23d35ad54a5fb0989fc00c6fff8a39e24f26128b9315cc6209fec"}, ] c7n = [] click = [ @@ -254,17 +248,13 @@ click = [ {file = "click-7.1.2.tar.gz", hash = "sha256:d2b5255c7c6349bc1bd1e59e08cd12acbbd63ce649f2588755783aa94dfb6b1a"}, ] importlib-metadata = [ - {file = "importlib_metadata-3.7.3-py3-none-any.whl", hash = "sha256:b74159469b464a99cb8cc3e21973e4d96e05d3024d337313fedb618a6e86e6f4"}, - {file = "importlib_metadata-3.7.3.tar.gz", hash = "sha256:742add720a20d0467df2f444ae41704000f50e1234f46174b51f9c6031a1bd71"}, + {file = "importlib_metadata-4.0.1-py3-none-any.whl", hash = "sha256:d7eb1dea6d6a6086f8be21784cc9e3bcfa55872b52309bc5fad53a8ea444465d"}, + {file = "importlib_metadata-4.0.1.tar.gz", hash = "sha256:8c501196e49fb9df5df43833bdb1e4328f64847763ec8a50703148b73784d581"}, ] jmespath = [ {file = "jmespath-0.10.0-py2.py3-none-any.whl", hash = "sha256:cdf6525904cc597730141d61b36f2e4b8ecc257c420fa2f4549bac2c2d0cb72f"}, {file = "jmespath-0.10.0.tar.gz", hash = "sha256:b85d0567b8666149a93172712e68920734333c0ce7e89b78b3e987f71e5ed4f9"}, ] -jsonpickle = [ - {file = "jsonpickle-1.3-py2.py3-none-any.whl", hash = "sha256:efc6839cb341985f0c24f98650a4c1063a2877c236ffd3d7e1662f0c482bac93"}, - {file = "jsonpickle-1.3.tar.gz", hash = "sha256:71bca2b80ae28af4e3f86629ef247100af7f97032b5ca8d791c1f8725b411d95"}, -] jsonschema = [ {file = "jsonschema-3.2.0-py2.py3-none-any.whl", hash = "sha256:4e5b3cf8216f577bee9ce139cbe72eca3ea4f292ec60928ff24758ce626cd163"}, {file = "jsonschema-3.2.0.tar.gz", hash = "sha256:c8a85b28d377cc7737e46e2d9f2b4f44ee3c0e1deac6bf46ddefc7187d30797a"}, @@ -300,8 +290,8 @@ pyyaml = [ {file = "PyYAML-5.4.1.tar.gz", hash = "sha256:607774cbba28732bfa802b54baa7484215f530991055bb562efbed5b2f20a45e"}, ] s3transfer = [ - {file = "s3transfer-0.3.6-py2.py3-none-any.whl", hash = "sha256:5d48b1fd2232141a9d5fb279709117aaba506cacea7f86f11bc392f06bfa8fc2"}, - {file = "s3transfer-0.3.6.tar.gz", hash = "sha256:c5dadf598762899d8cfaecf68eba649cd25b0ce93b6c954b156aaa3eed160547"}, + {file = "s3transfer-0.4.2-py2.py3-none-any.whl", hash = "sha256:9b3752887a2880690ce628bc263d6d13a3864083aeacff4890c1c9839a5eb0bc"}, + {file = "s3transfer-0.4.2.tar.gz", hash = "sha256:cb022f4b16551edebbb31a377d3f09600dbada7363d8c5db7976e7f47732e1b2"}, ] six = [ {file = "six-1.15.0-py2.py3-none-any.whl", hash = "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced"}, diff --git a/tools/c7n_logexporter/pyproject.toml b/tools/c7n_logexporter/pyproject.toml index d2f8b7c7de0..5479191d70e 100644 --- a/tools/c7n_logexporter/pyproject.toml +++ b/tools/c7n_logexporter/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "c7n_logexporter" -version = "0.4.10" +version = "0.4.11" description = "Cloud Custodian - Cloud Watch Log S3 exporter" readme = "README.md" homepage = "https://cloudcustodian.io" @@ -9,6 +9,7 @@ documentation = "https://cloudcustodian.io/docs/" authors = ["Cloud Custodian Project"] license = "Apache-2.0" classifiers = [ + "License :: OSI Approved :: Apache Software License", "Topic :: System :: Systems Administration", "Topic :: System :: Distributed Computing" ] diff --git a/tools/c7n_logexporter/setup.py b/tools/c7n_logexporter/setup.py index e3f3079d586..a0992308297 100644 --- a/tools/c7n_logexporter/setup.py +++ b/tools/c7n_logexporter/setup.py @@ -10,20 +10,19 @@ {'': ['*']} install_requires = \ -['argcomplete (>=1.12.2,<2.0.0)', +['argcomplete (>=1.12.3,<2.0.0)', 'attrs (>=20.3.0,<21.0.0)', - 'boto3 (>=1.17.33,<2.0.0)', - 'botocore (>=1.20.33,<2.0.0)', - 'c7n (>=0.9.11,<0.10.0)', + 'boto3 (>=1.17.57,<2.0.0)', + 'botocore (>=1.20.57,<2.0.0)', + 'c7n (>=0.9.12,<0.10.0)', 'click>=7.0,<8.0', - 'importlib-metadata (>=3.7.3,<4.0.0)', + 'importlib-metadata (>=4.0.1,<5.0.0)', 'jmespath (>=0.10.0,<0.11.0)', - 'jsonpickle (>=1.3,<2.0)', 'jsonschema (>=3.2.0,<4.0.0)', 'pyrsistent (>=0.17.3,<0.18.0)', 'python-dateutil (>=2.8.1,<3.0.0)', 'pyyaml (>=5.4.1,<6.0.0)', - 's3transfer (>=0.3.6,<0.4.0)', + 's3transfer (>=0.4.2,<0.5.0)', 'six (>=1.15.0,<2.0.0)', 'tabulate (>=0.8.9,<0.9.0)', 'typing-extensions (>=3.7.4.3,<4.0.0.0)', @@ -35,8 +34,14 @@ setup_kwargs = { 'name': 'c7n-logexporter', - 'version': '0.4.10', + 'version': '0.4.11', 'description': 'Cloud Custodian - Cloud Watch Log S3 exporter', + 'license': 'Apache-2.0', + 'classifiers': [ + 'License :: OSI Approved :: Apache Software License', + 'Topic :: System :: Systems Administration', + 'Topic :: System :: Distributed Computing' + ], 'long_description': '# c7n-log-exporter: Cloud watch log exporter automation\n\nA small serverless app to archive cloud logs across accounts to an archive bucket. It utilizes\ncloud log export to s3 feature for historical exports.\n\nIt also supports kinesis streams / firehose to move to realtime exports in the same format\nas the periodic historical exports.\n\n\n## Features\n\n - Log group filtering by regex\n - Incremental support based on previously synced dates\n - Incremental support based on last log group write time\n - Cross account via sts role assume\n - Lambda and CLI support.\n - Day based log segmentation (output keys look\n like $prefix/$account_id/$group/$year/$month/$day/$export_task_uuid/$stream/$log)\n \n\n## Assumptions\n\n - The archive bucket has already has appropriate bucket policy permissions.\n For details see:\n https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/S3ExportTasks.html#S3Permissions\n - Default periodicity for log group archival into s3 is daily.\n - Exporter is run with account credentials that have access to the archive s3 bucket.\n - Catch up archiving is not run in lambda (do a cli run first)\n\n\n## Cli usage\n\n```\nmake install\n```\n\nYou can run on a single account / log group via the export subcommand\n```\nc7n-log-exporter export --help\n```\n\n## Config format\n\nTo ease usage when running across multiple accounts, a config file can be specified, as\nan example.\n\n```\ndestination:\n bucket: custodian-log-archive\n prefix: logs2\n\naccounts:\n - name: custodian-demo\n role: "arn:aws:iam::111111111111:role/CloudCustodianRole"\n groups:\n - "/aws/lambda/*"\n - "vpc-flow-logs"\n```\n\n## Multiple accounts via cli\n\nTo run on the cli across multiple accounts, edit the config.yml to specify multiple\naccounts and log groups.\n\n```\nc7n-log-exporter run --config config.yml\n```\n\n## Serverless Usage\n\nEdit config.yml to specify the accounts, archive bucket, and log groups you want to\nuse.\n\n```\nmake install\nmake deploy\n```\n\n', 'long_description_content_type': 'text/markdown', 'author': 'Cloud Custodian Project', diff --git a/tools/c7n_mailer/README.md b/tools/c7n_mailer/README.md index 93b376af527..cb1631c58a7 100644 --- a/tools/c7n_mailer/README.md +++ b/tools/c7n_mailer/README.md @@ -177,13 +177,13 @@ Slack integration for the mailer supports several flavors of messaging, listed b | Requires `slack_token` | Key | Type | Notes | |:---------------------------:|:--------------------------------------------------------------------------------|:-------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------| | No | `https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX` | string | **(PREFERRED)** Send to an [incoming webhook](https://api.slack.com/incoming-webhooks) (the channel is defined in the webhook) | -| Yes | `slack://owners` | string | Send to the recipient list generated within email delivery logic | +| Yes | `slack://owners` | string | Send to the specified owner of an item as indicated by the owner contact in the configuration document | | Yes | `slack://foo@bar.com` | string | Send to the recipient specified by email address foo@bar.com | | Yes | `slack://#custodian-test` | string | Send to the Slack channel indicated in string, i.e. #custodian-test | | No | `slack://webhook/#c7n-webhook-test` | string | **(DEPRECATED)** Send to a Slack webhook; appended with the target channel. **IMPORTANT**: *This requires a `slack_webhook` value defined in the `mailer.yml`.* | | Yes | `slack://tag/resource-tag` | string | Send to target found in resource tag. Example of value in tag: https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX | -Slack delivery can also be set via a resource's tag name. For example, using "slack://tag/slack_channel" will look for a tag name of 'slack_channel', and if matched on a resource will deliver the message to the value of that resource's tag: +Slack delivery can also be set via a resource's tag name. For example, using "slack://tag/slack_channel" will look for a tag name of 'slack_channel', and if matched on a resource will deliver the message to the value of the first resource with that tag: `slack_channel:https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX` diff --git a/tools/c7n_mailer/c7n_mailer/ldap_lookup.py b/tools/c7n_mailer/c7n_mailer/ldap_lookup.py index b1abf12a20d..606eb744f9e 100644 --- a/tools/c7n_mailer/c7n_mailer/ldap_lookup.py +++ b/tools/c7n_mailer/c7n_mailer/ldap_lookup.py @@ -35,7 +35,7 @@ def __init__(self, config, logger): redis_host = config.get('redis_host') redis_port = int(config.get('redis_port', 6379)) self.caching = self.get_redis_connection(redis_host, redis_port) - elif self.cache_engine == 'sqlite': + elif self.cache_engine == 'sqlite': # nosec if not have_sqlite: raise RuntimeError('No sqlite available: stackoverflow.com/q/44058239') self.caching = LocalSqlite(config.get('ldap_cache_file', '/var/tmp/ldap.cache'), logger) diff --git a/tools/c7n_mailer/c7n_mailer/msg-templates/slack_default.j2 b/tools/c7n_mailer/c7n_mailer/msg-templates/slack_default.j2 index eb4fd863543..2b3dd2656fc 100644 --- a/tools/c7n_mailer/c7n_mailer/msg-templates/slack_default.j2 +++ b/tools/c7n_mailer/c7n_mailer/msg-templates/slack_default.j2 @@ -33,5 +33,6 @@ {%- if not recipient.startswith('https://') %} "channel":"{{ recipient }}", {%- endif -%} - "username":"Custodian" + "username":"Custodian" {#This line determines which message system private messages are sent through#} + {#if it is there it will be sent though Slackbot, if it is missing it is sent through the app under the app section#} } diff --git a/tools/c7n_mailer/c7n_mailer/slack_delivery.py b/tools/c7n_mailer/c7n_mailer/slack_delivery.py index 20e95254a4e..ce0774724a5 100644 --- a/tools/c7n_mailer/c7n_mailer/slack_delivery.py +++ b/tools/c7n_mailer/c7n_mailer/slack_delivery.py @@ -33,22 +33,36 @@ def get_to_addrs_slack_messages_map(self, sqs_message): # Check for Slack targets in 'to' action and render appropriate template. for target in sqs_message.get('action', ()).get('to'): if target == 'slack://owners': - to_addrs_to_resources_map = \ - self.email_handler.get_email_to_addrs_to_resources_map(sqs_message) - for to_addrs, resources in to_addrs_to_resources_map.items(): - - resolved_addrs = self.retrieve_user_im(list(to_addrs)) - - if not resolved_addrs: - continue - + # target_tags = sqs_message.get('action', ()).get('owner_tag') + target_tags = self.config.get('contact_tags', []) + resource_groups = {} + for resource_item in resource_list: + # Look through the tags that exist in the config file for owners + for target_tag in target_tags: + new_owner = '' + for t in resource_item.get('Tags'): + if t.get('Key') == target_tag: + new_owner = t.get('Value') + if not new_owner == '': + # check that there is a valid email for the user if not + # add it to the default email + if "@" not in new_owner: + default_email = sqs_message.get('action', ()).get('default_email') + new_owner = new_owner + default_email + if new_owner not in resource_groups.keys(): + resource_groups[new_owner] = [resource_item] + else: + # This prevents double messages to the same person + if resource_item not in resource_groups.get(new_owner): + resource_groups.get(new_owner).append(resource_item) + # loop through all the values and send them off to the owners + for list_owner, value in resource_groups.items(): + resolved_addrs = self.retrieve_user_im([list_owner]) for address, slack_target in resolved_addrs.items(): slack_messages[address] = get_rendered_jinja( - slack_target, sqs_message, resources, + slack_target, sqs_message, value, self.logger, 'slack_template', 'slack_default', self.config['templates_folders']) - self.logger.debug( - "Generating messages for recipient list produced by resource owner resolution.") elif target.startswith('https://hooks.slack.com/'): slack_messages[target] = get_rendered_jinja( target, sqs_message, diff --git a/tools/c7n_mailer/c7n_mailer/utils.py b/tools/c7n_mailer/c7n_mailer/utils.py index f3d9618cd6c..fde000bbd1f 100644 --- a/tools/c7n_mailer/c7n_mailer/utils.py +++ b/tools/c7n_mailer/c7n_mailer/utils.py @@ -25,7 +25,7 @@ class Providers: def get_jinja_env(template_folders): - env = jinja2.Environment(trim_blocks=True, autoescape=False) + env = jinja2.Environment(trim_blocks=True, autoescape=False) # nosec nosemgrep env.filters['yaml_safe'] = functools.partial(yaml.safe_dump, default_flow_style=False) env.filters['date_time_format'] = date_time_format env.filters['get_date_time_delta'] = get_date_time_delta @@ -188,6 +188,12 @@ def resource_format(resource, resource_type): resource['Engine'], resource['EngineVersion']), resource['DBInstanceClass'], resource['AllocatedStorage']) + elif resource_type == 'rds-cluster': + return "%s %s %s" % ( + resource['DBClusterIdentifier'], + "%s-%s" % ( + resource['Engine'], resource['EngineVersion']), + resource['AllocatedStorage']) elif resource_type == 'asg': tag_map = {t['Key']: t['Value'] for t in resource.get('Tags', ())} return "%s %s %s" % ( diff --git a/tools/c7n_mailer/poetry.lock b/tools/c7n_mailer/poetry.lock index a855dd24671..ae9de18fe64 100644 --- a/tools/c7n_mailer/poetry.lock +++ b/tools/c7n_mailer/poetry.lock @@ -22,20 +22,20 @@ tests_no_zope = ["coverage[toml] (>=5.0.2)", "hypothesis", "pympler", "pytest (> [[package]] name = "boto3" -version = "1.17.33" +version = "1.17.57" description = "The AWS SDK for Python" category = "main" optional = false python-versions = ">= 2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" [package.dependencies] -botocore = ">=1.20.33,<1.21.0" +botocore = ">=1.20.57,<1.21.0" jmespath = ">=0.7.1,<1.0.0" -s3transfer = ">=0.3.0,<0.4.0" +s3transfer = ">=0.4.0,<0.5.0" [[package]] name = "botocore" -version = "1.20.33" +version = "1.20.57" description = "Low-level, data-driven core of boto 3." category = "main" optional = false @@ -47,7 +47,7 @@ python-dateutil = ">=2.1,<3.0.0" urllib3 = ">=1.25.4,<1.27" [package.extras] -crt = ["awscrt (==0.10.8)"] +crt = ["awscrt (==0.11.11)"] [[package]] name = "certifi" @@ -87,15 +87,15 @@ requests = ">=2.6.0" [[package]] name = "decorator" -version = "4.4.2" +version = "5.0.7" description = "Decorators for Humans" category = "main" optional = false -python-versions = ">=2.6, !=3.0.*, !=3.1.*" +python-versions = ">=3.5" [[package]] name = "fakeredis" -version = "1.4.5" +version = "1.5.0" description = "Fake implementation of redis API for testing purposes." category = "dev" optional = false @@ -120,7 +120,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" [[package]] name = "importlib-metadata" -version = "3.7.3" +version = "4.0.1" description = "Read metadata from Python packages" category = "main" optional = false @@ -132,7 +132,7 @@ zipp = ">=0.5" [package.extras] docs = ["sphinx", "jaraco.packaging (>=8.2)", "rst.linker (>=1.9)"] -testing = ["pytest (>=3.5,!=3.7.3)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pytest-cov", "pytest-enabler", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] +testing = ["pytest (>=4.6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-cov", "pytest-enabler (>=1.0.1)", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] [[package]] name = "iniconfig" @@ -220,14 +220,6 @@ category = "main" optional = false python-versions = ">=2.7,!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*" -[[package]] -name = "more-itertools" -version = "8.7.0" -description = "More routines for operating on iterables, beyond itertools" -category = "dev" -optional = false -python-versions = ">=3.5" - [[package]] name = "packaging" version = "20.9" @@ -287,26 +279,24 @@ python-versions = ">=3.5" [[package]] name = "pytest" -version = "6.0.2" +version = "6.2.3" description = "pytest: simple powerful testing with Python" category = "dev" optional = false -python-versions = ">=3.5" +python-versions = ">=3.6" [package.dependencies] atomicwrites = {version = ">=1.0", markers = "sys_platform == \"win32\""} -attrs = ">=17.4.0" +attrs = ">=19.2.0" colorama = {version = "*", markers = "sys_platform == \"win32\""} importlib-metadata = {version = ">=0.12", markers = "python_version < \"3.8\""} iniconfig = "*" -more-itertools = ">=4.0.0" packaging = "*" -pluggy = ">=0.12,<1.0" +pluggy = ">=0.12,<1.0.0a1" py = ">=1.8.2" toml = "*" [package.extras] -checkqa_mypy = ["mypy (==0.780)"] testing = ["argcomplete", "hypothesis (>=3.56)", "mock", "nose", "requests", "xmlschema"] [[package]] @@ -367,7 +357,7 @@ socks = ["PySocks (>=1.5.6,!=1.5.7)", "win-inet-pton"] [[package]] name = "s3transfer" -version = "0.3.6" +version = "0.4.2" description = "An Amazon S3 Transfer Manager" category = "main" optional = false @@ -376,9 +366,12 @@ python-versions = "*" [package.dependencies] botocore = ">=1.12.36,<2.0a.0" +[package.extras] +crt = ["botocore[crt] (>=1.20.29,<2.0a.0)"] + [[package]] name = "sendgrid" -version = "6.6.0" +version = "6.7.0" description = "Twilio SendGrid library for Python" category = "main" optional = false @@ -456,7 +449,7 @@ testing = ["pytest (>=4.6)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pyt [metadata] lock-version = "1.1" python-versions = "^3.6" -content-hash = "8891456d4f34f40f453c2d5831e90d077529ac90d74dfd10d2cc85d037df2e18" +content-hash = "30a280a71ceb01ce3eaacd2ad610a5e1cf4471f657911a31f5fa0f9be38fc98a" [metadata.files] atomicwrites = [ @@ -468,12 +461,12 @@ attrs = [ {file = "attrs-20.3.0.tar.gz", hash = "sha256:832aa3cde19744e49938b91fea06d69ecb9e649c93ba974535d08ad92164f700"}, ] boto3 = [ - {file = "boto3-1.17.33-py2.py3-none-any.whl", hash = "sha256:3306dad87f993703b102a0a70ca19c549b7f41e7f70fa7b4c579735c9f79351d"}, - {file = "boto3-1.17.33.tar.gz", hash = "sha256:0cac2fffc1ba915f7bb5ecee539318532db51f218c928a228fafe3e501e9472e"}, + {file = "boto3-1.17.57-py2.py3-none-any.whl", hash = "sha256:2783947ec34dd84fc36093e8fc8a9a24679cf912a97bc9a0c47f4966ed059a29"}, + {file = "boto3-1.17.57.tar.gz", hash = "sha256:6b4a79691a48740816f03c4cb1e8ef46f8335ad2019d9c4a95da73eb5cb98f05"}, ] botocore = [ - {file = "botocore-1.20.33-py2.py3-none-any.whl", hash = "sha256:a33e862685259fe22d9790d9c9f3567feda8b824d44d3c62a3617af1133543a4"}, - {file = "botocore-1.20.33.tar.gz", hash = "sha256:e355305309699d3aca1e0050fc21d48595b40db046cb0d2491cd57ff5b26920b"}, + {file = "botocore-1.20.57-py2.py3-none-any.whl", hash = "sha256:fa430bc773363a3d332c11c55bd8c0c0a5819d576121eb6990528a1bdaa89bcd"}, + {file = "botocore-1.20.57.tar.gz", hash = "sha256:ae4ac72921f23d35ad54a5fb0989fc00c6fff8a39e24f26128b9315cc6209fec"}, ] certifi = [ {file = "certifi-2020.12.5-py2.py3-none-any.whl", hash = "sha256:719a74fb9e33b9bd44cc7f3a8d94bc35e4049deebe19ba7d8e108280cfd59830"}, @@ -492,20 +485,20 @@ datadog = [ {file = "datadog-0.34.1.tar.gz", hash = "sha256:3bd8cc3d6915c6ac74c68093068b903de3fae22b8dd3d31480bfc2092a1f51d7"}, ] decorator = [ - {file = "decorator-4.4.2-py2.py3-none-any.whl", hash = "sha256:41fa54c2a0cc4ba648be4fd43cff00aedf5b9465c9bf18d64325bc225f08f760"}, - {file = "decorator-4.4.2.tar.gz", hash = "sha256:e3a62f0520172440ca0dcc823749319382e377f37f140a0b99ef45fecb84bfe7"}, + {file = "decorator-5.0.7-py3-none-any.whl", hash = "sha256:945d84890bb20cc4a2f4a31fc4311c0c473af65ea318617f13a7257c9a58bc98"}, + {file = "decorator-5.0.7.tar.gz", hash = "sha256:6f201a6c4dac3d187352661f508b9364ec8091217442c9478f1f83c003a0f060"}, ] fakeredis = [ - {file = "fakeredis-1.4.5-py3-none-any.whl", hash = "sha256:2c6041cf0225889bc403f3949838b2c53470a95a9e2d4272422937786f5f8f73"}, - {file = "fakeredis-1.4.5.tar.gz", hash = "sha256:01cb47d2286825a171fb49c0e445b1fa9307087e07cbb3d027ea10dbff108b6a"}, + {file = "fakeredis-1.5.0-py3-none-any.whl", hash = "sha256:e0416e4941cecd3089b0d901e60c8dc3c944f6384f5e29e2261c0d3c5fa99669"}, + {file = "fakeredis-1.5.0.tar.gz", hash = "sha256:1ac0cef767c37f51718874a33afb5413e69d132988cb6a80c6e6dbeddf8c7623"}, ] idna = [ {file = "idna-2.10-py2.py3-none-any.whl", hash = "sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0"}, {file = "idna-2.10.tar.gz", hash = "sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6"}, ] importlib-metadata = [ - {file = "importlib_metadata-3.7.3-py3-none-any.whl", hash = "sha256:b74159469b464a99cb8cc3e21973e4d96e05d3024d337313fedb618a6e86e6f4"}, - {file = "importlib_metadata-3.7.3.tar.gz", hash = "sha256:742add720a20d0467df2f444ae41704000f50e1234f46174b51f9c6031a1bd71"}, + {file = "importlib_metadata-4.0.1-py3-none-any.whl", hash = "sha256:d7eb1dea6d6a6086f8be21784cc9e3bcfa55872b52309bc5fad53a8ea444465d"}, + {file = "importlib_metadata-4.0.1.tar.gz", hash = "sha256:8c501196e49fb9df5df43833bdb1e4328f64847763ec8a50703148b73784d581"}, ] iniconfig = [ {file = "iniconfig-1.1.1-py2.py3-none-any.whl", hash = "sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3"}, @@ -573,10 +566,6 @@ markupsafe = [ {file = "MarkupSafe-1.1.1-cp38-cp38-win_amd64.whl", hash = "sha256:e8313f01ba26fbbe36c7be1966a7b7424942f670f38e666995b88d012765b9be"}, {file = "MarkupSafe-1.1.1.tar.gz", hash = "sha256:29872e92839765e546828bb7754a68c418d927cd064fd4708fab9fe9c8bb116b"}, ] -more-itertools = [ - {file = "more-itertools-8.7.0.tar.gz", hash = "sha256:c5d6da9ca3ff65220c3bfd2a8db06d698f05d4d2b9be57e1deb2be5a45019713"}, - {file = "more_itertools-8.7.0-py3-none-any.whl", hash = "sha256:5652a9ac72209ed7df8d9c15daf4e1aa0e3d2ccd3c87f8265a0673cd9cbc9ced"}, -] packaging = [ {file = "packaging-20.9-py2.py3-none-any.whl", hash = "sha256:67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a"}, {file = "packaging-20.9.tar.gz", hash = "sha256:5b327ac1320dc863dca72f4514ecc086f31186744b84a230374cc1fd776feae5"}, @@ -612,8 +601,8 @@ pyrsistent = [ {file = "pyrsistent-0.17.3.tar.gz", hash = "sha256:2e636185d9eb976a18a8a8e96efce62f2905fea90041958d8cc2a189756ebf3e"}, ] pytest = [ - {file = "pytest-6.0.2-py3-none-any.whl", hash = "sha256:0e37f61339c4578776e090c3b8f6b16ce4db333889d65d0efb305243ec544b40"}, - {file = "pytest-6.0.2.tar.gz", hash = "sha256:c8f57c2a30983f469bf03e68cdfa74dc474ce56b8f280ddcb080dfd91df01043"}, + {file = "pytest-6.2.3-py3-none-any.whl", hash = "sha256:6ad9c7bdf517a808242b998ac20063c41532a570d088d77eec1ee12b0b5574bc"}, + {file = "pytest-6.2.3.tar.gz", hash = "sha256:671238a46e4df0f3498d1c3270e5deb9b32d25134c99b7d75370a68cfbe9b634"}, ] python-dateutil = [ {file = "python-dateutil-2.8.1.tar.gz", hash = "sha256:73ebfe9dbf22e832286dafa60473e4cd239f8592f699aa5adaf10050e6e1823c"}, @@ -654,12 +643,12 @@ requests = [ {file = "requests-2.25.1.tar.gz", hash = "sha256:27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804"}, ] s3transfer = [ - {file = "s3transfer-0.3.6-py2.py3-none-any.whl", hash = "sha256:5d48b1fd2232141a9d5fb279709117aaba506cacea7f86f11bc392f06bfa8fc2"}, - {file = "s3transfer-0.3.6.tar.gz", hash = "sha256:c5dadf598762899d8cfaecf68eba649cd25b0ce93b6c954b156aaa3eed160547"}, + {file = "s3transfer-0.4.2-py2.py3-none-any.whl", hash = "sha256:9b3752887a2880690ce628bc263d6d13a3864083aeacff4890c1c9839a5eb0bc"}, + {file = "s3transfer-0.4.2.tar.gz", hash = "sha256:cb022f4b16551edebbb31a377d3f09600dbada7363d8c5db7976e7f47732e1b2"}, ] sendgrid = [ - {file = "sendgrid-6.6.0-py3-none-any.whl", hash = "sha256:e422c8263563ac7d664066d2f87b90bcb005b067eb7c33a9b1396442b2ed285b"}, - {file = "sendgrid-6.6.0.tar.gz", hash = "sha256:2eb1dcb1f7d8656eed4db586e428c2c86f347590b8511d7f92993882d0e4fab9"}, + {file = "sendgrid-6.7.0-py3-none-any.whl", hash = "sha256:273bdc0abec649bf6319df7b6267980f79e53ab64e92906d65eea6d4330d00b4"}, + {file = "sendgrid-6.7.0.tar.gz", hash = "sha256:74b0dcf9a79188948f61f456bd1bf67ffa676a5d388aba1c76bff516566d7084"}, ] six = [ {file = "six-1.15.0-py2.py3-none-any.whl", hash = "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced"}, diff --git a/tools/c7n_mailer/pyproject.toml b/tools/c7n_mailer/pyproject.toml index 11042f3d6b7..4abb87f7712 100644 --- a/tools/c7n_mailer/pyproject.toml +++ b/tools/c7n_mailer/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "c7n_mailer" -version = "0.6.10" +version = "0.6.11" description = "Cloud Custodian - Reference Mailer" authors = ["Cloud Custodian Project"] license = "Apache-2.0" @@ -9,6 +9,7 @@ homepage = "https://cloudcustodian.io" repository = "https://github.com/cloud-custodian/cloud-custodian" documentation = "https://cloudcustodian.io/docs/" classifiers = [ + "License :: OSI Approved :: Apache Software License", "Topic :: System :: Systems Administration", "Topic :: System :: Distributed Computing" ] @@ -33,7 +34,7 @@ jsonpatch = "^1.25" [tool.poetry.dev-dependencies] fakeredis = "^1.2.0" -pytest = "~6.0.0" +pytest = "^6.0.0" [build-system] requires = ["poetry>=0.12", "setuptools"] diff --git a/tools/c7n_mailer/requirements.txt b/tools/c7n_mailer/requirements.txt index 49ecbc356df..65de1038b60 100644 --- a/tools/c7n_mailer/requirements.txt +++ b/tools/c7n_mailer/requirements.txt @@ -1,12 +1,12 @@ attrs==20.3.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" -boto3==1.17.33; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.6.0") -botocore==1.20.33; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" +boto3==1.17.57; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.6.0") +botocore==1.20.57; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" certifi==2020.12.5; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" chardet==4.0.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" datadog==0.34.1 -decorator==4.4.2; python_version >= "2.6" and python_full_version < "3.0.0" or python_full_version >= "3.2.0" +decorator==5.0.7; python_version >= "3.5" idna==2.10; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" -importlib-metadata==3.7.3; python_version >= "3.6" and python_version < "3.8" +importlib-metadata==4.0.1; python_version >= "3.6" and python_version < "3.8" jinja2==2.11.3; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.5.0") jmespath==0.10.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" jsonpatch==1.32; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.5.0") @@ -21,8 +21,8 @@ python-http-client==3.3.2; python_version >= "2.7" and python_full_version < "3. pyyaml==5.4.1; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.6.0") redis==3.5.3; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.5.0") requests==2.25.1; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" -s3transfer==0.3.6; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" -sendgrid==6.6.0; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.5.0") +s3transfer==0.4.2; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" +sendgrid==6.7.0; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.5.0") six==1.15.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" starkbank-ecdsa==1.1.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" typing-extensions==3.7.4.3; python_version >= "3.6" and python_version < "3.8" diff --git a/tools/c7n_mailer/setup.py b/tools/c7n_mailer/setup.py index 190e1e0f7c8..a5e1cfcb4ee 100644 --- a/tools/c7n_mailer/setup.py +++ b/tools/c7n_mailer/setup.py @@ -28,8 +28,14 @@ setup_kwargs = { 'name': 'c7n-mailer', - 'version': '0.6.10', + 'version': '0.6.11', 'description': 'Cloud Custodian - Reference Mailer', + 'license': 'Apache-2.0', + 'classifiers': [ + 'License :: OSI Approved :: Apache Software License', + 'Topic :: System :: Systems Administration', + 'Topic :: System :: Distributed Computing' + ], 'long_description': '# c7n-mailer: Custodian Mailer\n\n[//]: # ( !!! IMPORTANT !!! )\n[//]: # (This file is moved during document generation.)\n[//]: # (Only edit the original document at ./tools/c7n_mailer/README.md)\n\nA mailer implementation for Custodian. Outbound mail delivery is still somewhat\norganization-specific, so this at the moment serves primarily as an example\nimplementation.\n\n> The Cloud Custodian Mailer can now be easily run in a Docker container. Click [here](https://hub.docker.com/r/cloudcustodian/mailer) for details.\n\n\n## Message Relay\n\nCustodian Mailer subscribes to an SQS queue, looks up users, and sends email\nvia SES and/or send notification to DataDog. Custodian lambda and instance policies can send to it. SQS queues\nshould be cross-account enabled for sending between accounts.\n\n\n## Tutorial\n\nOur goal in starting out with the Custodian mailer is to install the mailer,\nand run a policy that triggers an email to your inbox.\n\n1. [Install](#developer-install-os-x-el-capitan) the mailer on your laptop (if you are not running as a [Docker container](https://hub.docker.com/r/cloudcustodian/mailer)\n - or use `pip install c7n-mailer`\n2. In your text editor, create a `mailer.yml` file to hold your mailer config.\n3. In the AWS console, create a new standard SQS queue (quick create is fine).\n Copy the queue URL to `queue_url` in `mailer.yml`.\n4. In AWS, locate or create a role that has read access to the queue. Grab the\n role ARN and set it as `role` in `mailer.yml`.\n\nThere are different notification endpoints options, you can combine both.\n\n### Email:\nMake sure your email address is verified in SES, and set it as\n`from_address` in `mailer.yml`. By default SES is in sandbox mode where you\nmust\n[verify](http://docs.aws.amazon.com/ses/latest/DeveloperGuide/verify-email-addresses.html)\nevery individual recipient of emails. If need be, make an AWS support ticket to\nbe taken out of SES sandbox mode.\n\nYour `mailer.yml` should now look something like this:\n\n```yaml\nqueue_url: https://sqs.us-east-1.amazonaws.com/1234567890/c7n-mailer-test\nrole: arn:aws:iam::123456790:role/c7n-mailer-test\nfrom_address: you@example.com\n```\n\nYou can also set `region` if you are in a region other than `us-east-1` as well as `lambda_tags` to give the mailer tags.\n\n```yaml\nregion: us-east-2\nlambda_tags:\n owner: ops\n```\n\nNow let\'s make a Custodian policy to populate your mailer queue. Create a\n`test-policy.yml` file with this content (update `to` and `queue` to match your\nenvironment)\n\n```yaml\n policies:\n - name: c7n-mailer-test\n resource: sqs\n filters:\n - "tag:MailerTest": absent\n actions:\n - type: notify\n template: default\n priority_header: \'2\'\n subject: testing the c7n mailer\n to:\n - you@example.com\n transport:\n type: sqs\n queue: https://sqs.us-east-1.amazonaws.com/1234567890/c7n-mailer-test\n```\n\n### DataDog:\nThe standard way to do a DataDog integration is use the\nc7n integration with AWS CloudWatch and use the\n[DataDog integration with AWS](https://docs.datadoghq.com/integrations/amazon_web_services/)\nto collect CloudWatch metrics. The mailer/messenger integration is only\nfor the case you don\'t want or you can\'t use AWS CloudWatch.\n\nNote this integration requires the additional dependency of datadog python bindings:\n```\npip install datadog\n```\n\nYour `mailer.yml` should now look something like this:\n\n```yaml\nqueue_url: https://sqs.us-east-1.amazonaws.com/1234567890/c7n-mailer-test\nrole: arn:aws:iam::123456790:role/c7n-mailer-test\ndatadog_api_key: XXXXXXXXXXXXXXXXXXXXXXXXXXXXX\ndatadog_application_key: YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY\n```\n\n(Also set `region` if you are in a region other than `us-east-1`.)\n\nNow let\'s make a Custodian policy to populate your mailer queue. Create a\n`test-policy.yml`:\n\n```yaml\npolicies:\n - name: c7n-mailer-test\n resource: ebs\n filters:\n - Attachments: []\n actions:\n - type: notify\n to:\n - datadog://?metric_name=datadog.metric.name&metric_value_tag=Size\n transport:\n type: sqs\n queue: https://sqs.us-east-1.amazonaws.com/1234567890/c7n-mailer-test\n```\n\nThere is a special `to` format that specifies datadog delivery, and includes the datadog configuration via url parameters.\n- metric_name: is the name of the metrics send to DataDog\n- metric_value_tag: by default the metric value send to DataDog is `1` but if you want to use one of the tags returned in the policy you can set it with the attribute `metric_value_tag`, for example in the `test-policy.yml` the value used is the size of the EBS volume. The value must be a number and it\'s transformed to a float value.\n\n### Slack:\n\nThe Custodian mailer supports Slack messaging as a separate notification mechanism for the SQS transport method. To enable Slack integration, you must specify a Slack token in the `slack_token` field under the `mailer.yml` file.\n\n```yaml\nqueue_url: https://sqs.us-east-1.amazonaws.com/1234567890/c7n-mailer-test\nrole: arn:aws:iam::123456790:role/c7n-mailer-test\nslack_token: xoxo-token123\n```\n\nTo enable Slack messaging, several unique fields are evaluated in the policy, as shown in the below example:\n\n```\npolicies:\n - name: c7n-mailer-test\n resource: ebs\n filters:\n - Attachments: []\n actions:\n - type: notify\n slack_template: slack\n slack_msg_color: danger\n to:\n - slack://owners\n - slack://foo@bar.com\n - slack://#custodian-test\n - slack://webhook/#c7n-webhook-test\n - slack://tag/resource_tag\n - https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX\n transport:\n type: sqs\n queue: https://sqs.us-east-1.amazonaws.com/1234567890/c7n-mailer-test\n```\n\nSlack messages support use of a unique template field specified by `slack_template`. This field is unique and usage will not break\nexisting functionality for messages also specifying an email template in the `template` field. This field is optional, however,\nand if not specified, the mailer will use the default value `slack_default`.\n\nThe unique template field `slack_msg_color` can be used to specify a color\nborder for the slack message. This accepts the Slack presets of `danger` (red),\n`warning` (yellow) and `good` (green). It can also accept a HTML hex code. See\nthe [Slack documentation](https://api.slack.com/reference/messaging/attachments#fields)\nfor details.\n\nNote: if you are using a hex color code it will need to be wrapped in quotes\nlike so: `slack_msg_color: \'#4287f51\'`. Otherwise the YAML interpreter will consider it a\n[comment](https://yaml.org/spec/1.2/spec.html#id2780069).\n\nSlack integration for the mailer supports several flavors of messaging, listed below. These are not mutually exclusive and any combination of the types can be used, but the preferred method is [incoming webhooks](https://api.slack.com/incoming-webhooks).\n\n| Requires `slack_token` | Key | Type | Notes |\n|:---------------------------:|:--------------------------------------------------------------------------------|:-------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| No | `https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX` | string | **(PREFERRED)** Send to an [incoming webhook](https://api.slack.com/incoming-webhooks) (the channel is defined in the webhook) |\n| Yes | `slack://owners` | string | Send to the recipient list generated within email delivery logic |\n| Yes | `slack://foo@bar.com` | string | Send to the recipient specified by email address foo@bar.com |\n| Yes | `slack://#custodian-test` | string | Send to the Slack channel indicated in string, i.e. #custodian-test |\n| No | `slack://webhook/#c7n-webhook-test` | string | **(DEPRECATED)** Send to a Slack webhook; appended with the target channel. **IMPORTANT**: *This requires a `slack_webhook` value defined in the `mailer.yml`.* |\n| Yes | `slack://tag/resource-tag` | string | Send to target found in resource tag. Example of value in tag: https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX |\n\nSlack delivery can also be set via a resource\'s tag name. For example, using "slack://tag/slack_channel" will look for a tag name of \'slack_channel\', and if matched on a resource will deliver the message to the value of that resource\'s tag:\n\n`slack_channel:https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX`\n\nDelivery via tag has been tested with webhooks but should support all delivery methods.\n\n### Splunk HTTP Event Collector (HEC)\n\nThe Custodian mailer supports delivery to the HTTP Event Collector (HEC) endpoint of a Splunk instance as a separate notification mechanism for the SQS transport method. To enable Splunk HEC integration, you must specify the URL to the HEC endpoint as well as a valid username and token:\n\n```yaml\nqueue_url: https://sqs.us-east-1.amazonaws.com/1234567890/c7n-mailer-test\nrole: arn:aws:iam::123456790:role/c7n-mailer-test\nsplunk_hec_url: https://http-inputs-foo.splunkcloud.com/services/collector/event\nsplunk_hec_token: 268b3cc2-f32e-4a19-a1e8-aee08d86ca7f\n```\n\nTo send events for a policy to the Splunk HEC endpoint, add a ``to`` address notify action specifying the name of the Splunk index to send events to in the form ``splunkhec://indexName``:\n\n```\npolicies:\n - name: c7n-mailer-test\n resource: ebs\n filters:\n - Attachments: []\n actions:\n - type: notify\n to:\n - splunkhec://myIndexName\n transport:\n type: sqs\n queue: https://sqs.us-east-1.amazonaws.com/1234567890/c7n-mailer-test\n```\n\nThe ``splunkhec://indexName`` address type can be combined in the same notify action with other destination types (e.g. email, Slack, DataDog, etc).\n\n### Now run:\n\n```\nc7n-mailer --config mailer.yml --update-lambda && custodian run -c test-policy.yml -s .\n```\n\nNote: You can set the profile via environment variable e.g. `export AWS_DEFAULT_PROFILE=foo`\n\nYou should see output similar to the following:\n\n```\n(env) $ c7n-mailer --config mailer.yml --update-lambda && custodian run -c test-policy.yml -s .\nDEBUG:custodian.lambda:Created custodian lambda archive size: 3.01mb\n2017-01-12 07:55:16,227: custodian.policy:INFO Running policy c7n-mailer-test resource: sqs region:default c7n:0.8.22.0\n2017-01-12 07:55:16,229: custodian.policy:INFO policy: c7n-mailer-test resource:sqs has count:1 time:0.00\n2017-01-12 07:55:18,017: custodian.actions:INFO sent message:dead-beef policy:c7n-mailer-test template:default count:1\n2017-01-12 07:55:18,017: custodian.policy:INFO policy: c7n-mailer-test action: notify resources: 1 execution_time: 1.79\n(env) $\n```\n\nCheck the AWS console for a new Lambda named `cloud-custodian-mailer`. The\nmailer runs every five minutes, so wait a bit and then look for an email in\nyour inbox. If it doesn\'t appear, look in the lambda\'s logs for debugging\ninformation. If it does, congratulations! You are off and running with the\nCustodian mailer.\n\n\n## Usage & Configuration\n\nOnce [installed](#developer-install-os-x-el-capitan) you should have a\n`c7n-mailer` executable on your path:\naws\n```\n(env) $ c7n-mailer\nusage: c7n-mailer [-h] -c CONFIG\nc7n-mailer: error: argument -c/--config is required\n(env) $\n```\n\nFundamentally what `c7n-mailer` does is deploy a Lambda (using\n[Mu](http://cloudcustodian.io/docs/policy/mu.html)) based on\nconfiguration you specify in a YAML file. Here is [the\nschema](./c7n_mailer/cli.py#L11-L41) to which the file must conform,\nand here is a description of the options:\n\n| Required? | Key | Type | Notes |\n|:---------:|:----------------|:-----------------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| ✅ | `queue_url` | string | the queue to listen to for messages |\n| | `from_address` | string | default from address |\n| | `endpoint_url` | string | SQS API URL (for use with VPC Endpoints) |\n| | `contact_tags` | array of strings | tags that we should look at for address information |\n\n#### Standard Lambda Function Config\n\n| Required? | Key | Type |\n|:---------:|:---------------------|:-----------------|\n| | `dead_letter_config` | object |\n| | `memory` | integer |\n| | `region` | string |\n| ✅ | `role` | string |\n| | `runtime` | string |\n| | `security_groups` | array of strings |\n| | `subnets` | array of strings |\n| | `timeout` | integer |\n\n#### Standard Azure Functions Config\n\n| Required? | Key | Type | Notes |\n|:---------:|:----------------------|:-------|:---------------------------------------------------------------------------------------|\n| | `function_properties` | object | Contains `appInsights`, `storageAccount` and `servicePlan` objects |\n| | `appInsights` | object | Contains `name`, `location` and `resourceGroupName` properties |\n| | `storageAccount` | object | Contains `name`, `location` and `resourceGroupName` properties |\n| | `servicePlan` | object | Contains `name`, `location`, `resourceGroupName`, `skuTier` and `skuName` properties |\n| | `name` | string | |\n| | `location` | string | Default: `west us 2` |\n| | `resourceGroupName` | string | Default `cloud-custodian` |\n| | `skuTier` | string | Default: `Basic` |\n| | `skuName` | string | Default: `B1` |\n\n\n\n\n#### Mailer Infrastructure Config\n\n| Required? | Key | Type | Notes |\n|:---------:|:----------------------------|:--------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| | `cache_engine` | string | cache engine; either sqlite or redis |\n| | `cross_accounts` | object | account to assume back into for sending to SNS topics |\n| | `debug` | boolean | debug on/off |\n| | `ldap_bind_dn` | string | eg: ou=people,dc=example,dc=com |\n| | `ldap_bind_user` | string | eg: FOO\\\\BAR |\n| | `ldap_bind_password` | string | ldap bind password |\n| | `ldap_bind_password_in_kms` | boolean | defaults to true, most people (except capone) want to set this to false. If set to true, make sure `ldap_bind_password` contains your KMS encrypted ldap bind password as a base64-encoded string. |\n| | `ldap_email_attribute` | string | |\n| | `ldap_email_key` | string | eg \'mail\' |\n| | `ldap_manager_attribute` | string | eg \'manager\' |\n| | `ldap_uid_attribute` | string | |\n| | `ldap_uid_regex` | string | |\n| | `ldap_uid_tags` | string | |\n| | `ldap_uri` | string | eg \'ldaps://example.com:636\' |\n| | `redis_host` | string | redis host if cache_engine == redis |\n| | `redis_port` | integer | redis port, default: 6369 |\n| | `ses_region` | string | AWS region that handles SES API calls |\n\n#### SMTP Config\n\n| Required? | Key | Type | Notes |\n|:---------:|:----------------|:-----------------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| | `smtp_server` | string | to configure your lambda role to talk to smtpd in your private vpc, see [here](https://docs.aws.amazon.com/lambda/latest/dg/vpc.html) | |\n| | `smtp_port` | integer | smtp port (default is 25) |\n| | `smtp_ssl` | boolean | this defaults to True |\n| | `smtp_username` | string | |\n| | `smtp_password` | secured string | |\n\nIf `smtp_server` is unset, `c7n_mailer` will use AWS SES or Azure SendGrid.\n\n#### DataDog Config\n\n| Required? | Key | Type | Notes |\n|:---------:|:--------------------------|:-------|:-------------------------|\n| | `datadog_api_key` | string | DataDog API key. |\n| | `datadog_application_key` | string | Datadog application key. |\n\nThese fields are not necessary if c7n_mailer is run in a instance/lambda/etc with the DataDog agent.\n\n#### Slack Config\n\n| Required? | Key | Type | Notes |\n|:---------:|:--------------|:-------|:----------------|\n| | `slack_token` | string | Slack API token |\n\n#### SendGrid Config\n\n| Required? | Key | Type | Notes |\n|:---------:|:-------------------|:---------------|:-------------------|\n| | `sendgrid_api_key` | secured string | SendGrid API token |\n\n\n#### Splunk HEC Config\n\nThe following configuration items are *all* optional. The ones marked "Required for Splunk" are only required if you\'re sending notifications to ``splunkhec://`` destinations.\n\n| Required for Splunk? | Key | Type | Notes |\n|:--------------------:|:------------------------|:-----------------|:-----------------------------------------------------------------------------------------------------------------------------------|\n| ✅ | `splunk_hec_url` | string | URL to your Splunk HTTP Event Collector endpoint |\n| ✅ | `splunk_hec_token` | string | Splunk HEC authentication token for specified username |\n| | `splunk_remove_paths` | array of strings | List of [RFC6901](http://tools.ietf.org/html/rfc6901) JSON Pointers to remove from the event, if present, before sending to Splunk |\n| | `splunk_actions_list` | boolean | If true, add an `actions` list to the top-level message sent to Splunk, containing the names of all non-notify actions taken |\n| | `splunk_max_attempts` | integer | Maximum number of times to try POSTing data to Splunk HEC (default 4) |\n| | `splunk_hec_max_length` | integer | Maximum data length that Splunk HEC accepts; an error will be logged for any message sent over this length |\n| | `splunk_hec_sourcetype` | string | Configure sourcetype of the payload sent to Splunk HEC. (default is \'_json\') |\n\n#### SDK Config\n\n| Required? | Key | Type | Notes |\n|:---------:|:--------------|:-------|:------|\n| | `http_proxy` | string | |\n| | `https_proxy` | string | |\n| | `profile` | string | |\n\n\n#### Secured String\n\nIn order to ensure sensitive data is not stored plaintext in a policy, `c7n-mailer` supports secured\nstrings. You can treat it as a regular `string` or use `secured string` features.\n\n##### AWS\n\nYou can use KMS to encrypt your secrets and use encrypted secret in mailer policy.\nCustodian tries to decrypt the string using KMS, if it fails c7n treats it as a plaintext secret.\n\n```yaml\n plaintext_secret: \n secured_string: \n```\n\n##### Azure\n\nYou can store your secrets in Azure Key Vault secrets and reference them from the policy.\n\n```yaml\n plaintext_secret: \n secured_string:\n type: azure.keyvault\n secret: https://your-vault.vault.azure.net/secrets/your-secret\n```\n\nNote: `secrets.get` permission on the KeyVault for the Service Principal is required.\n\n## Configuring a policy to send email\n\nOutbound email can be added to any policy by including the `notify` action.\n\n```yaml\n\npolicies:\n - name: bad-apples\n resource: asg\n filters:\n - "tag:ASV": absent\n actions:\n - type: notify\n template: default\n template_format: \'html\'\n priority_header: \'1\'\n subject: fix your tags\n to:\n - resource-owner\n owner_absent_contact:\n - foo@example.com\n transport:\n type: sqs\n queue: https://sqs.us-east-1.amazonaws.com/80101010101/cloud-custodian-message-relay\n```\n\nSo breaking it down, you add an action of type `notify`. You can specify a\ntemplate that\'s used to format the email; customizing templates is described\n[below](#writing-an-email-template).\n\nThe `to` list specifies the intended recipient for the email. You can specify\neither an email address, an SNS topic, a Datadog Metric, or a special value. The special values\nare either\n\n- `resource-owner`, in which case the email will be sent to the listed\n `OwnerContact` tag on the resource that matched the policy, or\n- `event-owner` for push-based/realtime policies that will send to the user\n that was responsible for the underlying event.\n- `priority_header` to indicate the importance of an email with [headers](https://www.chilkatsoft.com/p/p_471.asp). Different emails clients will display stars, exclamation points or flags depending on the value. Should be an string from 1 to 5.\n\nBoth of these special values are best effort, i.e., if no `OwnerContact` tag is\nspecified then `resource-owner` email will not be delivered, and in the case of\n`event-owner` an instance role or system account will not result in an email.\n\nThe optional `owner_absent_contact` list specifies email addresses to notify only if\nthe `resource-owner` special option was unable to find any matching owner contact\ntags.\n\nIn addition, you may choose to use a custom tag instead of the default `OwnerContact`. In order to configure this, the mailer.yaml must be modified to include the contact_tags and the custom tag. The `resource-owner` will now email the custom tag instead of `OwnerContact`.\n\n```yaml\ncontact_tags:\n - "custom_tag"\n```\n\n\nFor reference purposes, the JSON Schema of the `notify` action:\n\n```json\n{\n "type": "object",\n "required": ["type", "transport", "to"],\n "properties": {\n "type": {"enum": ["notify"]},\n "to": {"type": "array", "items": {"type": "string"}},\n "owner_absent_contact": {"type": "array", "items": {"type": "string"}},\n "subject": {"type": "string"},\n "priority_header": {"type": "string"},\n "template": {"type": "string"},\n "transport": {\n "type": "object",\n "required": ["type", "queue"],\n "properties": {\n "queue": {"type": "string"},\n "region": {"type": "string"},\n "type": {"enum": ["sqs"]}\n }\n }\n }\n}\n```\n\n## Using on Azure\n\nRequires:\n\n- `c7n_azure` package. See [Installing Azure Plugin](https://cloudcustodian.io/docs/azure/gettingstarted.html#azure-install-cc)\n- SendGrid account. See [Using SendGrid with Azure](https://docs.microsoft.com/en-us/azure/sendgrid-dotnet-how-to-send-email)\n- [Azure Storage Queue](https://azure.microsoft.com/en-us/services/storage/queues/)\n\nThe mailer supports an Azure Storage Queue transport and SendGrid delivery on Azure.\nConfiguration for this scenario requires only minor changes from AWS deployments.\n\nYou will need to grant `Storage Queue Data Contributor` role on the Queue for the identity\nmailer is running under.\n\nThe notify action in your policy will reflect transport type `asq` with the URL\nto an Azure Storage Queue. For example:\n\n```yaml\npolicies:\n - name: azure-notify\n resource: azure.resourcegroup\n description: send a message to a mailer instance\n actions:\n - type: notify\n template: default\n priority_header: \'2\'\n subject: Hello from C7N Mailer\n to:\n - you@youremail.com\n transport:\n type: asq\n queue: https://storageaccount.queue.core.windows.net/queuename\n```\n\nIn your mailer configuration, you\'ll need to provide your SendGrid API key as well as\nprefix your queue URL with `asq://` to let mailer know what type of queue it is:\n\n```yaml\nqueue_url: asq://storageaccount.queue.core.windows.net/queuename\nfrom_address: you@youremail.com\nsendgrid_api_key: SENDGRID_API_KEY\n```\n\nThe mailer will transmit all messages found on the queue on each execution, and will retry\nsending 3 times in the event of a failure calling SendGrid. After the retries the queue\nmessage will be discarded.\n\nIn addition, SendGrid delivery on Azure supports using resource tags to send emails. For example, in the `to` field:\n\n```yaml\nto:\n - tag:OwnerEmail\n```\n\nThis will find the email address associated with the resource\'s `OwnerEmail` tag, and send an email to the specified address.\nIf no tag is found, or the associated email address is invalid, no email will be sent.\n\n#### Deploying Azure Functions\n\nThe `--update-lambda` CLI option will also deploy Azure Functions if you have an Azure\nmailer configuration.\n\n`c7n-mailer --config mailer.yml --update-lambda`\n\nwhere a simple `mailer.yml` using Consumption functions may look like:\n\n```yaml\nqueue_url: asq://storage.queue.core.windows.net/custodian\nfrom_address: foo@mail.com\nsendgrid_api_key: \nfunction_properties:\n servicePlan:\n name: \'testmailer1\'\n```\n\n#### Configuring Function Identity\n\nYou can configure the service principal used for api calls made by the\nmailer azure function by specifying an identity configuration under\nfunction properties. Mailer supports User Assigned Identities, System\nManaged Identities, defaulting to an embedding of the cli user\'s\nservice principals credentials.\n\nWhen specifying a user assigned identity, unlike in a custodian\nfunction policy where simply providing an name is sufficient, the\nuuid/id and client id of the identity must be provided. You can\nretrieve this information on the cli using the `az identity list`.\n\n```yaml\n\nfunction_properties:\n identity:\n type: UserAssigned\n id: "/subscriptions/333fd504-7f11-2270-88c8-7325a27f7222/resourcegroups/c7n/providers/Microsoft.ManagedIdentity/userAssignedIdentities/mailer"\n client_id: "b9cb06fa-dfb8-4342-add3-aab5acb2abbc"\n```\n\nA system managed identity can also be used, and the Azure platform will\ncreate an identity when the function is provisoned, however the function\'s identity\nthen needs to be retrieved and mapped to rbac permissions post provisioning, this\nuser management activity must be performed manually.\n\n```yaml\n\nfunction_properties:\n identity:\n type: SystemAssigned\n```\n\n## Writing an email template\n\nTemplates are authored in [jinja2](http://jinja.pocoo.org/docs/dev/templates/).\nDrop a file with the `.j2` extension into the a templates directory, and send a pull request to this\nrepo. You can then reference it in the `notify` action as the `template`\nvariable by file name minus extension. Templates ending with `.html.j2` are\nsent as HTML-formatted emails, all others are sent as plain text.\n\nYou can use `-t` or `--templates` cli argument to pass custom folder with your templates.\n\nThe following variables are available when rendering templates:\n\n| variable | value |\n|:------------------|:-------------------------------------------------------------|\n| `recipient` | email address |\n| `resources` | list of resources that matched the policy filters |\n| `event` | for CWE-push-based lambda policies, the event that triggered |\n| `action` | `notify` action that generated this SQS message |\n| `policy` | policy that triggered this notify action |\n| `account` | short name of the aws account |\n| `region` | region the policy was executing in |\n| `execution_start` | The time policy started executing |\n\nThe following extra global functions are available:\n\n| signature | behavior |\n|:-----------------------------------------------------------------------------|:--------------------------------------------------------------------------------------------------|\n| `format_struct(struct)` | pretty print a json structure |\n| `resource_tag(resource, key)` | retrieve a tag value from a resource or return an empty string, aliased as get_resource_tag_value |\n| `format_resource(resource, resource_type)` | renders a one line summary of a resource |\n| `date_time_format(utc_str, tz_str=\'US/Eastern\', format=\'%Y %b %d %H:%M %Z\')` | customize rendering of an utc datetime string |\n| `search(expression, value)` | jmespath search value using expression |\n| `yaml_safe(value)` | yaml dumper |\n\nThe following extra jinja filters are available:\n\n| filter | behavior |\n|:-----------------------------------------------------------------------------------------------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| utc_string|date_time_format(tz_str=\'US/Pacific\', format=\'%Y %b %d %H:%M %Z\') | pretty [format](https://docs.python.org/2/library/datetime.html#strftime-strptime-behavior) the date / time |\n| 30|get_date_time_delta | Convert a time [delta](https://docs.python.org/2/library/datetime.html#datetime.timedelta) like \'30\' days in the future, to a datetime string. You can also use negative values for the past. |\n\n\n## Developer Install (OS X El Capitan)\n\nClone the repository:\n```\n$ git clone https://github.com/cloud-custodian/cloud-custodian\n```\nInstall dependencies (with virtualenv):\n```\n$ virtualenv c7n_mailer\n$ source c7n_mailer/bin/activate\n$ cd tools/c7n_mailer\n$ pip install -r requirements.txt\n```\nInstall the extensions:\n```\npython setup.py develop\n```\n\n## Testing Templates and Recipients\n\nA ``c7n-mailer-replay`` entrypoint is provided to assist in testing email notifications\nand templates. This script operates on an actual SQS message from cloud-custodian itself,\nwhich you can either retrieve from the SQS queue or replicate locally. By default it expects\nthe message file to be base64-encoded, gzipped JSON, just like c7n sends to SQS. With the\n``-p`` | ``--plain`` argument, it will expect the message file to contain plain JSON.\n\n``c7n-mailer-replay`` has three main modes of operation:\n\n* With no additional arguments, it will render the template specified by the policy the\n message is for, and actually send mail from the local machine as ``c7n-mailer`` would.\n This only works with SES, not SMTP.\n* With the ``-T`` | ``--template-print`` argument, it will log the email addresses that would\n receive mail, and print the rendered message body template to STDOUT.\n* With the ``-d`` | ``--dry-run`` argument, it will print the actual email body (including headers)\n that would be sent, for each message that would be sent, to STDOUT.\n\n#### Testing Templates for Azure\n\nThe ``c7n-mailer-replay`` entrypoint can be used to test templates for Azure with either of the arguments:\n* ``-T`` | ``--template-print``\n* ``-d`` | ``--dry-run``\n\nRunning ``c7n-mailer-replay`` without either of these arguments will throw an error as it will attempt\nto authorize with AWS.\n\nThe following is an example for retrieving a sample message to test against templates:\n\n* Run a policy with the notify action, providing the name of the template to test, to populate the queue.\n\n* Using the azure cli, save the message locally:\n```\n$ az storage message get --queue-name --account-name --query \'[].content\' > test_message.gz\n```\n* The example message can be provided to ``c7n-mailer-replay`` by running:\n\n```\n$ c7n-mailer-replay test_message.gz -T --config mailer.yml\n```\n', 'long_description_content_type': 'text/markdown', 'author': 'Cloud Custodian Project', diff --git a/tools/c7n_mailer/tests/test_utils.py b/tools/c7n_mailer/tests/test_utils.py index 6c3ea1f6739..c7ba6c8efa7 100644 --- a/tools/c7n_mailer/tests/test_utils.py +++ b/tools/c7n_mailer/tests/test_utils.py @@ -92,6 +92,17 @@ def test_igw(self): 'aws.internet-gateway'), 'id: igw-x attachments: 0') + def test_rds_cluster(self): + self.assertEqual( + utils.resource_format( + {'DBClusterIdentifier': 'database-2', + 'Engine': 'mysql-aurora', + 'EngineVersion': '5.7.mysql_aurora.2.07.2', + 'AllocatedStorage': '1'}, + 'rds-cluster'), + 'database-2 mysql-aurora-5.7.mysql_aurora.2.07.2 1', + ) + def test_s3(self): self.assertEqual( utils.resource_format( diff --git a/tools/c7n_openstack/poetry.lock b/tools/c7n_openstack/poetry.lock index 83cd0cb232b..5c52a389be4 100644 --- a/tools/c7n_openstack/poetry.lock +++ b/tools/c7n_openstack/poetry.lock @@ -8,14 +8,14 @@ python-versions = "*" [[package]] name = "argcomplete" -version = "1.12.2" +version = "1.12.3" description = "Bash tab completion for argparse" category = "dev" optional = false python-versions = "*" [package.dependencies] -importlib-metadata = {version = ">=0.23,<4", markers = "python_version == \"3.6\" or python_version == \"3.7\""} +importlib-metadata = {version = ">=0.23,<5", markers = "python_version == \"3.6\" or python_version == \"3.7\""} [package.extras] test = ["coverage", "flake8", "pexpect", "wheel"] @@ -44,20 +44,20 @@ tests_no_zope = ["coverage[toml] (>=5.0.2)", "hypothesis", "pympler", "pytest (> [[package]] name = "boto3" -version = "1.17.33" +version = "1.17.57" description = "The AWS SDK for Python" category = "dev" optional = false python-versions = ">= 2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" [package.dependencies] -botocore = ">=1.20.33,<1.21.0" +botocore = ">=1.20.57,<1.21.0" jmespath = ">=0.7.1,<1.0.0" -s3transfer = ">=0.3.0,<0.4.0" +s3transfer = ">=0.4.0,<0.5.0" [[package]] name = "botocore" -version = "1.20.33" +version = "1.20.57" description = "Low-level, data-driven core of boto 3." category = "dev" optional = false @@ -69,11 +69,11 @@ python-dateutil = ">=2.1,<3.0.0" urllib3 = ">=1.25.4,<1.27" [package.extras] -crt = ["awscrt (==0.10.8)"] +crt = ["awscrt (==0.11.11)"] [[package]] name = "c7n" -version = "0.9.11" +version = "0.9.12" description = "Cloud Custodian - Policy Rules Engine" category = "dev" optional = false @@ -84,7 +84,6 @@ develop = true argcomplete = "^1.11.1" boto3 = "^1.12.31" importlib-metadata = ">1.7.0;python_version<3.8" -jsonpickle = "1.3" jsonschema = "^3.2.0" python-dateutil = "^2.8.1" pyyaml = "^5.3" @@ -131,7 +130,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" [[package]] name = "cryptography" -version = "3.4.6" +version = "3.4.7" description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers." category = "main" optional = false @@ -150,11 +149,11 @@ test = ["pytest (>=6.0)", "pytest-cov", "pytest-subtests", "pytest-xdist", "pret [[package]] name = "decorator" -version = "4.4.2" +version = "5.0.7" description = "Decorators for Humans" category = "main" optional = false -python-versions = ">=2.6, !=3.0.*, !=3.1.*" +python-versions = ">=3.5" [[package]] name = "dogpile.cache" @@ -178,7 +177,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" [[package]] name = "importlib-metadata" -version = "3.7.3" +version = "4.0.1" description = "Read metadata from Python packages" category = "main" optional = false @@ -190,7 +189,7 @@ zipp = ">=0.5" [package.extras] docs = ["sphinx", "jaraco.packaging (>=8.2)", "rst.linker (>=1.9)"] -testing = ["pytest (>=3.5,!=3.7.3)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pytest-cov", "pytest-enabler", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] +testing = ["pytest (>=4.6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-cov", "pytest-enabler (>=1.0.1)", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] [[package]] name = "iniconfig" @@ -227,14 +226,6 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" [package.dependencies] jsonpointer = ">=1.9" -[[package]] -name = "jsonpickle" -version = "1.3" -description = "Python library for serializing any arbitrary object graph into JSON" -category = "dev" -optional = false -python-versions = "*" - [[package]] name = "jsonpointer" version = "2.1" @@ -284,14 +275,6 @@ oauth1 = ["oauthlib (>=0.6.2)"] saml2 = ["lxml (>=4.2.0)"] test = ["PyYAML (>=3.12)", "bandit (>=1.1.0,<1.6.0)", "betamax (>=0.7.0)", "coverage (>=4.0,!=4.4)", "fixtures (>=3.0.0)", "flake8-docstrings (==0.2.1.post1)", "flake8-import-order (>=0.17.1)", "hacking (>=3.0.1,<3.1.0)", "lxml (>=4.2.0)", "oauthlib (>=0.6.2)", "oslo.config (>=5.2.0)", "oslo.utils (>=3.33.0)", "oslotest (>=3.2.0)", "pycodestyle (>=2.0.0,<2.6.0)", "reno (>=3.1.0)", "requests-kerberos (>=0.8.0)", "requests-mock (>=1.2.0)", "stestr (>=1.0.0)", "testresources (>=2.0.0)", "testtools (>=2.2.0)"] -[[package]] -name = "more-itertools" -version = "8.7.0" -description = "More routines for operating on iterables, beyond itertools" -category = "dev" -optional = false -python-versions = ">=3.5" - [[package]] name = "multidict" version = "5.1.0" @@ -426,26 +409,24 @@ python-versions = ">=3.5" [[package]] name = "pytest" -version = "6.0.2" +version = "6.2.3" description = "pytest: simple powerful testing with Python" category = "dev" optional = false -python-versions = ">=3.5" +python-versions = ">=3.6" [package.dependencies] atomicwrites = {version = ">=1.0", markers = "sys_platform == \"win32\""} -attrs = ">=17.4.0" +attrs = ">=19.2.0" colorama = {version = "*", markers = "sys_platform == \"win32\""} importlib-metadata = {version = ">=0.12", markers = "python_version < \"3.8\""} iniconfig = "*" -more-itertools = ">=4.0.0" packaging = "*" -pluggy = ">=0.12,<1.0" +pluggy = ">=0.12,<1.0.0a1" py = ">=1.8.2" toml = "*" [package.extras] -checkqa_mypy = ["mypy (==0.780)"] testing = ["argcomplete", "hypothesis (>=3.56)", "mock", "nose", "requests", "xmlschema"] [[package]] @@ -495,7 +476,7 @@ python-versions = "*" [[package]] name = "s3transfer" -version = "0.3.6" +version = "0.4.2" description = "An Amazon S3 Transfer Manager" category = "dev" optional = false @@ -504,6 +485,9 @@ python-versions = "*" [package.dependencies] botocore = ">=1.12.36,<2.0a.0" +[package.extras] +crt = ["botocore[crt] (>=1.20.29,<2.0a.0)"] + [[package]] name = "six" version = "1.15.0" @@ -614,7 +598,7 @@ testing = ["pytest (>=4.6)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pyt [metadata] lock-version = "1.1" python-versions = "^3.6" -content-hash = "d1109dfaaa76ece1249fbe98746f4cc910817d0439c5f6ef57a4a478f827e39e" +content-hash = "4b766a1b428b75f8cc52fc8863cf71cab4cccd4350f025fe26e55bb72982a18d" [metadata.files] appdirs = [ @@ -622,8 +606,8 @@ appdirs = [ {file = "appdirs-1.4.4.tar.gz", hash = "sha256:7d5d0167b2b1ba821647616af46a749d1c653740dd0d2415100fe26e27afdf41"}, ] argcomplete = [ - {file = "argcomplete-1.12.2-py2.py3-none-any.whl", hash = "sha256:17f01a9b9b9ece3e6b07058eae737ad6e10de8b4e149105f84614783913aba71"}, - {file = "argcomplete-1.12.2.tar.gz", hash = "sha256:de0e1282330940d52ea92a80fea2e4b9e0da1932aaa570f84d268939d1897b04"}, + {file = "argcomplete-1.12.3-py2.py3-none-any.whl", hash = "sha256:291f0beca7fd49ce285d2f10e4c1c77e9460cf823eef2de54df0c0fec88b0d81"}, + {file = "argcomplete-1.12.3.tar.gz", hash = "sha256:2c7dbffd8c045ea534921e63b0be6fe65e88599990d8dc408ac8c542b72a5445"}, ] atomicwrites = [ {file = "atomicwrites-1.4.0-py2.py3-none-any.whl", hash = "sha256:6d1784dea7c0c8d4a5172b6c620f40b6e4cbfdf96d783691f2e1302a7b88e197"}, @@ -634,12 +618,12 @@ attrs = [ {file = "attrs-20.3.0.tar.gz", hash = "sha256:832aa3cde19744e49938b91fea06d69ecb9e649c93ba974535d08ad92164f700"}, ] boto3 = [ - {file = "boto3-1.17.33-py2.py3-none-any.whl", hash = "sha256:3306dad87f993703b102a0a70ca19c549b7f41e7f70fa7b4c579735c9f79351d"}, - {file = "boto3-1.17.33.tar.gz", hash = "sha256:0cac2fffc1ba915f7bb5ecee539318532db51f218c928a228fafe3e501e9472e"}, + {file = "boto3-1.17.57-py2.py3-none-any.whl", hash = "sha256:2783947ec34dd84fc36093e8fc8a9a24679cf912a97bc9a0c47f4966ed059a29"}, + {file = "boto3-1.17.57.tar.gz", hash = "sha256:6b4a79691a48740816f03c4cb1e8ef46f8335ad2019d9c4a95da73eb5cb98f05"}, ] botocore = [ - {file = "botocore-1.20.33-py2.py3-none-any.whl", hash = "sha256:a33e862685259fe22d9790d9c9f3567feda8b824d44d3c62a3617af1133543a4"}, - {file = "botocore-1.20.33.tar.gz", hash = "sha256:e355305309699d3aca1e0050fc21d48595b40db046cb0d2491cd57ff5b26920b"}, + {file = "botocore-1.20.57-py2.py3-none-any.whl", hash = "sha256:fa430bc773363a3d332c11c55bd8c0c0a5819d576121eb6990528a1bdaa89bcd"}, + {file = "botocore-1.20.57.tar.gz", hash = "sha256:ae4ac72921f23d35ad54a5fb0989fc00c6fff8a39e24f26128b9315cc6209fec"}, ] c7n = [] certifi = [ @@ -694,17 +678,22 @@ colorama = [ {file = "colorama-0.4.4.tar.gz", hash = "sha256:5941b2b48a20143d2267e95b1c2a7603ce057ee39fd88e7329b0c292aa16869b"}, ] cryptography = [ - {file = "cryptography-3.4.6-cp36-abi3-macosx_10_10_x86_64.whl", hash = "sha256:57ad77d32917bc55299b16d3b996ffa42a1c73c6cfa829b14043c561288d2799"}, - {file = "cryptography-3.4.6-cp36-abi3-manylinux2010_x86_64.whl", hash = "sha256:93cfe5b7ff006de13e1e89830810ecbd014791b042cbe5eec253be11ac2b28f3"}, - {file = "cryptography-3.4.6-cp36-abi3-manylinux2014_aarch64.whl", hash = "sha256:5ecf2bcb34d17415e89b546dbb44e73080f747e504273e4d4987630493cded1b"}, - {file = "cryptography-3.4.6-cp36-abi3-manylinux2014_x86_64.whl", hash = "sha256:fec7fb46b10da10d9e1d078d1ff8ed9e05ae14f431fdbd11145edd0550b9a964"}, - {file = "cryptography-3.4.6-cp36-abi3-win32.whl", hash = "sha256:df186fcbf86dc1ce56305becb8434e4b6b7504bc724b71ad7a3239e0c9d14ef2"}, - {file = "cryptography-3.4.6-cp36-abi3-win_amd64.whl", hash = "sha256:66b57a9ca4b3221d51b237094b0303843b914b7d5afd4349970bb26518e350b0"}, - {file = "cryptography-3.4.6.tar.gz", hash = "sha256:2d32223e5b0ee02943f32b19245b61a62db83a882f0e76cc564e1cec60d48f87"}, + {file = "cryptography-3.4.7-cp36-abi3-macosx_10_10_x86_64.whl", hash = "sha256:3d8427734c781ea5f1b41d6589c293089704d4759e34597dce91014ac125aad1"}, + {file = "cryptography-3.4.7-cp36-abi3-macosx_11_0_arm64.whl", hash = "sha256:8e56e16617872b0957d1c9742a3f94b43533447fd78321514abbe7db216aa250"}, + {file = "cryptography-3.4.7-cp36-abi3-manylinux2010_x86_64.whl", hash = "sha256:37340614f8a5d2fb9aeea67fd159bfe4f5f4ed535b1090ce8ec428b2f15a11f2"}, + {file = "cryptography-3.4.7-cp36-abi3-manylinux2014_aarch64.whl", hash = "sha256:240f5c21aef0b73f40bb9f78d2caff73186700bf1bc6b94285699aff98cc16c6"}, + {file = "cryptography-3.4.7-cp36-abi3-manylinux2014_x86_64.whl", hash = "sha256:1e056c28420c072c5e3cb36e2b23ee55e260cb04eee08f702e0edfec3fb51959"}, + {file = "cryptography-3.4.7-cp36-abi3-win32.whl", hash = "sha256:0f1212a66329c80d68aeeb39b8a16d54ef57071bf22ff4e521657b27372e327d"}, + {file = "cryptography-3.4.7-cp36-abi3-win_amd64.whl", hash = "sha256:de4e5f7f68220d92b7637fc99847475b59154b7a1b3868fb7385337af54ac9ca"}, + {file = "cryptography-3.4.7-pp36-pypy36_pp73-manylinux2010_x86_64.whl", hash = "sha256:26965837447f9c82f1855e0bc8bc4fb910240b6e0d16a664bb722df3b5b06873"}, + {file = "cryptography-3.4.7-pp36-pypy36_pp73-manylinux2014_x86_64.whl", hash = "sha256:eb8cc2afe8b05acbd84a43905832ec78e7b3873fb124ca190f574dca7389a87d"}, + {file = "cryptography-3.4.7-pp37-pypy37_pp73-manylinux2010_x86_64.whl", hash = "sha256:7ec5d3b029f5fa2b179325908b9cd93db28ab7b85bb6c1db56b10e0b54235177"}, + {file = "cryptography-3.4.7-pp37-pypy37_pp73-manylinux2014_x86_64.whl", hash = "sha256:ee77aa129f481be46f8d92a1a7db57269a2f23052d5f2433b4621bb457081cc9"}, + {file = "cryptography-3.4.7.tar.gz", hash = "sha256:3d10de8116d25649631977cb37da6cbdd2d6fa0e0281d014a5b7d337255ca713"}, ] decorator = [ - {file = "decorator-4.4.2-py2.py3-none-any.whl", hash = "sha256:41fa54c2a0cc4ba648be4fd43cff00aedf5b9465c9bf18d64325bc225f08f760"}, - {file = "decorator-4.4.2.tar.gz", hash = "sha256:e3a62f0520172440ca0dcc823749319382e377f37f140a0b99ef45fecb84bfe7"}, + {file = "decorator-5.0.7-py3-none-any.whl", hash = "sha256:945d84890bb20cc4a2f4a31fc4311c0c473af65ea318617f13a7257c9a58bc98"}, + {file = "decorator-5.0.7.tar.gz", hash = "sha256:6f201a6c4dac3d187352661f508b9364ec8091217442c9478f1f83c003a0f060"}, ] "dogpile.cache" = [ {file = "dogpile.cache-1.1.2-py3-none-any.whl", hash = "sha256:b13740e8100ed459928ac50d5ba9a4512934adecd6c0b9af93978789184076f4"}, @@ -715,8 +704,8 @@ idna = [ {file = "idna-2.10.tar.gz", hash = "sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6"}, ] importlib-metadata = [ - {file = "importlib_metadata-3.7.3-py3-none-any.whl", hash = "sha256:b74159469b464a99cb8cc3e21973e4d96e05d3024d337313fedb618a6e86e6f4"}, - {file = "importlib_metadata-3.7.3.tar.gz", hash = "sha256:742add720a20d0467df2f444ae41704000f50e1234f46174b51f9c6031a1bd71"}, + {file = "importlib_metadata-4.0.1-py3-none-any.whl", hash = "sha256:d7eb1dea6d6a6086f8be21784cc9e3bcfa55872b52309bc5fad53a8ea444465d"}, + {file = "importlib_metadata-4.0.1.tar.gz", hash = "sha256:8c501196e49fb9df5df43833bdb1e4328f64847763ec8a50703148b73784d581"}, ] iniconfig = [ {file = "iniconfig-1.1.1-py2.py3-none-any.whl", hash = "sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3"}, @@ -734,10 +723,6 @@ jsonpatch = [ {file = "jsonpatch-1.32-py2.py3-none-any.whl", hash = "sha256:26ac385719ac9f54df8a2f0827bb8253aa3ea8ab7b3368457bcdb8c14595a397"}, {file = "jsonpatch-1.32.tar.gz", hash = "sha256:b6ddfe6c3db30d81a96aaeceb6baf916094ffa23d7dd5fa2c13e13f8b6e600c2"}, ] -jsonpickle = [ - {file = "jsonpickle-1.3-py2.py3-none-any.whl", hash = "sha256:efc6839cb341985f0c24f98650a4c1063a2877c236ffd3d7e1662f0c482bac93"}, - {file = "jsonpickle-1.3.tar.gz", hash = "sha256:71bca2b80ae28af4e3f86629ef247100af7f97032b5ca8d791c1f8725b411d95"}, -] jsonpointer = [ {file = "jsonpointer-2.1-py2.py3-none-any.whl", hash = "sha256:150f80c5badd02c757da6644852f612f88e8b4bc2f9852dcbf557c8738919686"}, {file = "jsonpointer-2.1.tar.gz", hash = "sha256:5a34b698db1eb79ceac454159d3f7c12a451a91f6334a4f638454327b7a89962"}, @@ -750,10 +735,6 @@ keystoneauth1 = [ {file = "keystoneauth1-4.3.1-py3-none-any.whl", hash = "sha256:c4a80b79bc3e0412eb127fa761e80912614f8563646ca34b62bcd9d533f93077"}, {file = "keystoneauth1-4.3.1.tar.gz", hash = "sha256:93605430a6d1424f31659bc5685e9dc1be9a6254e88c99f00cffc0a60c648a64"}, ] -more-itertools = [ - {file = "more-itertools-8.7.0.tar.gz", hash = "sha256:c5d6da9ca3ff65220c3bfd2a8db06d698f05d4d2b9be57e1deb2be5a45019713"}, - {file = "more_itertools-8.7.0-py3-none-any.whl", hash = "sha256:5652a9ac72209ed7df8d9c15daf4e1aa0e3d2ccd3c87f8265a0673cd9cbc9ced"}, -] multidict = [ {file = "multidict-5.1.0-cp36-cp36m-macosx_10_14_x86_64.whl", hash = "sha256:b7993704f1a4b204e71debe6095150d43b2ee6150fa4f44d6d966ec356a8d61f"}, {file = "multidict-5.1.0-cp36-cp36m-manylinux1_i686.whl", hash = "sha256:9dd6e9b1a913d096ac95d0399bd737e00f2af1e1594a787e00f7975778c8b2bf"}, @@ -857,8 +838,8 @@ pyrsistent = [ {file = "pyrsistent-0.17.3.tar.gz", hash = "sha256:2e636185d9eb976a18a8a8e96efce62f2905fea90041958d8cc2a189756ebf3e"}, ] pytest = [ - {file = "pytest-6.0.2-py3-none-any.whl", hash = "sha256:0e37f61339c4578776e090c3b8f6b16ce4db333889d65d0efb305243ec544b40"}, - {file = "pytest-6.0.2.tar.gz", hash = "sha256:c8f57c2a30983f469bf03e68cdfa74dc474ce56b8f280ddcb080dfd91df01043"}, + {file = "pytest-6.2.3-py3-none-any.whl", hash = "sha256:6ad9c7bdf517a808242b998ac20063c41532a570d088d77eec1ee12b0b5574bc"}, + {file = "pytest-6.2.3.tar.gz", hash = "sha256:671238a46e4df0f3498d1c3270e5deb9b32d25134c99b7d75370a68cfbe9b634"}, ] python-dateutil = [ {file = "python-dateutil-2.8.1.tar.gz", hash = "sha256:73ebfe9dbf22e832286dafa60473e4cd239f8592f699aa5adaf10050e6e1823c"}, @@ -896,8 +877,8 @@ requestsexceptions = [ {file = "requestsexceptions-1.4.0.tar.gz", hash = "sha256:b095cbc77618f066d459a02b137b020c37da9f46d9b057704019c9f77dba3065"}, ] s3transfer = [ - {file = "s3transfer-0.3.6-py2.py3-none-any.whl", hash = "sha256:5d48b1fd2232141a9d5fb279709117aaba506cacea7f86f11bc392f06bfa8fc2"}, - {file = "s3transfer-0.3.6.tar.gz", hash = "sha256:c5dadf598762899d8cfaecf68eba649cd25b0ce93b6c954b156aaa3eed160547"}, + {file = "s3transfer-0.4.2-py2.py3-none-any.whl", hash = "sha256:9b3752887a2880690ce628bc263d6d13a3864083aeacff4890c1c9839a5eb0bc"}, + {file = "s3transfer-0.4.2.tar.gz", hash = "sha256:cb022f4b16551edebbb31a377d3f09600dbada7363d8c5db7976e7f47732e1b2"}, ] six = [ {file = "six-1.15.0-py2.py3-none-any.whl", hash = "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced"}, diff --git a/tools/c7n_openstack/pyproject.toml b/tools/c7n_openstack/pyproject.toml index 64eb63a3062..aadbe38eeb9 100644 --- a/tools/c7n_openstack/pyproject.toml +++ b/tools/c7n_openstack/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "c7n_openstack" -version = "0.1.1" +version = "0.1.2" description = "Cloud Custodian - OpenStack Provider" readme = "readme.md" authors = ["Cloud Custodian Project"] @@ -9,6 +9,7 @@ repository = "https://github.com/cloud-custodian/cloud-custodian" documentation = "https://cloudcustodian.io/docs/" license = "Apache-2.0" classifiers = [ + "License :: OSI Approved :: Apache Software License", "Topic :: System :: Systems Administration", "Topic :: System :: Distributed Computing" ] @@ -19,7 +20,7 @@ openstacksdk = "^0.52.0" [tool.poetry.dev-dependencies] c7n = {path = "../..", develop = true} -pytest = "~6.0.0" +pytest = "^6.0.0" vcrpy = "^4.0.2" diff --git a/tools/c7n_openstack/requirements.txt b/tools/c7n_openstack/requirements.txt index 25de73aa9e4..14e96ff83fd 100644 --- a/tools/c7n_openstack/requirements.txt +++ b/tools/c7n_openstack/requirements.txt @@ -2,11 +2,11 @@ appdirs==1.4.4; python_version >= "3.6" certifi==2020.12.5; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" cffi==1.14.5; python_version >= "3.6" chardet==4.0.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" -cryptography==3.4.6; python_version >= "3.6" -decorator==4.4.2; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.2.0" and python_version >= "3.6" +cryptography==3.4.7; python_version >= "3.6" +decorator==5.0.7; python_version >= "3.6" dogpile.cache==1.1.2; python_version >= "3.6" idna==2.10; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" -importlib-metadata==3.7.3; python_version < "3.8" and python_version >= "3.6" +importlib-metadata==4.0.1; python_version < "3.8" and python_version >= "3.6" iso8601==0.1.14; python_version >= "3.6" jmespath==0.10.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.3.0" and python_version >= "3.6" jsonpatch==1.32; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" diff --git a/tools/c7n_openstack/setup.py b/tools/c7n_openstack/setup.py index 76962a944c2..cf1f680661b 100644 --- a/tools/c7n_openstack/setup.py +++ b/tools/c7n_openstack/setup.py @@ -10,20 +10,19 @@ {'': ['*']} install_requires = \ -['argcomplete (>=1.12.2,<2.0.0)', +['argcomplete (>=1.12.3,<2.0.0)', 'attrs (>=20.3.0,<21.0.0)', - 'boto3 (>=1.17.33,<2.0.0)', - 'botocore (>=1.20.33,<2.0.0)', - 'c7n (>=0.9.11,<0.10.0)', - 'importlib-metadata (>=3.7.3,<4.0.0)', + 'boto3 (>=1.17.57,<2.0.0)', + 'botocore (>=1.20.57,<2.0.0)', + 'c7n (>=0.9.12,<0.10.0)', + 'importlib-metadata (>=4.0.1,<5.0.0)', 'jmespath (>=0.10.0,<0.11.0)', - 'jsonpickle (>=1.3,<2.0)', 'jsonschema (>=3.2.0,<4.0.0)', 'openstacksdk>=0.52.0,<0.53.0', 'pyrsistent (>=0.17.3,<0.18.0)', 'python-dateutil (>=2.8.1,<3.0.0)', 'pyyaml (>=5.4.1,<6.0.0)', - 's3transfer (>=0.3.6,<0.4.0)', + 's3transfer (>=0.4.2,<0.5.0)', 'six (>=1.15.0,<2.0.0)', 'tabulate (>=0.8.9,<0.9.0)', 'typing-extensions (>=3.7.4.3,<4.0.0.0)', @@ -32,8 +31,14 @@ setup_kwargs = { 'name': 'c7n-openstack', - 'version': '0.1.1', + 'version': '0.1.2', 'description': 'Cloud Custodian - OpenStack Provider', + 'license': 'Apache-2.0', + 'classifiers': [ + 'License :: OSI Approved :: Apache Software License', + 'Topic :: System :: Systems Administration', + 'Topic :: System :: Distributed Computing' + ], 'long_description': "# Custodian OpenStack Support\n\nWork in Progress - Not Ready For Use.\n\n## Quick Start\n\n### Installation\n\n```\npip install c7n_openstack\n```\n\n### OpenStack Environment Configration\n\nC7N will find cloud config for as few as 1 cloud and as many as you want to put in a config file.\nIt will read environment variables and config files, and it also contains some vendor specific default\nvalues so that you don't have to know extra info to use OpenStack:\n\n* If you have a config file, you will get the clouds listed in it\n* If you have environment variables, you will get a cloud named envvars\n* If you have neither, you will get a cloud named defaults with base defaults\n\nCreate a clouds.yml file:\n\n```yaml\nclouds:\n demo:\n region_name: RegionOne\n auth:\n username: 'admin'\n password: XXXXXXX\n project_name: 'admin'\n domain_name: 'Default'\n auth_url: 'https://montytaylor-sjc.openstack.blueboxgrid.com:5001/v2.0'\n```\n\nPlease note: c7n will look for a file called `clouds.yaml` in the following locations:\n\n* Current Directory\n* ~/.config/openstack\n* /etc/openstack\n\nMore information at [https://pypi.org/project/os-client-config](https://pypi.org/project/os-client-config)\n\n### Create a c7n policy yaml file as follows:\n\n```yaml\npolicies:\n- name: demo\n resource: openstack.flavor\n filters:\n - type: value\n key: vcpus\n value: 1\n op: gt\n```\n\n### Run c7n and report the matched resources:\n\n```sh\nmkdir -p output\ncustodian run demo.yaml -s output\ncustodian report demo.yaml -s output --format grid\n```\n\n## Examples\n\nfilter examples:\n\n```yaml\npolicies:\n- name: test-flavor\n resource: openstack.flavor\n filters:\n - type: value\n key: vcpus\n value: 1\n op: gt\n- name: test-project\n resource: openstack.project\n filters: []\n- name: test-server-image\n resource: openstack.server\n filters:\n - type: image\n image_name: cirros-0.5.1\n- name: test-user\n resource: openstack.user\n filters:\n - type: role\n project_name: demo\n role_name: _member_\n system_scope: false\n- name: test-server-flavor\n resource: openstack.server\n filters:\n - type: flavor\n vcpus: 1\n- name: test-server-age\n resource: openstack.server\n filters:\n - type: age\n op: lt\n days: 1\n- name: test-server-tags\n resource: openstack.server\n filters:\n - type: tags\n tags:\n - key: a\n value: a\n - key: b\n value: c\n op: any\n```\n", 'long_description_content_type': 'text/markdown', 'author': 'Cloud Custodian Project', diff --git a/tools/c7n_org/c7n_org/cli.py b/tools/c7n_org/c7n_org/cli.py index b938ce28b16..e518e6057d1 100644 --- a/tools/c7n_org/c7n_org/cli.py +++ b/tools/c7n_org/c7n_org/cli.py @@ -8,7 +8,7 @@ import logging import os import time -import subprocess +import subprocess # nosec import sys import multiprocessing @@ -83,6 +83,7 @@ 'required': ['subscription_id'], 'properties': { 'subscription_id': {'type': 'string'}, + 'region': {'type': 'string'}, 'tags': {'type': 'array', 'items': {'type': 'string'}}, 'name': {'type': 'string'}, 'vars': {'type': 'object'}, @@ -404,7 +405,7 @@ def report(config, output, use, output_dir, accounts, fields=prefix_fields) rows = formatter.to_csv(records, unique=False) - writer = csv.writer(output, formatter.headers()) + writer = csv.writer(output, formatter.headers(), quoting=csv.QUOTE_ALL) writer.writerow(formatter.headers()) writer.writerows(rows) @@ -440,7 +441,7 @@ def run_account_script(account, region, output_dir, debug, script_args): account['name'], region, " ".join(script_args)) if debug: - subprocess.check_call(args=script_args, env=env) + subprocess.check_call(args=script_args, env=env) # nosec return 0 output_dir = os.path.join(output_dir, account['name'], region) @@ -449,7 +450,7 @@ def run_account_script(account, region, output_dir, debug, script_args): with open(os.path.join(output_dir, 'stdout'), 'wb') as stdout: with open(os.path.join(output_dir, 'stderr'), 'wb') as stderr: - return subprocess.call( + return subprocess.call( # nosec args=script_args, env=env, stdout=stdout, stderr=stderr) @@ -518,7 +519,7 @@ def accounts_iterator(config): for a in config.get('subscriptions', ()): d = {'account_id': a['subscription_id'], 'name': a.get('name', a['subscription_id']), - 'regions': ['global'], + 'regions': [a.get('region', 'global')], 'provider': 'azure', 'tags': a.get('tags', ()), 'vars': a.get('vars', {})} diff --git a/tools/c7n_org/poetry.lock b/tools/c7n_org/poetry.lock index f10a41ceeac..03cbe686928 100644 --- a/tools/c7n_org/poetry.lock +++ b/tools/c7n_org/poetry.lock @@ -1,13 +1,13 @@ [[package]] name = "argcomplete" -version = "1.12.2" +version = "1.12.3" description = "Bash tab completion for argparse" category = "dev" optional = false python-versions = "*" [package.dependencies] -importlib-metadata = {version = ">=0.23,<4", markers = "python_version == \"3.6\" or python_version == \"3.7\""} +importlib-metadata = {version = ">=0.23,<5", markers = "python_version == \"3.6\" or python_version == \"3.7\""} [package.extras] test = ["coverage", "flake8", "pexpect", "wheel"] @@ -36,20 +36,20 @@ tests_no_zope = ["coverage[toml] (>=5.0.2)", "hypothesis", "pympler", "pytest (> [[package]] name = "boto3" -version = "1.17.33" +version = "1.17.57" description = "The AWS SDK for Python" category = "dev" optional = false python-versions = ">= 2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" [package.dependencies] -botocore = ">=1.20.33,<1.21.0" +botocore = ">=1.20.57,<1.21.0" jmespath = ">=0.7.1,<1.0.0" -s3transfer = ">=0.3.0,<0.4.0" +s3transfer = ">=0.4.0,<0.5.0" [[package]] name = "botocore" -version = "1.20.33" +version = "1.20.57" description = "Low-level, data-driven core of boto 3." category = "dev" optional = false @@ -61,11 +61,11 @@ python-dateutil = ">=2.1,<3.0.0" urllib3 = ">=1.25.4,<1.27" [package.extras] -crt = ["awscrt (==0.10.8)"] +crt = ["awscrt (==0.11.11)"] [[package]] name = "c7n" -version = "0.9.11" +version = "0.9.12" description = "Cloud Custodian - Policy Rules Engine" category = "dev" optional = false @@ -76,7 +76,6 @@ develop = true argcomplete = "^1.11.1" boto3 = "^1.12.31" importlib-metadata = ">1.7.0;python_version<3.8" -jsonpickle = "1.3" jsonschema = "^3.2.0" python-dateutil = "^2.8.1" pyyaml = "^5.3" @@ -104,7 +103,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" [[package]] name = "importlib-metadata" -version = "3.7.3" +version = "4.0.1" description = "Read metadata from Python packages" category = "dev" optional = false @@ -116,7 +115,7 @@ zipp = ">=0.5" [package.extras] docs = ["sphinx", "jaraco.packaging (>=8.2)", "rst.linker (>=1.9)"] -testing = ["pytest (>=3.5,!=3.7.3)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pytest-cov", "pytest-enabler", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] +testing = ["pytest (>=4.6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-cov", "pytest-enabler (>=1.0.1)", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] [[package]] name = "iniconfig" @@ -134,14 +133,6 @@ category = "dev" optional = false python-versions = ">=2.6, !=3.0.*, !=3.1.*, !=3.2.*" -[[package]] -name = "jsonpickle" -version = "1.3" -description = "Python library for serializing any arbitrary object graph into JSON" -category = "dev" -optional = false -python-versions = "*" - [[package]] name = "jsonschema" version = "3.2.0" @@ -160,14 +151,6 @@ six = ">=1.11.0" format = ["idna", "jsonpointer (>1.13)", "rfc3987", "strict-rfc3339", "webcolors"] format_nongpl = ["idna", "jsonpointer (>1.13)", "webcolors", "rfc3986-validator (>0.1.0)", "rfc3339-validator"] -[[package]] -name = "more-itertools" -version = "8.7.0" -description = "More routines for operating on iterables, beyond itertools" -category = "dev" -optional = false -python-versions = ">=3.5" - [[package]] name = "packaging" version = "20.9" @@ -219,26 +202,24 @@ python-versions = ">=3.5" [[package]] name = "pytest" -version = "6.0.2" +version = "6.2.3" description = "pytest: simple powerful testing with Python" category = "dev" optional = false -python-versions = ">=3.5" +python-versions = ">=3.6" [package.dependencies] atomicwrites = {version = ">=1.0", markers = "sys_platform == \"win32\""} -attrs = ">=17.4.0" +attrs = ">=19.2.0" colorama = {version = "*", markers = "sys_platform == \"win32\""} importlib-metadata = {version = ">=0.12", markers = "python_version < \"3.8\""} iniconfig = "*" -more-itertools = ">=4.0.0" packaging = "*" -pluggy = ">=0.12,<1.0" +pluggy = ">=0.12,<1.0.0a1" py = ">=1.8.2" toml = "*" [package.extras] -checkqa_mypy = ["mypy (==0.780)"] testing = ["argcomplete", "hypothesis (>=3.56)", "mock", "nose", "requests", "xmlschema"] [[package]] @@ -262,7 +243,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" [[package]] name = "s3transfer" -version = "0.3.6" +version = "0.4.2" description = "An Amazon S3 Transfer Manager" category = "dev" optional = false @@ -271,6 +252,9 @@ python-versions = "*" [package.dependencies] botocore = ">=1.12.36,<2.0a.0" +[package.extras] +crt = ["botocore[crt] (>=1.20.29,<2.0a.0)"] + [[package]] name = "six" version = "1.15.0" @@ -334,12 +318,12 @@ testing = ["pytest (>=4.6)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pyt [metadata] lock-version = "1.1" python-versions = "^3.6" -content-hash = "d7f9742da620483e6dddc39a0c95bab42b44a899e89ba2385e31e7ce28b5a2e6" +content-hash = "171039be9df6511d9fe75a2e02db8a0d864bba8857d5c4a024129b1171bf573c" [metadata.files] argcomplete = [ - {file = "argcomplete-1.12.2-py2.py3-none-any.whl", hash = "sha256:17f01a9b9b9ece3e6b07058eae737ad6e10de8b4e149105f84614783913aba71"}, - {file = "argcomplete-1.12.2.tar.gz", hash = "sha256:de0e1282330940d52ea92a80fea2e4b9e0da1932aaa570f84d268939d1897b04"}, + {file = "argcomplete-1.12.3-py2.py3-none-any.whl", hash = "sha256:291f0beca7fd49ce285d2f10e4c1c77e9460cf823eef2de54df0c0fec88b0d81"}, + {file = "argcomplete-1.12.3.tar.gz", hash = "sha256:2c7dbffd8c045ea534921e63b0be6fe65e88599990d8dc408ac8c542b72a5445"}, ] atomicwrites = [ {file = "atomicwrites-1.4.0-py2.py3-none-any.whl", hash = "sha256:6d1784dea7c0c8d4a5172b6c620f40b6e4cbfdf96d783691f2e1302a7b88e197"}, @@ -350,12 +334,12 @@ attrs = [ {file = "attrs-20.3.0.tar.gz", hash = "sha256:832aa3cde19744e49938b91fea06d69ecb9e649c93ba974535d08ad92164f700"}, ] boto3 = [ - {file = "boto3-1.17.33-py2.py3-none-any.whl", hash = "sha256:3306dad87f993703b102a0a70ca19c549b7f41e7f70fa7b4c579735c9f79351d"}, - {file = "boto3-1.17.33.tar.gz", hash = "sha256:0cac2fffc1ba915f7bb5ecee539318532db51f218c928a228fafe3e501e9472e"}, + {file = "boto3-1.17.57-py2.py3-none-any.whl", hash = "sha256:2783947ec34dd84fc36093e8fc8a9a24679cf912a97bc9a0c47f4966ed059a29"}, + {file = "boto3-1.17.57.tar.gz", hash = "sha256:6b4a79691a48740816f03c4cb1e8ef46f8335ad2019d9c4a95da73eb5cb98f05"}, ] botocore = [ - {file = "botocore-1.20.33-py2.py3-none-any.whl", hash = "sha256:a33e862685259fe22d9790d9c9f3567feda8b824d44d3c62a3617af1133543a4"}, - {file = "botocore-1.20.33.tar.gz", hash = "sha256:e355305309699d3aca1e0050fc21d48595b40db046cb0d2491cd57ff5b26920b"}, + {file = "botocore-1.20.57-py2.py3-none-any.whl", hash = "sha256:fa430bc773363a3d332c11c55bd8c0c0a5819d576121eb6990528a1bdaa89bcd"}, + {file = "botocore-1.20.57.tar.gz", hash = "sha256:ae4ac72921f23d35ad54a5fb0989fc00c6fff8a39e24f26128b9315cc6209fec"}, ] c7n = [] click = [ @@ -367,8 +351,8 @@ colorama = [ {file = "colorama-0.4.4.tar.gz", hash = "sha256:5941b2b48a20143d2267e95b1c2a7603ce057ee39fd88e7329b0c292aa16869b"}, ] importlib-metadata = [ - {file = "importlib_metadata-3.7.3-py3-none-any.whl", hash = "sha256:b74159469b464a99cb8cc3e21973e4d96e05d3024d337313fedb618a6e86e6f4"}, - {file = "importlib_metadata-3.7.3.tar.gz", hash = "sha256:742add720a20d0467df2f444ae41704000f50e1234f46174b51f9c6031a1bd71"}, + {file = "importlib_metadata-4.0.1-py3-none-any.whl", hash = "sha256:d7eb1dea6d6a6086f8be21784cc9e3bcfa55872b52309bc5fad53a8ea444465d"}, + {file = "importlib_metadata-4.0.1.tar.gz", hash = "sha256:8c501196e49fb9df5df43833bdb1e4328f64847763ec8a50703148b73784d581"}, ] iniconfig = [ {file = "iniconfig-1.1.1-py2.py3-none-any.whl", hash = "sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3"}, @@ -378,18 +362,10 @@ jmespath = [ {file = "jmespath-0.10.0-py2.py3-none-any.whl", hash = "sha256:cdf6525904cc597730141d61b36f2e4b8ecc257c420fa2f4549bac2c2d0cb72f"}, {file = "jmespath-0.10.0.tar.gz", hash = "sha256:b85d0567b8666149a93172712e68920734333c0ce7e89b78b3e987f71e5ed4f9"}, ] -jsonpickle = [ - {file = "jsonpickle-1.3-py2.py3-none-any.whl", hash = "sha256:efc6839cb341985f0c24f98650a4c1063a2877c236ffd3d7e1662f0c482bac93"}, - {file = "jsonpickle-1.3.tar.gz", hash = "sha256:71bca2b80ae28af4e3f86629ef247100af7f97032b5ca8d791c1f8725b411d95"}, -] jsonschema = [ {file = "jsonschema-3.2.0-py2.py3-none-any.whl", hash = "sha256:4e5b3cf8216f577bee9ce139cbe72eca3ea4f292ec60928ff24758ce626cd163"}, {file = "jsonschema-3.2.0.tar.gz", hash = "sha256:c8a85b28d377cc7737e46e2d9f2b4f44ee3c0e1deac6bf46ddefc7187d30797a"}, ] -more-itertools = [ - {file = "more-itertools-8.7.0.tar.gz", hash = "sha256:c5d6da9ca3ff65220c3bfd2a8db06d698f05d4d2b9be57e1deb2be5a45019713"}, - {file = "more_itertools-8.7.0-py3-none-any.whl", hash = "sha256:5652a9ac72209ed7df8d9c15daf4e1aa0e3d2ccd3c87f8265a0673cd9cbc9ced"}, -] packaging = [ {file = "packaging-20.9-py2.py3-none-any.whl", hash = "sha256:67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a"}, {file = "packaging-20.9.tar.gz", hash = "sha256:5b327ac1320dc863dca72f4514ecc086f31186744b84a230374cc1fd776feae5"}, @@ -410,8 +386,8 @@ pyrsistent = [ {file = "pyrsistent-0.17.3.tar.gz", hash = "sha256:2e636185d9eb976a18a8a8e96efce62f2905fea90041958d8cc2a189756ebf3e"}, ] pytest = [ - {file = "pytest-6.0.2-py3-none-any.whl", hash = "sha256:0e37f61339c4578776e090c3b8f6b16ce4db333889d65d0efb305243ec544b40"}, - {file = "pytest-6.0.2.tar.gz", hash = "sha256:c8f57c2a30983f469bf03e68cdfa74dc474ce56b8f280ddcb080dfd91df01043"}, + {file = "pytest-6.2.3-py3-none-any.whl", hash = "sha256:6ad9c7bdf517a808242b998ac20063c41532a570d088d77eec1ee12b0b5574bc"}, + {file = "pytest-6.2.3.tar.gz", hash = "sha256:671238a46e4df0f3498d1c3270e5deb9b32d25134c99b7d75370a68cfbe9b634"}, ] python-dateutil = [ {file = "python-dateutil-2.8.1.tar.gz", hash = "sha256:73ebfe9dbf22e832286dafa60473e4cd239f8592f699aa5adaf10050e6e1823c"}, @@ -441,8 +417,8 @@ pyyaml = [ {file = "PyYAML-5.4.1.tar.gz", hash = "sha256:607774cbba28732bfa802b54baa7484215f530991055bb562efbed5b2f20a45e"}, ] s3transfer = [ - {file = "s3transfer-0.3.6-py2.py3-none-any.whl", hash = "sha256:5d48b1fd2232141a9d5fb279709117aaba506cacea7f86f11bc392f06bfa8fc2"}, - {file = "s3transfer-0.3.6.tar.gz", hash = "sha256:c5dadf598762899d8cfaecf68eba649cd25b0ce93b6c954b156aaa3eed160547"}, + {file = "s3transfer-0.4.2-py2.py3-none-any.whl", hash = "sha256:9b3752887a2880690ce628bc263d6d13a3864083aeacff4890c1c9839a5eb0bc"}, + {file = "s3transfer-0.4.2.tar.gz", hash = "sha256:cb022f4b16551edebbb31a377d3f09600dbada7363d8c5db7976e7f47732e1b2"}, ] six = [ {file = "six-1.15.0-py2.py3-none-any.whl", hash = "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced"}, diff --git a/tools/c7n_org/pyproject.toml b/tools/c7n_org/pyproject.toml index b819fcc4dbe..e34d698150c 100644 --- a/tools/c7n_org/pyproject.toml +++ b/tools/c7n_org/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "c7n_org" -version = "0.6.10" +version = "0.6.11" description = "Cloud Custodian - Parallel Execution" readme = "README.md" homepage = "https://cloudcustodian.io" @@ -9,6 +9,7 @@ repository = "https://github.com/cloud-custodian/cloud-custodian" authors = ["Cloud Custodian Project"] license = "Apache-2.0" classifiers=[ + "License :: OSI Approved :: Apache Software License", "Topic :: System :: Systems Administration", "Topic :: System :: Distributed Computing" ] @@ -22,7 +23,7 @@ click = "^7.0" [tool.poetry.dev-dependencies] c7n = {path = "../..", develop = true} -pytest = "~6.0.0" +pytest = "^6.0.0" [build-system] requires = ["poetry>=0.12", "setuptools"] diff --git a/tools/c7n_org/scripts/azuresubs.py b/tools/c7n_org/scripts/azuresubs.py index 9e96a225a6f..c275ee4e28b 100644 --- a/tools/c7n_org/scripts/azuresubs.py +++ b/tools/c7n_org/scripts/azuresubs.py @@ -6,6 +6,8 @@ from c7n.utils import yaml_dump from azure.mgmt.resource.subscriptions import SubscriptionClient +NAME_TEMPLATE = "{name}" + @click.command() @click.option( @@ -16,7 +18,11 @@ ['Enabled', 'Warned', 'PastDue', 'Disabled', 'Deleted']), default=('Enabled',), help="File to store the generated config (default stdout)") -def main(output, state): +@click.option( + '--name', + default=NAME_TEMPLATE, + help="Name template for subscriptions in the config, defaults to %s" % NAME_TEMPLATE) +def main(output, state, name): """ Generate a c7n-org subscriptions config file """ @@ -31,6 +37,7 @@ def main(output, state): 'subscription_id': sub['subscriptionId'], 'name': sub['displayName'] } + sub_info['name'] = name.format(**sub_info) results.append(sub_info) print(yaml_dump({'subscriptions': results}), file=output) diff --git a/tools/c7n_org/setup.py b/tools/c7n_org/setup.py index 9912f83830f..13f33f44c19 100644 --- a/tools/c7n_org/setup.py +++ b/tools/c7n_org/setup.py @@ -10,20 +10,19 @@ {'': ['*']} install_requires = \ -['argcomplete (>=1.12.2,<2.0.0)', +['argcomplete (>=1.12.3,<2.0.0)', 'attrs (>=20.3.0,<21.0.0)', - 'boto3 (>=1.17.33,<2.0.0)', - 'botocore (>=1.20.33,<2.0.0)', - 'c7n (>=0.9.11,<0.10.0)', + 'boto3 (>=1.17.57,<2.0.0)', + 'botocore (>=1.20.57,<2.0.0)', + 'c7n (>=0.9.12,<0.10.0)', 'click>=7.0,<8.0', - 'importlib-metadata (>=3.7.3,<4.0.0)', + 'importlib-metadata (>=4.0.1,<5.0.0)', 'jmespath (>=0.10.0,<0.11.0)', - 'jsonpickle (>=1.3,<2.0)', 'jsonschema (>=3.2.0,<4.0.0)', 'pyrsistent (>=0.17.3,<0.18.0)', 'python-dateutil (>=2.8.1,<3.0.0)', 'pyyaml (>=5.4.1,<6.0.0)', - 's3transfer (>=0.3.6,<0.4.0)', + 's3transfer (>=0.4.2,<0.5.0)', 'six (>=1.15.0,<2.0.0)', 'tabulate (>=0.8.9,<0.9.0)', 'typing-extensions (>=3.7.4.3,<4.0.0.0)', @@ -35,8 +34,14 @@ setup_kwargs = { 'name': 'c7n-org', - 'version': '0.6.10', + 'version': '0.6.11', 'description': 'Cloud Custodian - Parallel Execution', + 'license': 'Apache-2.0', + 'classifiers': [ + 'License :: OSI Approved :: Apache Software License', + 'Topic :: System :: Systems Administration', + 'Topic :: System :: Distributed Computing' + ], 'long_description': '# c7n-org: Multi Account Custodian Execution\n\n[//]: # ( !!! IMPORTANT !!! )\n[//]: # (This file is moved during document generation.)\n[//]: # (Only edit the original document at ./tools/c7n_org/README.md)\n\nc7n-org is a tool to run custodian against multiple AWS accounts,\nAzure subscriptions, or GCP projects in parallel.\n\n## Installation\n\n```shell\npip install c7n-org\n```\n\nc7n-org has 3 run modes:\n\n```shell\nUsage: c7n-org [OPTIONS] COMMAND [ARGS]...\n\n custodian organization multi-account runner.\n\nOptions:\n --help Show this message and exit.\n\nCommands:\n report report on an AWS cross account policy execution\n run run a custodian policy across accounts (AWS, Azure, GCP)\n run-script run a script across AWS accounts\n```\n\nIn order to run c7n-org against multiple accounts, a config file must\nfirst be created containing pertinent information about the accounts:\n\n\nExample AWS Config File:\n\n```yaml\naccounts:\n- account_id: \'123123123123\'\n name: account-1\n regions:\n - us-east-1\n - us-west-2\n role: arn:aws:iam::123123123123:role/CloudCustodian\n vars:\n charge_code: xyz\n tags:\n - type:prod\n - division:some division\n - partition:us\n - scope:pci\n...\n```\n\nExample Azure Config File:\n\n```yaml\nsubscriptions:\n- name: Subscription-1\n subscription_id: a1b2c3d4-e5f6-g7h8i9...\n- name: Subscription-2\n subscription_id: 1z2y3x4w-5v6u-7t8s9r...\n```\n\nExample GCP Config File:\n\n```yaml\nprojects:\n- name: app-dev\n project_id: app-203501\n tags:\n - label:env:dev \n- name: app-prod\n project_id: app-1291\n tags:\n - label:env:dev\n\n```\n\n### Config File Generation\n\nWe also distribute scripts to generate the necessary config file in the `scripts` folder.\n\n**Note** Currently these are distributed only via git, per\nhttps://github.com/cloud-custodian/cloud-custodian/issues/2420 we\'ll\nbe looking to incorporate them into a new c7n-org subcommand.\n\n- For **AWS**, the script `orgaccounts.py` generates a config file\n from the AWS Organizations API\n\n- For **Azure**, the script `azuresubs.py` generates a config file\n from the Azure Resource Management API\n\n - Please see the [Additional Azure Instructions](#Additional-Azure-Instructions)\n - for initial setup and other important info\n\n- For **GCP**, the script `gcpprojects.py` generates a config file from\n the GCP Resource Management API\n\n\n```shell\npython orgaccounts.py -f accounts.yml\n```\n```shell\npython azuresubs.py -f subscriptions.yml\n```\n```shell\npython gcpprojects.py -f projects.yml\n```\n\n## Running a Policy with c7n-org\n\nTo run a policy, the following arguments must be passed in:\n\n```shell\n-c | accounts|projects|subscriptions config file\n-s | output directory\n-u | policy\n```\n\n\n```shell\nc7n-org run -c accounts.yml -s output -u test.yml --dryrun\n```\n\nAfter running the above command, the following folder structure will be created:\n\n```\noutput\n |_ account-1\n |_ us-east-1\n |_ policy-name\n |_ resources.json\n |_ custodian-run.log\n |_ us-west-2\n |_ policy-name\n |_ resources.json\n |_ custodian-run.log\n |- account-2\n...\n```\n\nUse `c7n-org report` to generate a csv report from the output directory.\n\n## Selecting accounts, regions, policies for execution\n\nYou can filter the accounts to be run against by either passing the\naccount name or id via the `-a` flag, which can be specified multiple\ntimes, or alternatively with comma separated values.\n\nGroups of accounts can also be selected for execution by specifying\nthe `-t` tag filter. Account tags are specified in the config\nfile. ie given the above accounts config file you can specify all prod\naccounts with `-t type:prod`. you can specify the -t flag multiple\ntimes or use a comma separated list.\n\nYou can specify which policies to use for execution by either\nspecifying `-p` or selecting groups of policies via their tags with\n`-l`, both options support being specified multiple times or using\ncomma separated values.\n\nBy default in aws, c7n-org will execute in parallel across regions,\nthe \'-r\' flag can be specified multiple times, and defaults to\n(us-east-1, us-west-2). a special value of `all` will execute across\nall regions.\n\n\nSee `c7n-org run --help` for more information.\n\n## Defining and using variables\n\nEach account/subscription/project configuration in the config file can\nalso define a variables section `vars` that can be used in policies\'\ndefinitions and are interpolated at execution time. These are in\naddition to the default runtime variables custodian provides like\n`account_id`, `now`, and `region`.\n\nExample of defining in c7n-org config file:\n\n```yaml\naccounts:\n- account_id: \'123123123123\'\n name: account-1\n role: arn:aws:iam::123123123123:role/CloudCustodian\n vars:\n charge_code: xyz\n```\n\nExample of using in a policy file:\n\n```yaml\npolicies:\n - name: ec2-check-tag\n resource: aws.ec2\n filters:\n - "tag:CostCenter": "{charge_code}"\n```\n\n**Note** Variable interpolation is sensitive to proper quoting and spacing,\ni.e., `{ charge_code }` would be invalid due to the extra white space. Additionally,\nyaml parsing can transform a value like `{charge_code}` to null, unless it\'s quoted\nin strings like the above example. Values that do interpolation into other content\ndon\'t require quoting, i.e., "my_{charge_code}".\n\n## Other commands\n\nc7n-org also supports running arbitrary scripts against accounts via the run-script command.\nFor AWS the standard AWS SDK credential information is exported into the process environment before executing.\nFor Azure and GCP, only the environment variables `AZURE_SUBSCRIPTION_ID` and `PROJECT_ID` are exported(in addition\nof the system env variables).\n\nc7n-org also supports generating reports for a given policy execution\nacross accounts via the `c7n-org report` subcommand.\n\n## Additional Azure Instructions\n\nIf you\'re using an Azure Service Principal for executing c7n-org\nyou\'ll need to ensure that the principal has access to multiple\nsubscriptions.\n\nFor instructions on creating a service principal and granting access\nacross subscriptions, visit the [Azure authentication docs\npage](https://cloudcustodian.io/docs/azure/authentication.html).\n', 'long_description_content_type': 'text/markdown', 'author': 'Cloud Custodian Project', diff --git a/tools/c7n_org/tests/test_org.py b/tools/c7n_org/tests/test_org.py index fdad1d4b223..459dca55189 100644 --- a/tools/c7n_org/tests/test_org.py +++ b/tools/c7n_org/tests/test_org.py @@ -3,6 +3,8 @@ import copy import mock import os + +import pytest import yaml from c7n.testing import TestUtils @@ -31,6 +33,14 @@ }] } +ACCOUNTS_AZURE_GOV = { + 'subscriptions': [{ + 'subscription_id': 'ea42f556-5106-4743-22aa-aabbccddeeff', + 'name': 'azure_gov', + 'region': 'AzureUSGovernment' + }] +} + ACCOUNTS_GCP = { 'projects': [{ 'project_id': 'custodian-1291', @@ -98,6 +108,30 @@ def test_validate_azure_provider(self): catch_exceptions=False) self.assertEqual(result.exit_code, 0) + # This test won't run with real credentials unless the + # tenant is actually in Azure US Government + @pytest.mark.skiplive + def test_validate_azure_provider_gov(self): + run_dir = self.setup_run_dir( + accounts=ACCOUNTS_AZURE_GOV, + policies={'policies': [{ + 'name': 'vms', + 'resource': 'azure.vm'}] + }) + logger = mock.MagicMock() + run_account = mock.MagicMock() + run_account.return_value = ({}, True) + self.patch(org, 'logging', logger) + self.patch(org, 'run_account', run_account) + self.change_cwd(run_dir) + runner = CliRunner() + result = runner.invoke( + org.cli, + ['run', '-c', 'accounts.yml', '-u', 'policies.yml', + '--debug', '-s', 'output', '--cache-path', 'cache'], + catch_exceptions=False) + self.assertEqual(result.exit_code, 0) + def test_validate_gcp_provider(self): run_dir = self.setup_run_dir( accounts=ACCOUNTS_GCP, diff --git a/tools/c7n_policystream/poetry.lock b/tools/c7n_policystream/poetry.lock index 6afe3fe80fe..ccb70de9ff2 100644 --- a/tools/c7n_policystream/poetry.lock +++ b/tools/c7n_policystream/poetry.lock @@ -1,13 +1,13 @@ [[package]] name = "argcomplete" -version = "1.12.2" +version = "1.12.3" description = "Bash tab completion for argparse" category = "dev" optional = false python-versions = "*" [package.dependencies] -importlib-metadata = {version = ">=0.23,<4", markers = "python_version == \"3.6\" or python_version == \"3.7\""} +importlib-metadata = {version = ">=0.23,<5", markers = "python_version == \"3.6\" or python_version == \"3.7\""} [package.extras] test = ["coverage", "flake8", "pexpect", "wheel"] @@ -36,20 +36,20 @@ tests_no_zope = ["coverage[toml] (>=5.0.2)", "hypothesis", "pympler", "pytest (> [[package]] name = "boto3" -version = "1.17.33" +version = "1.17.57" description = "The AWS SDK for Python" category = "main" optional = false python-versions = ">= 2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" [package.dependencies] -botocore = ">=1.20.33,<1.21.0" +botocore = ">=1.20.57,<1.21.0" jmespath = ">=0.7.1,<1.0.0" -s3transfer = ">=0.3.0,<0.4.0" +s3transfer = ">=0.4.0,<0.5.0" [[package]] name = "botocore" -version = "1.20.33" +version = "1.20.57" description = "Low-level, data-driven core of boto 3." category = "main" optional = false @@ -61,11 +61,11 @@ python-dateutil = ">=2.1,<3.0.0" urllib3 = ">=1.25.4,<1.27" [package.extras] -crt = ["awscrt (==0.10.8)"] +crt = ["awscrt (==0.11.11)"] [[package]] name = "c7n" -version = "0.9.11" +version = "0.9.12" description = "Cloud Custodian - Policy Rules Engine" category = "dev" optional = false @@ -76,7 +76,6 @@ develop = true argcomplete = "^1.11.1" boto3 = "^1.12.31" importlib-metadata = ">1.7.0;python_version<3.8" -jsonpickle = "1.3" jsonschema = "^3.2.0" python-dateutil = "^2.8.1" pyyaml = "^5.3" @@ -147,7 +146,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" [[package]] name = "importlib-metadata" -version = "3.7.3" +version = "4.0.1" description = "Read metadata from Python packages" category = "dev" optional = false @@ -159,7 +158,7 @@ zipp = ">=0.5" [package.extras] docs = ["sphinx", "jaraco.packaging (>=8.2)", "rst.linker (>=1.9)"] -testing = ["pytest (>=3.5,!=3.7.3)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pytest-cov", "pytest-enabler", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] +testing = ["pytest (>=4.6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-cov", "pytest-enabler (>=1.0.1)", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] [[package]] name = "iniconfig" @@ -177,14 +176,6 @@ category = "main" optional = false python-versions = ">=2.6, !=3.0.*, !=3.1.*, !=3.2.*" -[[package]] -name = "jsonpickle" -version = "1.3" -description = "Python library for serializing any arbitrary object graph into JSON" -category = "dev" -optional = false -python-versions = "*" - [[package]] name = "jsonschema" version = "3.2.0" @@ -216,14 +207,6 @@ build = ["twine", "wheel", "blurb"] docs = ["sphinx"] test = ["pytest (<5.4)", "pytest-cov"] -[[package]] -name = "more-itertools" -version = "8.7.0" -description = "More routines for operating on iterables, beyond itertools" -category = "dev" -optional = false -python-versions = ">=3.5" - [[package]] name = "packaging" version = "20.9" @@ -295,26 +278,24 @@ python-versions = ">=3.5" [[package]] name = "pytest" -version = "6.0.2" +version = "6.2.3" description = "pytest: simple powerful testing with Python" category = "dev" optional = false -python-versions = ">=3.5" +python-versions = ">=3.6" [package.dependencies] atomicwrites = {version = ">=1.0", markers = "sys_platform == \"win32\""} -attrs = ">=17.4.0" +attrs = ">=19.2.0" colorama = {version = "*", markers = "sys_platform == \"win32\""} importlib-metadata = {version = ">=0.12", markers = "python_version < \"3.8\""} iniconfig = "*" -more-itertools = ">=4.0.0" packaging = "*" -pluggy = ">=0.12,<1.0" +pluggy = ">=0.12,<1.0.0a1" py = ">=1.8.2" toml = "*" [package.extras] -checkqa_mypy = ["mypy (==0.780)"] testing = ["argcomplete", "hypothesis (>=3.56)", "mock", "nose", "requests", "xmlschema"] [[package]] @@ -356,7 +337,7 @@ socks = ["PySocks (>=1.5.6,!=1.5.7)", "win-inet-pton"] [[package]] name = "s3transfer" -version = "0.3.6" +version = "0.4.2" description = "An Amazon S3 Transfer Manager" category = "main" optional = false @@ -365,6 +346,9 @@ python-versions = "*" [package.dependencies] botocore = ">=1.12.36,<2.0a.0" +[package.extras] +crt = ["botocore[crt] (>=1.20.29,<2.0a.0)"] + [[package]] name = "six" version = "1.15.0" @@ -428,12 +412,12 @@ testing = ["pytest (>=4.6)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pyt [metadata] lock-version = "1.1" python-versions = "^3.6" -content-hash = "3096c36ebe021c5485a9b0dd28f612531346db5f3e61f255d23d613a30cc941b" +content-hash = "0aa0a91d5c4ff37d7828fa23abc17ae9b67fd6cfab0522dce20526c4255f8222" [metadata.files] argcomplete = [ - {file = "argcomplete-1.12.2-py2.py3-none-any.whl", hash = "sha256:17f01a9b9b9ece3e6b07058eae737ad6e10de8b4e149105f84614783913aba71"}, - {file = "argcomplete-1.12.2.tar.gz", hash = "sha256:de0e1282330940d52ea92a80fea2e4b9e0da1932aaa570f84d268939d1897b04"}, + {file = "argcomplete-1.12.3-py2.py3-none-any.whl", hash = "sha256:291f0beca7fd49ce285d2f10e4c1c77e9460cf823eef2de54df0c0fec88b0d81"}, + {file = "argcomplete-1.12.3.tar.gz", hash = "sha256:2c7dbffd8c045ea534921e63b0be6fe65e88599990d8dc408ac8c542b72a5445"}, ] atomicwrites = [ {file = "atomicwrites-1.4.0-py2.py3-none-any.whl", hash = "sha256:6d1784dea7c0c8d4a5172b6c620f40b6e4cbfdf96d783691f2e1302a7b88e197"}, @@ -444,12 +428,12 @@ attrs = [ {file = "attrs-20.3.0.tar.gz", hash = "sha256:832aa3cde19744e49938b91fea06d69ecb9e649c93ba974535d08ad92164f700"}, ] boto3 = [ - {file = "boto3-1.17.33-py2.py3-none-any.whl", hash = "sha256:3306dad87f993703b102a0a70ca19c549b7f41e7f70fa7b4c579735c9f79351d"}, - {file = "boto3-1.17.33.tar.gz", hash = "sha256:0cac2fffc1ba915f7bb5ecee539318532db51f218c928a228fafe3e501e9472e"}, + {file = "boto3-1.17.57-py2.py3-none-any.whl", hash = "sha256:2783947ec34dd84fc36093e8fc8a9a24679cf912a97bc9a0c47f4966ed059a29"}, + {file = "boto3-1.17.57.tar.gz", hash = "sha256:6b4a79691a48740816f03c4cb1e8ef46f8335ad2019d9c4a95da73eb5cb98f05"}, ] botocore = [ - {file = "botocore-1.20.33-py2.py3-none-any.whl", hash = "sha256:a33e862685259fe22d9790d9c9f3567feda8b824d44d3c62a3617af1133543a4"}, - {file = "botocore-1.20.33.tar.gz", hash = "sha256:e355305309699d3aca1e0050fc21d48595b40db046cb0d2491cd57ff5b26920b"}, + {file = "botocore-1.20.57-py2.py3-none-any.whl", hash = "sha256:fa430bc773363a3d332c11c55bd8c0c0a5819d576121eb6990528a1bdaa89bcd"}, + {file = "botocore-1.20.57.tar.gz", hash = "sha256:ae4ac72921f23d35ad54a5fb0989fc00c6fff8a39e24f26128b9315cc6209fec"}, ] c7n = [] cached-property = [ @@ -516,8 +500,8 @@ idna = [ {file = "idna-2.10.tar.gz", hash = "sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6"}, ] importlib-metadata = [ - {file = "importlib_metadata-3.7.3-py3-none-any.whl", hash = "sha256:b74159469b464a99cb8cc3e21973e4d96e05d3024d337313fedb618a6e86e6f4"}, - {file = "importlib_metadata-3.7.3.tar.gz", hash = "sha256:742add720a20d0467df2f444ae41704000f50e1234f46174b51f9c6031a1bd71"}, + {file = "importlib_metadata-4.0.1-py3-none-any.whl", hash = "sha256:d7eb1dea6d6a6086f8be21784cc9e3bcfa55872b52309bc5fad53a8ea444465d"}, + {file = "importlib_metadata-4.0.1.tar.gz", hash = "sha256:8c501196e49fb9df5df43833bdb1e4328f64847763ec8a50703148b73784d581"}, ] iniconfig = [ {file = "iniconfig-1.1.1-py2.py3-none-any.whl", hash = "sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3"}, @@ -527,10 +511,6 @@ jmespath = [ {file = "jmespath-0.10.0-py2.py3-none-any.whl", hash = "sha256:cdf6525904cc597730141d61b36f2e4b8ecc257c420fa2f4549bac2c2d0cb72f"}, {file = "jmespath-0.10.0.tar.gz", hash = "sha256:b85d0567b8666149a93172712e68920734333c0ce7e89b78b3e987f71e5ed4f9"}, ] -jsonpickle = [ - {file = "jsonpickle-1.3-py2.py3-none-any.whl", hash = "sha256:efc6839cb341985f0c24f98650a4c1063a2877c236ffd3d7e1662f0c482bac93"}, - {file = "jsonpickle-1.3.tar.gz", hash = "sha256:71bca2b80ae28af4e3f86629ef247100af7f97032b5ca8d791c1f8725b411d95"}, -] jsonschema = [ {file = "jsonschema-3.2.0-py2.py3-none-any.whl", hash = "sha256:4e5b3cf8216f577bee9ce139cbe72eca3ea4f292ec60928ff24758ce626cd163"}, {file = "jsonschema-3.2.0.tar.gz", hash = "sha256:c8a85b28d377cc7737e46e2d9f2b4f44ee3c0e1deac6bf46ddefc7187d30797a"}, @@ -539,10 +519,6 @@ mock = [ {file = "mock-4.0.3-py3-none-any.whl", hash = "sha256:122fcb64ee37cfad5b3f48d7a7d51875d7031aaf3d8be7c42e2bee25044eee62"}, {file = "mock-4.0.3.tar.gz", hash = "sha256:7d3fbbde18228f4ff2f1f119a45cdffa458b4c0dee32eb4d2bb2f82554bac7bc"}, ] -more-itertools = [ - {file = "more-itertools-8.7.0.tar.gz", hash = "sha256:c5d6da9ca3ff65220c3bfd2a8db06d698f05d4d2b9be57e1deb2be5a45019713"}, - {file = "more_itertools-8.7.0-py3-none-any.whl", hash = "sha256:5652a9ac72209ed7df8d9c15daf4e1aa0e3d2ccd3c87f8265a0673cd9cbc9ced"}, -] packaging = [ {file = "packaging-20.9-py2.py3-none-any.whl", hash = "sha256:67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a"}, {file = "packaging-20.9.tar.gz", hash = "sha256:5b327ac1320dc863dca72f4514ecc086f31186744b84a230374cc1fd776feae5"}, @@ -586,8 +562,8 @@ pyrsistent = [ {file = "pyrsistent-0.17.3.tar.gz", hash = "sha256:2e636185d9eb976a18a8a8e96efce62f2905fea90041958d8cc2a189756ebf3e"}, ] pytest = [ - {file = "pytest-6.0.2-py3-none-any.whl", hash = "sha256:0e37f61339c4578776e090c3b8f6b16ce4db333889d65d0efb305243ec544b40"}, - {file = "pytest-6.0.2.tar.gz", hash = "sha256:c8f57c2a30983f469bf03e68cdfa74dc474ce56b8f280ddcb080dfd91df01043"}, + {file = "pytest-6.2.3-py3-none-any.whl", hash = "sha256:6ad9c7bdf517a808242b998ac20063c41532a570d088d77eec1ee12b0b5574bc"}, + {file = "pytest-6.2.3.tar.gz", hash = "sha256:671238a46e4df0f3498d1c3270e5deb9b32d25134c99b7d75370a68cfbe9b634"}, ] python-dateutil = [ {file = "python-dateutil-2.8.1.tar.gz", hash = "sha256:73ebfe9dbf22e832286dafa60473e4cd239f8592f699aa5adaf10050e6e1823c"}, @@ -621,8 +597,8 @@ requests = [ {file = "requests-2.25.1.tar.gz", hash = "sha256:27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804"}, ] s3transfer = [ - {file = "s3transfer-0.3.6-py2.py3-none-any.whl", hash = "sha256:5d48b1fd2232141a9d5fb279709117aaba506cacea7f86f11bc392f06bfa8fc2"}, - {file = "s3transfer-0.3.6.tar.gz", hash = "sha256:c5dadf598762899d8cfaecf68eba649cd25b0ce93b6c954b156aaa3eed160547"}, + {file = "s3transfer-0.4.2-py2.py3-none-any.whl", hash = "sha256:9b3752887a2880690ce628bc263d6d13a3864083aeacff4890c1c9839a5eb0bc"}, + {file = "s3transfer-0.4.2.tar.gz", hash = "sha256:cb022f4b16551edebbb31a377d3f09600dbada7363d8c5db7976e7f47732e1b2"}, ] six = [ {file = "six-1.15.0-py2.py3-none-any.whl", hash = "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced"}, diff --git a/tools/c7n_policystream/pyproject.toml b/tools/c7n_policystream/pyproject.toml index 79a1c71377d..4d53832c93a 100644 --- a/tools/c7n_policystream/pyproject.toml +++ b/tools/c7n_policystream/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "c7n_policystream" -version = "0.4.10" +version = "0.4.11" description = "Cloud Custodian - Git Commits as Logical Policy Changes" readme = "README.md" homepage = "https://cloudcustodian.io" @@ -9,6 +9,7 @@ documentation = "https://cloudcustodian.io/docs/" authors = ["Cloud Custodian Project"] license = "Apache-2.0" classifiers = [ + "License :: OSI Approved :: Apache Software License", "Topic :: System :: Systems Administration", "Topic :: System :: Distributed Computing" ] @@ -26,7 +27,7 @@ pygit2 = "~1.5" boto3 = "^1.12.0" [tool.poetry.dev-dependencies] -pytest = "~6.0.0" +pytest = "^6.0.0" c7n = {path = "../..", develop = true} mock = "^4.0.2" diff --git a/tools/c7n_policystream/requirements.txt b/tools/c7n_policystream/requirements.txt index abaca1507d0..ff32f292d3e 100644 --- a/tools/c7n_policystream/requirements.txt +++ b/tools/c7n_policystream/requirements.txt @@ -1,5 +1,5 @@ -boto3==1.17.33; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.6.0") -botocore==1.20.33; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" +boto3==1.17.57; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.6.0") +botocore==1.20.57; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" cached-property==1.5.2 certifi==2020.12.5; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" cffi==1.14.5 @@ -12,6 +12,6 @@ pygit2==1.5.0 python-dateutil==2.8.1; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" pyyaml==5.4.1; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.6.0") requests==2.25.1; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.5.0") -s3transfer==0.3.6; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" +s3transfer==0.4.2; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" six==1.15.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" urllib3==1.26.4; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.6.0" and python_version < "4" diff --git a/tools/c7n_policystream/setup.py b/tools/c7n_policystream/setup.py index cc6fd38ea7f..9613003da3d 100644 --- a/tools/c7n_policystream/setup.py +++ b/tools/c7n_policystream/setup.py @@ -6,16 +6,15 @@ modules = \ ['policystream'] install_requires = \ -['argcomplete (>=1.12.2,<2.0.0)', +['argcomplete (>=1.12.3,<2.0.0)', 'attrs (>=20.3.0,<21.0.0)', - 'boto3 (>=1.17.33,<2.0.0)', + 'boto3 (>=1.17.57,<2.0.0)', 'boto3>=1.12.0,<2.0.0', - 'botocore (>=1.20.33,<2.0.0)', - 'c7n (>=0.9.11,<0.10.0)', + 'botocore (>=1.20.57,<2.0.0)', + 'c7n (>=0.9.12,<0.10.0)', 'click>=7.0,<8.0', - 'importlib-metadata (>=3.7.3,<4.0.0)', + 'importlib-metadata (>=4.0.1,<5.0.0)', 'jmespath (>=0.10.0,<0.11.0)', - 'jsonpickle (>=1.3,<2.0)', 'jsonschema (>=3.2.0,<4.0.0)', 'pygit2>=1.5,<1.6', 'pyrsistent (>=0.17.3,<0.18.0)', @@ -23,7 +22,7 @@ 'pyyaml (>=5.4.1,<6.0.0)', 'pyyaml>=5.3,<6.0', 'requests>=2.22.0,<3.0.0', - 's3transfer (>=0.3.6,<0.4.0)', + 's3transfer (>=0.4.2,<0.5.0)', 'six (>=1.15.0,<2.0.0)', 'tabulate (>=0.8.9,<0.9.0)', 'typing-extensions (>=3.7.4.3,<4.0.0.0)', @@ -35,8 +34,14 @@ setup_kwargs = { 'name': 'c7n-policystream', - 'version': '0.4.10', + 'version': '0.4.11', 'description': 'Cloud Custodian - Git Commits as Logical Policy Changes', + 'license': 'Apache-2.0', + 'classifiers': [ + 'License :: OSI Approved :: Apache Software License', + 'Topic :: System :: Systems Administration', + 'Topic :: System :: Distributed Computing' + ], 'long_description': '# c7n-policystream: Policy Changes from Git\n\n[//]: # ( !!! IMPORTANT !!! )\n[//]: # (This file is moved during document generation.)\n[//]: # (Only edit the original document at ./tools/c7n_policystream/README.md)\n\nUsing custodian in accordance with infrastructure as code principles,\nwe store policy assets in a versioned control repository. This\nprovides for an audit log and facilitates code reviews. However this\ncapability is primarily of use to humans making semantic interpretations\nof changes.\n\nThis script also provides logical custodian policy changes over a git\nrepo and allows streaming those changes for machine readable/application\nconsumption. Its typically used as a basis for CI integrations or indexes\nover policies.\n\nTwo example use cases:\n\n - Doing dryrun only on changed policies within a pull request\n - Constructing a database of policy changes.\n\nPolicystream works on individual github repositories, or per Github integration\nacross an organization\'s set of repositories.\n\n## Install\n\npolicystream can be installed via pypi, provided the require pre-requisites\nlibraries are available (libgit2 > 0.26)\n\n```\npip install c7n-policystream\n```\n\nDocker images available soon, see build for constructing your own.\n\n## Build\n\nAlternatively a docker image can be built as follows\n\n```shell\n# Note must be top level directory of checkout\ncd cloud-custodian\n\ndocker build -t policystream:latest -f tools/c7n_policystream/Dockerfile .\n\ndocker run --mount src="$(pwd)",target=/repos,type=bind policystream:latest\n```\n\n## Usage\n\nStreaming use case (default stream is to stdout, also supports kinesis, rdbms and sqs)\n\n```\n $ c7n-policystream stream -r foo\n 2018-08-12 12:37:00,567: c7n.policystream:INFO Cloning repository: foo\n \n \n \n \n \n \n \n 2018-08-12 12:37:01,275: c7n.policystream:INFO Streamed 7 policy changes\n```\n\nPolicy diff between two source and target revision specs. If source\nand target are not specified default revision selection is dependent\non current working tree branch. The intent is for two use cases, if on\na non-master branch then show the diff to master. If on master show\nthe diff to previous commit on master. For repositories not using the\n`master` convention, please specify explicit source and target.\n\n\n```\n $ c7n-policystream diff -r foo -v\n```\n\nPull request use, output policies changes between current branch and master.\n\n```\n $ c7n-policystream diff -r foo\n policies:\n - filters:\n - {type: cross-account}\n name: lambda-access-check\n resource: aws.lambda\n```\n\n## Options\n\n```\n$ c7n-policystream --help\nUsage: c7n-policystream [OPTIONS] COMMAND [ARGS]...\n\n Policy changes from git history\n\nOptions:\n --help Show this message and exit.\n\nCommands:\n diff Policy diff between two arbitrary revisions.\n org-checkout Checkout repositories from a GitHub organization.\n org-stream Stream changes for repos in a GitHub organization.\n stream Stream git history policy changes to destination.\n```\n', 'long_description_content_type': 'text/markdown', 'author': 'Cloud Custodian Project', diff --git a/tools/c7n_sphinxext/poetry.lock b/tools/c7n_sphinxext/poetry.lock index abfdaf12394..8b1420bbdea 100644 --- a/tools/c7n_sphinxext/poetry.lock +++ b/tools/c7n_sphinxext/poetry.lock @@ -8,14 +8,14 @@ python-versions = "*" [[package]] name = "argcomplete" -version = "1.12.2" +version = "1.12.3" description = "Bash tab completion for argparse" category = "dev" optional = false python-versions = "*" [package.dependencies] -importlib-metadata = {version = ">=0.23,<4", markers = "python_version == \"3.6\" or python_version == \"3.7\""} +importlib-metadata = {version = ">=0.23,<5", markers = "python_version == \"3.6\" or python_version == \"3.7\""} [package.extras] test = ["coverage", "flake8", "pexpect", "wheel"] @@ -47,20 +47,20 @@ pytz = ">=2015.7" [[package]] name = "boto3" -version = "1.17.33" +version = "1.17.57" description = "The AWS SDK for Python" category = "dev" optional = false python-versions = ">= 2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" [package.dependencies] -botocore = ">=1.20.33,<1.21.0" +botocore = ">=1.20.57,<1.21.0" jmespath = ">=0.7.1,<1.0.0" -s3transfer = ">=0.3.0,<0.4.0" +s3transfer = ">=0.4.0,<0.5.0" [[package]] name = "botocore" -version = "1.20.33" +version = "1.20.57" description = "Low-level, data-driven core of boto 3." category = "dev" optional = false @@ -72,11 +72,11 @@ python-dateutil = ">=2.1,<3.0.0" urllib3 = ">=1.25.4,<1.27" [package.extras] -crt = ["awscrt (==0.10.8)"] +crt = ["awscrt (==0.11.11)"] [[package]] name = "c7n" -version = "0.9.11" +version = "0.9.12" description = "Cloud Custodian - Policy Rules Engine" category = "dev" optional = false @@ -87,7 +87,6 @@ develop = true argcomplete = "^1.11.1" boto3 = "^1.12.31" importlib-metadata = ">1.7.0;python_version<3.8" -jsonpickle = "1.3" jsonschema = "^3.2.0" python-dateutil = "^2.8.1" pyyaml = "^5.3" @@ -142,7 +141,7 @@ test = ["flake8 (==3.7.8)", "hypothesis (==3.55.3)"] [[package]] name = "docutils" -version = "0.16" +version = "0.17.1" description = "Docutils -- Python Documentation Utilities" category = "main" optional = false @@ -166,7 +165,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" [[package]] name = "importlib-metadata" -version = "3.7.3" +version = "4.0.1" description = "Read metadata from Python packages" category = "dev" optional = false @@ -178,7 +177,7 @@ zipp = ">=0.5" [package.extras] docs = ["sphinx", "jaraco.packaging (>=8.2)", "rst.linker (>=1.9)"] -testing = ["pytest (>=3.5,!=3.7.3)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pytest-cov", "pytest-enabler", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] +testing = ["pytest (>=4.6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-cov", "pytest-enabler (>=1.0.1)", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] [[package]] name = "jinja2" @@ -202,14 +201,6 @@ category = "dev" optional = false python-versions = ">=2.6, !=3.0.*, !=3.1.*, !=3.2.*" -[[package]] -name = "jsonpickle" -version = "1.3" -description = "Python library for serializing any arbitrary object graph into JSON" -category = "dev" -optional = false -python-versions = "*" - [[package]] name = "jsonschema" version = "3.2.0" @@ -339,7 +330,7 @@ socks = ["PySocks (>=1.5.6,!=1.5.7)", "win-inet-pton"] [[package]] name = "s3transfer" -version = "0.3.6" +version = "0.4.2" description = "An Amazon S3 Transfer Manager" category = "dev" optional = false @@ -348,6 +339,9 @@ python-versions = "*" [package.dependencies] botocore = ">=1.12.36,<2.0a.0" +[package.extras] +crt = ["botocore[crt] (>=1.20.29,<2.0a.0)"] + [[package]] name = "six" version = "1.15.0" @@ -543,8 +537,8 @@ alabaster = [ {file = "alabaster-0.7.12.tar.gz", hash = "sha256:a661d72d58e6ea8a57f7a86e37d86716863ee5e92788398526d58b26a4e4dc02"}, ] argcomplete = [ - {file = "argcomplete-1.12.2-py2.py3-none-any.whl", hash = "sha256:17f01a9b9b9ece3e6b07058eae737ad6e10de8b4e149105f84614783913aba71"}, - {file = "argcomplete-1.12.2.tar.gz", hash = "sha256:de0e1282330940d52ea92a80fea2e4b9e0da1932aaa570f84d268939d1897b04"}, + {file = "argcomplete-1.12.3-py2.py3-none-any.whl", hash = "sha256:291f0beca7fd49ce285d2f10e4c1c77e9460cf823eef2de54df0c0fec88b0d81"}, + {file = "argcomplete-1.12.3.tar.gz", hash = "sha256:2c7dbffd8c045ea534921e63b0be6fe65e88599990d8dc408ac8c542b72a5445"}, ] attrs = [ {file = "attrs-20.3.0-py2.py3-none-any.whl", hash = "sha256:31b2eced602aa8423c2aea9c76a724617ed67cf9513173fd3a4f03e3a929c7e6"}, @@ -555,12 +549,12 @@ babel = [ {file = "Babel-2.9.0.tar.gz", hash = "sha256:da031ab54472314f210b0adcff1588ee5d1d1d0ba4dbd07b94dba82bde791e05"}, ] boto3 = [ - {file = "boto3-1.17.33-py2.py3-none-any.whl", hash = "sha256:3306dad87f993703b102a0a70ca19c549b7f41e7f70fa7b4c579735c9f79351d"}, - {file = "boto3-1.17.33.tar.gz", hash = "sha256:0cac2fffc1ba915f7bb5ecee539318532db51f218c928a228fafe3e501e9472e"}, + {file = "boto3-1.17.57-py2.py3-none-any.whl", hash = "sha256:2783947ec34dd84fc36093e8fc8a9a24679cf912a97bc9a0c47f4966ed059a29"}, + {file = "boto3-1.17.57.tar.gz", hash = "sha256:6b4a79691a48740816f03c4cb1e8ef46f8335ad2019d9c4a95da73eb5cb98f05"}, ] botocore = [ - {file = "botocore-1.20.33-py2.py3-none-any.whl", hash = "sha256:a33e862685259fe22d9790d9c9f3567feda8b824d44d3c62a3617af1133543a4"}, - {file = "botocore-1.20.33.tar.gz", hash = "sha256:e355305309699d3aca1e0050fc21d48595b40db046cb0d2491cd57ff5b26920b"}, + {file = "botocore-1.20.57-py2.py3-none-any.whl", hash = "sha256:fa430bc773363a3d332c11c55bd8c0c0a5819d576121eb6990528a1bdaa89bcd"}, + {file = "botocore-1.20.57.tar.gz", hash = "sha256:ae4ac72921f23d35ad54a5fb0989fc00c6fff8a39e24f26128b9315cc6209fec"}, ] c7n = [] certifi = [ @@ -584,8 +578,8 @@ commonmark = [ {file = "commonmark-0.9.1.tar.gz", hash = "sha256:452f9dc859be7f06631ddcb328b6919c67984aca654e5fefb3914d54691aed60"}, ] docutils = [ - {file = "docutils-0.16-py2.py3-none-any.whl", hash = "sha256:0c5b78adfbf7762415433f5515cd5c9e762339e23369dbe8000d84a4bf4ab3af"}, - {file = "docutils-0.16.tar.gz", hash = "sha256:c2de3a60e9e7d07be26b7f2b00ca0309c207e06c100f9cc2a94931fc75a478fc"}, + {file = "docutils-0.17.1-py2.py3-none-any.whl", hash = "sha256:cf316c8370a737a022b72b56874f6602acf974a37a9fba42ec2876387549fc61"}, + {file = "docutils-0.17.1.tar.gz", hash = "sha256:686577d2e4c32380bb50cbb22f575ed742d58168cee37e99117a854bcd88f125"}, ] idna = [ {file = "idna-2.10-py2.py3-none-any.whl", hash = "sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0"}, @@ -596,8 +590,8 @@ imagesize = [ {file = "imagesize-1.2.0.tar.gz", hash = "sha256:b1f6b5a4eab1f73479a50fb79fcf729514a900c341d8503d62a62dbc4127a2b1"}, ] importlib-metadata = [ - {file = "importlib_metadata-3.7.3-py3-none-any.whl", hash = "sha256:b74159469b464a99cb8cc3e21973e4d96e05d3024d337313fedb618a6e86e6f4"}, - {file = "importlib_metadata-3.7.3.tar.gz", hash = "sha256:742add720a20d0467df2f444ae41704000f50e1234f46174b51f9c6031a1bd71"}, + {file = "importlib_metadata-4.0.1-py3-none-any.whl", hash = "sha256:d7eb1dea6d6a6086f8be21784cc9e3bcfa55872b52309bc5fad53a8ea444465d"}, + {file = "importlib_metadata-4.0.1.tar.gz", hash = "sha256:8c501196e49fb9df5df43833bdb1e4328f64847763ec8a50703148b73784d581"}, ] jinja2 = [ {file = "Jinja2-2.11.3-py2.py3-none-any.whl", hash = "sha256:03e47ad063331dd6a3f04a43eddca8a966a26ba0c5b7207a9a9e4e08f1b29419"}, @@ -607,10 +601,6 @@ jmespath = [ {file = "jmespath-0.10.0-py2.py3-none-any.whl", hash = "sha256:cdf6525904cc597730141d61b36f2e4b8ecc257c420fa2f4549bac2c2d0cb72f"}, {file = "jmespath-0.10.0.tar.gz", hash = "sha256:b85d0567b8666149a93172712e68920734333c0ce7e89b78b3e987f71e5ed4f9"}, ] -jsonpickle = [ - {file = "jsonpickle-1.3-py2.py3-none-any.whl", hash = "sha256:efc6839cb341985f0c24f98650a4c1063a2877c236ffd3d7e1662f0c482bac93"}, - {file = "jsonpickle-1.3.tar.gz", hash = "sha256:71bca2b80ae28af4e3f86629ef247100af7f97032b5ca8d791c1f8725b411d95"}, -] jsonschema = [ {file = "jsonschema-3.2.0-py2.py3-none-any.whl", hash = "sha256:4e5b3cf8216f577bee9ce139cbe72eca3ea4f292ec60928ff24758ce626cd163"}, {file = "jsonschema-3.2.0.tar.gz", hash = "sha256:c8a85b28d377cc7737e46e2d9f2b4f44ee3c0e1deac6bf46ddefc7187d30797a"}, @@ -709,8 +699,8 @@ requests = [ {file = "requests-2.25.1.tar.gz", hash = "sha256:27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804"}, ] s3transfer = [ - {file = "s3transfer-0.3.6-py2.py3-none-any.whl", hash = "sha256:5d48b1fd2232141a9d5fb279709117aaba506cacea7f86f11bc392f06bfa8fc2"}, - {file = "s3transfer-0.3.6.tar.gz", hash = "sha256:c5dadf598762899d8cfaecf68eba649cd25b0ce93b6c954b156aaa3eed160547"}, + {file = "s3transfer-0.4.2-py2.py3-none-any.whl", hash = "sha256:9b3752887a2880690ce628bc263d6d13a3864083aeacff4890c1c9839a5eb0bc"}, + {file = "s3transfer-0.4.2.tar.gz", hash = "sha256:cb022f4b16551edebbb31a377d3f09600dbada7363d8c5db7976e7f47732e1b2"}, ] six = [ {file = "six-1.15.0-py2.py3-none-any.whl", hash = "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced"}, diff --git a/tools/c7n_sphinxext/pyproject.toml b/tools/c7n_sphinxext/pyproject.toml index 55fdefc495e..5cecb350670 100644 --- a/tools/c7n_sphinxext/pyproject.toml +++ b/tools/c7n_sphinxext/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "c7n_sphinxext" -version = "1.1.10" +version = "1.1.11" description = "Cloud Custodian - Sphinx Extensions" authors = ["Cloud Custodian Project"] license = "Apache-2.0" @@ -8,6 +8,7 @@ homepage = "https://cloudcustodian.io" documentation = "https://cloudcustodian.io/docs" repository = "https://github.com/cloud-custodian/cloud-custodian" classifiers=[ + "License :: OSI Approved :: Apache Software License", "Topic :: System :: Systems Administration", "Topic :: System :: Distributed Computing" ] diff --git a/tools/c7n_sphinxext/requirements.txt b/tools/c7n_sphinxext/requirements.txt index 6a6e5490ac6..2a5320c6bab 100644 --- a/tools/c7n_sphinxext/requirements.txt +++ b/tools/c7n_sphinxext/requirements.txt @@ -5,7 +5,7 @@ chardet==4.0.0; python_version >= "3.5" and python_full_version < "3.0.0" or pyt click==7.1.2; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.5.0") colorama==0.4.4; python_version >= "3.5" and python_full_version < "3.0.0" and sys_platform == "win32" or sys_platform == "win32" and python_version >= "3.5" and python_full_version >= "3.5.0" commonmark==0.9.1 -docutils==0.16; python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.5" +docutils==0.17.1; python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.5" idna==2.10; python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.5" imagesize==1.2.0; python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.5" jinja2==2.11.3; python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.5" diff --git a/tools/c7n_sphinxext/setup.py b/tools/c7n_sphinxext/setup.py index 6f17045b949..7343e0ad4be 100644 --- a/tools/c7n_sphinxext/setup.py +++ b/tools/c7n_sphinxext/setup.py @@ -12,21 +12,20 @@ install_requires = \ ['Pygments>=2.6.1,<3.0.0', 'Sphinx>=3.0,<3.1', - 'argcomplete (>=1.12.2,<2.0.0)', + 'argcomplete (>=1.12.3,<2.0.0)', 'attrs (>=20.3.0,<21.0.0)', - 'boto3 (>=1.17.33,<2.0.0)', - 'botocore (>=1.20.33,<2.0.0)', - 'c7n (>=0.9.11,<0.10.0)', + 'boto3 (>=1.17.57,<2.0.0)', + 'botocore (>=1.20.57,<2.0.0)', + 'c7n (>=0.9.12,<0.10.0)', 'click>=7.1.2,<8.0.0', - 'importlib-metadata (>=3.7.3,<4.0.0)', + 'importlib-metadata (>=4.0.1,<5.0.0)', 'jmespath (>=0.10.0,<0.11.0)', - 'jsonpickle (>=1.3,<2.0)', 'jsonschema (>=3.2.0,<4.0.0)', 'pyrsistent (>=0.17.3,<0.18.0)', 'python-dateutil (>=2.8.1,<3.0.0)', 'pyyaml (>=5.4.1,<6.0.0)', 'recommonmark>=0.6.0,<0.7.0', - 's3transfer (>=0.3.6,<0.4.0)', + 's3transfer (>=0.4.2,<0.5.0)', 'six (>=1.15.0,<2.0.0)', 'sphinx_markdown_tables>=0.0.12,<0.0.13', 'sphinx_rtd_theme>=0.4.3,<0.5.0', @@ -41,8 +40,14 @@ setup_kwargs = { 'name': 'c7n-sphinxext', - 'version': '1.1.10', + 'version': '1.1.11', 'description': 'Cloud Custodian - Sphinx Extensions', + 'license': 'Apache-2.0', + 'classifiers': [ + 'License :: OSI Approved :: Apache Software License', + 'Topic :: System :: Systems Administration', + 'Topic :: System :: Distributed Computing' + ], 'long_description': '# Sphinx Extensions\n\nCustom sphinx extensions for use with Cloud Custodian.\n\n', 'long_description_content_type': 'text/markdown', 'author': 'Cloud Custodian Project', diff --git a/tools/c7n_terraform/poetry.lock b/tools/c7n_terraform/poetry.lock index 541dbe99dfc..3366ac524cf 100644 --- a/tools/c7n_terraform/poetry.lock +++ b/tools/c7n_terraform/poetry.lock @@ -1,13 +1,13 @@ [[package]] name = "argcomplete" -version = "1.12.2" +version = "1.12.3" description = "Bash tab completion for argparse" category = "dev" optional = false python-versions = "*" [package.dependencies] -importlib-metadata = {version = ">=0.23,<4", markers = "python_version == \"3.7\""} +importlib-metadata = {version = ">=0.23,<5", markers = "python_version == \"3.7\""} [package.extras] test = ["coverage", "flake8", "pexpect", "wheel"] @@ -36,20 +36,20 @@ tests_no_zope = ["coverage[toml] (>=5.0.2)", "hypothesis", "pympler", "pytest (> [[package]] name = "boto3" -version = "1.17.33" +version = "1.17.57" description = "The AWS SDK for Python" category = "dev" optional = false python-versions = ">= 2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" [package.dependencies] -botocore = ">=1.20.33,<1.21.0" +botocore = ">=1.20.57,<1.21.0" jmespath = ">=0.7.1,<1.0.0" -s3transfer = ">=0.3.0,<0.4.0" +s3transfer = ">=0.4.0,<0.5.0" [[package]] name = "botocore" -version = "1.20.33" +version = "1.20.57" description = "Low-level, data-driven core of boto 3." category = "dev" optional = false @@ -61,11 +61,11 @@ python-dateutil = ">=2.1,<3.0.0" urllib3 = ">=1.25.4,<1.27" [package.extras] -crt = ["awscrt (==0.10.8)"] +crt = ["awscrt (==0.11.11)"] [[package]] name = "c7n" -version = "0.9.11" +version = "0.9.12" description = "Cloud Custodian - Policy Rules Engine" category = "dev" optional = false @@ -76,7 +76,6 @@ develop = true argcomplete = "^1.11.1" boto3 = "^1.12.31" importlib-metadata = ">1.7.0;python_version<3.8" -jsonpickle = "1.3" jsonschema = "^3.2.0" python-dateutil = "^2.8.1" pyyaml = "^5.3" @@ -115,7 +114,7 @@ test = ["flake8 (==3.7.8)", "hypothesis (==3.55.3)"] [[package]] name = "importlib-metadata" -version = "3.7.3" +version = "4.0.1" description = "Read metadata from Python packages" category = "dev" optional = false @@ -127,23 +126,23 @@ zipp = ">=0.5" [package.extras] docs = ["sphinx", "jaraco.packaging (>=8.2)", "rst.linker (>=1.9)"] -testing = ["pytest (>=3.5,!=3.7.3)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pytest-cov", "pytest-enabler", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] +testing = ["pytest (>=4.6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-cov", "pytest-enabler (>=1.0.1)", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] [[package]] -name = "jmespath" -version = "0.10.0" -description = "JSON Matching Expressions" +name = "iniconfig" +version = "1.1.1" +description = "iniconfig: brain-dead simple config-ini parsing" category = "dev" optional = false -python-versions = ">=2.6, !=3.0.*, !=3.1.*, !=3.2.*" +python-versions = "*" [[package]] -name = "jsonpickle" -version = "1.3" -description = "Python library for serializing any arbitrary object graph into JSON" +name = "jmespath" +version = "0.10.0" +description = "JSON Matching Expressions" category = "dev" optional = false -python-versions = "*" +python-versions = ">=2.6, !=3.0.*, !=3.1.*, !=3.2.*" [[package]] name = "jsonschema" @@ -175,14 +174,6 @@ python-versions = "*" nearley = ["js2py"] regex = ["regex"] -[[package]] -name = "more-itertools" -version = "8.7.0" -description = "More routines for operating on iterables, beyond itertools" -category = "dev" -optional = false -python-versions = ">=3.5" - [[package]] name = "packaging" version = "20.9" @@ -250,25 +241,24 @@ python-versions = ">=3.5" [[package]] name = "pytest" -version = "5.3.5" +version = "6.2.3" description = "pytest: simple powerful testing with Python" category = "dev" optional = false -python-versions = ">=3.5" +python-versions = ">=3.6" [package.dependencies] atomicwrites = {version = ">=1.0", markers = "sys_platform == \"win32\""} -attrs = ">=17.4.0" +attrs = ">=19.2.0" colorama = {version = "*", markers = "sys_platform == \"win32\""} importlib-metadata = {version = ">=0.12", markers = "python_version < \"3.8\""} -more-itertools = ">=4.0.0" +iniconfig = "*" packaging = "*" -pluggy = ">=0.12,<1.0" -py = ">=1.5.0" -wcwidth = "*" +pluggy = ">=0.12,<1.0.0a1" +py = ">=1.8.2" +toml = "*" [package.extras] -checkqa-mypy = ["mypy (==v0.761)"] testing = ["argcomplete", "hypothesis (>=3.56)", "mock", "nose", "requests", "xmlschema"] [[package]] @@ -318,7 +308,7 @@ typing-extensions = ">=3.7.4,<4.0.0" [[package]] name = "s3transfer" -version = "0.3.6" +version = "0.4.2" description = "An Amazon S3 Transfer Manager" category = "dev" optional = false @@ -327,6 +317,9 @@ python-versions = "*" [package.dependencies] botocore = ">=1.12.36,<2.0a.0" +[package.extras] +crt = ["botocore[crt] (>=1.20.29,<2.0a.0)"] + [[package]] name = "six" version = "1.15.0" @@ -346,6 +339,14 @@ python-versions = "*" [package.extras] widechars = ["wcwidth"] +[[package]] +name = "toml" +version = "0.10.2" +description = "Python Library for Tom's Obvious, Minimal Language" +category = "dev" +optional = false +python-versions = ">=2.6, !=3.0.*, !=3.1.*, !=3.2.*" + [[package]] name = "typing-extensions" version = "3.7.4.3" @@ -367,14 +368,6 @@ secure = ["pyOpenSSL (>=0.14)", "cryptography (>=1.3.4)", "idna (>=2.0.0)", "cer socks = ["PySocks (>=1.5.6,!=1.5.7,<2.0)"] brotli = ["brotlipy (>=0.6.0)"] -[[package]] -name = "wcwidth" -version = "0.2.5" -description = "Measures the displayed width of unicode strings in a terminal" -category = "dev" -optional = false -python-versions = "*" - [[package]] name = "zipp" version = "3.4.1" @@ -390,12 +383,12 @@ testing = ["pytest (>=4.6)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pyt [metadata] lock-version = "1.1" python-versions = "^3.7" -content-hash = "e36802bbca2b3a070188a88cd7b2059a0dff35b504581f22501d8c5e8a956049" +content-hash = "84483bf69475b30b75eb1176efe4097f6b7374273034a37b60b8b5a269ba44b7" [metadata.files] argcomplete = [ - {file = "argcomplete-1.12.2-py2.py3-none-any.whl", hash = "sha256:17f01a9b9b9ece3e6b07058eae737ad6e10de8b4e149105f84614783913aba71"}, - {file = "argcomplete-1.12.2.tar.gz", hash = "sha256:de0e1282330940d52ea92a80fea2e4b9e0da1932aaa570f84d268939d1897b04"}, + {file = "argcomplete-1.12.3-py2.py3-none-any.whl", hash = "sha256:291f0beca7fd49ce285d2f10e4c1c77e9460cf823eef2de54df0c0fec88b0d81"}, + {file = "argcomplete-1.12.3.tar.gz", hash = "sha256:2c7dbffd8c045ea534921e63b0be6fe65e88599990d8dc408ac8c542b72a5445"}, ] atomicwrites = [ {file = "atomicwrites-1.4.0-py2.py3-none-any.whl", hash = "sha256:6d1784dea7c0c8d4a5172b6c620f40b6e4cbfdf96d783691f2e1302a7b88e197"}, @@ -406,12 +399,12 @@ attrs = [ {file = "attrs-20.3.0.tar.gz", hash = "sha256:832aa3cde19744e49938b91fea06d69ecb9e649c93ba974535d08ad92164f700"}, ] boto3 = [ - {file = "boto3-1.17.33-py2.py3-none-any.whl", hash = "sha256:3306dad87f993703b102a0a70ca19c549b7f41e7f70fa7b4c579735c9f79351d"}, - {file = "boto3-1.17.33.tar.gz", hash = "sha256:0cac2fffc1ba915f7bb5ecee539318532db51f218c928a228fafe3e501e9472e"}, + {file = "boto3-1.17.57-py2.py3-none-any.whl", hash = "sha256:2783947ec34dd84fc36093e8fc8a9a24679cf912a97bc9a0c47f4966ed059a29"}, + {file = "boto3-1.17.57.tar.gz", hash = "sha256:6b4a79691a48740816f03c4cb1e8ef46f8335ad2019d9c4a95da73eb5cb98f05"}, ] botocore = [ - {file = "botocore-1.20.33-py2.py3-none-any.whl", hash = "sha256:a33e862685259fe22d9790d9c9f3567feda8b824d44d3c62a3617af1133543a4"}, - {file = "botocore-1.20.33.tar.gz", hash = "sha256:e355305309699d3aca1e0050fc21d48595b40db046cb0d2491cd57ff5b26920b"}, + {file = "botocore-1.20.57-py2.py3-none-any.whl", hash = "sha256:fa430bc773363a3d332c11c55bd8c0c0a5819d576121eb6990528a1bdaa89bcd"}, + {file = "botocore-1.20.57.tar.gz", hash = "sha256:ae4ac72921f23d35ad54a5fb0989fc00c6fff8a39e24f26128b9315cc6209fec"}, ] c7n = [] click = [ @@ -427,17 +420,17 @@ commonmark = [ {file = "commonmark-0.9.1.tar.gz", hash = "sha256:452f9dc859be7f06631ddcb328b6919c67984aca654e5fefb3914d54691aed60"}, ] importlib-metadata = [ - {file = "importlib_metadata-3.7.3-py3-none-any.whl", hash = "sha256:b74159469b464a99cb8cc3e21973e4d96e05d3024d337313fedb618a6e86e6f4"}, - {file = "importlib_metadata-3.7.3.tar.gz", hash = "sha256:742add720a20d0467df2f444ae41704000f50e1234f46174b51f9c6031a1bd71"}, + {file = "importlib_metadata-4.0.1-py3-none-any.whl", hash = "sha256:d7eb1dea6d6a6086f8be21784cc9e3bcfa55872b52309bc5fad53a8ea444465d"}, + {file = "importlib_metadata-4.0.1.tar.gz", hash = "sha256:8c501196e49fb9df5df43833bdb1e4328f64847763ec8a50703148b73784d581"}, +] +iniconfig = [ + {file = "iniconfig-1.1.1-py2.py3-none-any.whl", hash = "sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3"}, + {file = "iniconfig-1.1.1.tar.gz", hash = "sha256:bc3af051d7d14b2ee5ef9969666def0cd1a000e121eaea580d4a313df4b37f32"}, ] jmespath = [ {file = "jmespath-0.10.0-py2.py3-none-any.whl", hash = "sha256:cdf6525904cc597730141d61b36f2e4b8ecc257c420fa2f4549bac2c2d0cb72f"}, {file = "jmespath-0.10.0.tar.gz", hash = "sha256:b85d0567b8666149a93172712e68920734333c0ce7e89b78b3e987f71e5ed4f9"}, ] -jsonpickle = [ - {file = "jsonpickle-1.3-py2.py3-none-any.whl", hash = "sha256:efc6839cb341985f0c24f98650a4c1063a2877c236ffd3d7e1662f0c482bac93"}, - {file = "jsonpickle-1.3.tar.gz", hash = "sha256:71bca2b80ae28af4e3f86629ef247100af7f97032b5ca8d791c1f8725b411d95"}, -] jsonschema = [ {file = "jsonschema-3.2.0-py2.py3-none-any.whl", hash = "sha256:4e5b3cf8216f577bee9ce139cbe72eca3ea4f292ec60928ff24758ce626cd163"}, {file = "jsonschema-3.2.0.tar.gz", hash = "sha256:c8a85b28d377cc7737e46e2d9f2b4f44ee3c0e1deac6bf46ddefc7187d30797a"}, @@ -445,10 +438,6 @@ jsonschema = [ lark-parser = [ {file = "lark-parser-0.10.1.tar.gz", hash = "sha256:42f367612a1bbc4cf9d8c8eb1b209d8a9b397d55af75620c9e6f53e502235996"}, ] -more-itertools = [ - {file = "more-itertools-8.7.0.tar.gz", hash = "sha256:c5d6da9ca3ff65220c3bfd2a8db06d698f05d4d2b9be57e1deb2be5a45019713"}, - {file = "more_itertools-8.7.0-py3-none-any.whl", hash = "sha256:5652a9ac72209ed7df8d9c15daf4e1aa0e3d2ccd3c87f8265a0673cd9cbc9ced"}, -] packaging = [ {file = "packaging-20.9-py2.py3-none-any.whl", hash = "sha256:67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a"}, {file = "packaging-20.9.tar.gz", hash = "sha256:5b327ac1320dc863dca72f4514ecc086f31186744b84a230374cc1fd776feae5"}, @@ -477,8 +466,8 @@ pyrsistent = [ {file = "pyrsistent-0.17.3.tar.gz", hash = "sha256:2e636185d9eb976a18a8a8e96efce62f2905fea90041958d8cc2a189756ebf3e"}, ] pytest = [ - {file = "pytest-5.3.5-py3-none-any.whl", hash = "sha256:ff615c761e25eb25df19edddc0b970302d2a9091fbce0e7213298d85fb61fef6"}, - {file = "pytest-5.3.5.tar.gz", hash = "sha256:0d5fe9189a148acc3c3eb2ac8e1ac0742cb7618c084f3d228baaec0c254b318d"}, + {file = "pytest-6.2.3-py3-none-any.whl", hash = "sha256:6ad9c7bdf517a808242b998ac20063c41532a570d088d77eec1ee12b0b5574bc"}, + {file = "pytest-6.2.3.tar.gz", hash = "sha256:671238a46e4df0f3498d1c3270e5deb9b32d25134c99b7d75370a68cfbe9b634"}, ] python-dateutil = [ {file = "python-dateutil-2.8.1.tar.gz", hash = "sha256:73ebfe9dbf22e832286dafa60473e4cd239f8592f699aa5adaf10050e6e1823c"}, @@ -515,8 +504,8 @@ rich = [ {file = "rich-1.3.1.tar.gz", hash = "sha256:6a6c338d5d015ca23e340fe8af5f0b9eedb527821c69c22b94acc76fe3cb2e51"}, ] s3transfer = [ - {file = "s3transfer-0.3.6-py2.py3-none-any.whl", hash = "sha256:5d48b1fd2232141a9d5fb279709117aaba506cacea7f86f11bc392f06bfa8fc2"}, - {file = "s3transfer-0.3.6.tar.gz", hash = "sha256:c5dadf598762899d8cfaecf68eba649cd25b0ce93b6c954b156aaa3eed160547"}, + {file = "s3transfer-0.4.2-py2.py3-none-any.whl", hash = "sha256:9b3752887a2880690ce628bc263d6d13a3864083aeacff4890c1c9839a5eb0bc"}, + {file = "s3transfer-0.4.2.tar.gz", hash = "sha256:cb022f4b16551edebbb31a377d3f09600dbada7363d8c5db7976e7f47732e1b2"}, ] six = [ {file = "six-1.15.0-py2.py3-none-any.whl", hash = "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced"}, @@ -526,6 +515,10 @@ tabulate = [ {file = "tabulate-0.8.9-py3-none-any.whl", hash = "sha256:d7c013fe7abbc5e491394e10fa845f8f32fe54f8dc60c6622c6cf482d25d47e4"}, {file = "tabulate-0.8.9.tar.gz", hash = "sha256:eb1d13f25760052e8931f2ef80aaf6045a6cceb47514db8beab24cded16f13a7"}, ] +toml = [ + {file = "toml-0.10.2-py2.py3-none-any.whl", hash = "sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b"}, + {file = "toml-0.10.2.tar.gz", hash = "sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f"}, +] typing-extensions = [ {file = "typing_extensions-3.7.4.3-py2-none-any.whl", hash = "sha256:dafc7639cde7f1b6e1acc0f457842a83e722ccca8eef5270af2d74792619a89f"}, {file = "typing_extensions-3.7.4.3-py3-none-any.whl", hash = "sha256:7cb407020f00f7bfc3cb3e7881628838e69d8f3fcab2f64742a5e76b2f841918"}, @@ -535,10 +528,6 @@ urllib3 = [ {file = "urllib3-1.26.4-py2.py3-none-any.whl", hash = "sha256:2f4da4594db7e1e110a944bb1b551fdf4e6c136ad42e4234131391e21eb5b0df"}, {file = "urllib3-1.26.4.tar.gz", hash = "sha256:e7b021f7241115872f92f43c6508082facffbd1c048e3c6e2bb9c2a157e28937"}, ] -wcwidth = [ - {file = "wcwidth-0.2.5-py2.py3-none-any.whl", hash = "sha256:beb4802a9cebb9144e99086eff703a642a13d6a0052920003a230f3294bbe784"}, - {file = "wcwidth-0.2.5.tar.gz", hash = "sha256:c4d647b99872929fdb7bdcaa4fbe7f01413ed3d98077df798530e5b04f116c83"}, -] zipp = [ {file = "zipp-3.4.1-py3-none-any.whl", hash = "sha256:51cb66cc54621609dd593d1787f286ee42a5c0adbb4b29abea5a63edc3e03098"}, {file = "zipp-3.4.1.tar.gz", hash = "sha256:3607921face881ba3e026887d8150cca609d517579abe052ac81fc5aeffdbd76"}, diff --git a/tools/c7n_terraform/pyproject.toml b/tools/c7n_terraform/pyproject.toml index 4f379799177..7cbcbb73b5e 100644 --- a/tools/c7n_terraform/pyproject.toml +++ b/tools/c7n_terraform/pyproject.toml @@ -1,13 +1,15 @@ [tool.poetry] name = "c7n_terraform" -version = "0.1.1" +version = "0.1.2" readme = "readme.md" description = "Cloud Custodian Provider for evaluating Terraform" repository = "https://github.com/cloud-custodian/cloud-custodian" +homepage = "https://cloudcustodian.io" documentation = "https://cloudcustodian.io/docs/" authors = ["Cloud Custodian Project"] license = "Apache-2.0" classifiers = [ + "License :: OSI Approved :: Apache Software License", "Topic :: System :: Systems Administration", "Topic :: System :: Distributed Computing"] @@ -18,7 +20,7 @@ click = "^7.1.2" python-hcl2 = "^2.0" [tool.poetry.dev-dependencies] -pytest = "~5.3.5" +pytest = "^6.0.0" c7n = {path = "../..", develop = true} [build-system] diff --git a/tools/c7n_terraform/setup.py b/tools/c7n_terraform/setup.py index 608c7ab72ca..ca423feb925 100644 --- a/tools/c7n_terraform/setup.py +++ b/tools/c7n_terraform/setup.py @@ -10,22 +10,21 @@ {'': ['*']} install_requires = \ -['argcomplete (>=1.12.2,<2.0.0)', +['argcomplete (>=1.12.3,<2.0.0)', 'attrs (>=20.3.0,<21.0.0)', - 'boto3 (>=1.17.33,<2.0.0)', - 'botocore (>=1.20.33,<2.0.0)', - 'c7n (>=0.9.11,<0.10.0)', + 'boto3 (>=1.17.57,<2.0.0)', + 'botocore (>=1.20.57,<2.0.0)', + 'c7n (>=0.9.12,<0.10.0)', 'click>=7.1.2,<8.0.0', - 'importlib-metadata (>=3.7.3,<4.0.0)', + 'importlib-metadata (>=4.0.1,<5.0.0)', 'jmespath (>=0.10.0,<0.11.0)', - 'jsonpickle (>=1.3,<2.0)', 'jsonschema (>=3.2.0,<4.0.0)', 'pyrsistent (>=0.17.3,<0.18.0)', 'python-dateutil (>=2.8.1,<3.0.0)', 'python-hcl2>=2.0,<3.0', 'pyyaml (>=5.4.1,<6.0.0)', 'rich>=1.1.9,<2.0.0', - 's3transfer (>=0.3.6,<0.4.0)', + 's3transfer (>=0.4.2,<0.5.0)', 'six (>=1.15.0,<2.0.0)', 'tabulate (>=0.8.9,<0.9.0)', 'typing-extensions (>=3.7.4.3,<4.0.0.0)', @@ -34,15 +33,21 @@ setup_kwargs = { 'name': 'c7n-terraform', - 'version': '0.1.1', + 'version': '0.1.2', 'description': 'Cloud Custodian Provider for evaluating Terraform', + 'license': 'Apache-2.0', + 'classifiers': [ + 'License :: OSI Approved :: Apache Software License', + 'Topic :: System :: Systems Administration', + 'Topic :: System :: Distributed Computing' + ], 'long_description': "\n# Cloud Custodian Terraform Provider\n\nCustodian's terraform provider enables writing and evaluating\ncustodian policies against Terraform IaaC modules.\n\n\ntldr: we want to enable writing custodian policies against IaaC assets (terraform, cfn, etc) directly in devops/ci pipelines.\n\n# Purpose\n\nThe primary purpose of this is to integrate with ci/cd pipelines to\nevaluate compliance and governance early in the deployment\nlifecycle. Custodian cloud providers provide for realtime detection\nand remediation as a detective control against infrastructure already\ndeployed in the environment regardless of how it was provisioned. As\nan initial target, the terraform provider is designed to complement\nthat with preventive enforcement earlier in the\nlifecycle. ie. enabling a shift-left to policy enforcement.\n\n\n# Pipeline CLI\n\nIn looking at expanding out to shift-left pipeline use cases, one\nthing that becomes clearer is that custodian's default cli ux isn't\nperhaps the best fit for the target audience. When we're operating\nagainst cloud resources we have to deal with cardinalities in the\nthousands to millions. When we're operating in the pipelines we're\ntypically dealing with resource cardinalities in the 10s. Additionally\nthere is a goal expectation of having rich output that correlates to\nthe ci tooling (github annotations, etc) or pinpointing the issue for\na developer, as well as color'd output and other niceties. we could\nincorporate that as a new subcommand into the main custodian cli\n(dependent on presence of iaac providers installed), or have a\ndedicated subcommand associated.\n\nThe other main deficiency with the cli is that we're not able to pass\ndirectly the iaac files as data sets we want to consider. Typically\npolicies have expressed this as query parameterization within the\npolicy as being able to specify the exact target set. But the use case\nhere is more typically command line driven with specification of both\npolicy files and target IaaC files, as well as other possible vcs\nintegrations (policystream style wrt delta files) or ci integrations.\n\n# Resources\n\nwrt to the iaac provider we can either operate loosely typed or strongly typed. with strong typing we can spec out exact attributes and potentially do additional possibly validation wrt to user specified attributes, but it requires keeping an up to date store of all iaac provider assets, which could be both fairly large and rapidly changing (terraform has over 150 providers all release independently). for now, I think it would be good to keep to loose typing on resources. .. and perhaps document provider addressable resource attributes as part of documentation.\n\nLoose typing would enable working out of the box with extant providers, but policy authors would have to consult reference docs for their respective providers on available attributes or even provider resource type existence. From a custodian perspective we would use a common resource implementation across provider resource types.\n\n# Examples\n\n```yaml\n- resource: terraform.aws_dynamodb_table\n name: ensure encryption\n filters:\n server_side_encryption.enabled: true\n kms_key_arn: key_alias\n```\n\n\n\n# \n\n custodian run terraform.yml\n \n custodian report --format=\n \n# dedicated cli\n\n\n custodian run-source terraform.yml\n", 'long_description_content_type': 'text/markdown', 'author': 'Cloud Custodian Project', 'author_email': None, 'maintainer': None, 'maintainer_email': None, - 'url': 'https://github.com/cloud-custodian/cloud-custodian', + 'url': 'https://cloudcustodian.io', 'packages': packages, 'package_data': package_data, 'install_requires': install_requires, diff --git a/tools/c7n_trailcreator/c7n_trailcreator/trailcreator.py b/tools/c7n_trailcreator/c7n_trailcreator/trailcreator.py index 34d38440579..d6945f6d9dc 100644 --- a/tools/c7n_trailcreator/c7n_trailcreator/trailcreator.py +++ b/tools/c7n_trailcreator/c7n_trailcreator/trailcreator.py @@ -364,7 +364,7 @@ def flush(self): time.sleep(3) self.conn.commit() - def get_type_record_stats(self, account_id, region): + def get_type_record_stats(self, account_id, region): # nosec self.cursor.execute(''' select rtype, count(*) as rcount from events @@ -374,7 +374,7 @@ def get_type_record_stats(self, account_id, region): ''' % (account_id, region)) return self.cursor.fetchall() - def get_resource_owners(self, resource_type, account_id, region): + def get_resource_owners(self, resource_type, account_id, region): # nosec self.cursor.execute(''' select user_id, resource_ids from events diff --git a/tools/c7n_trailcreator/poetry.lock b/tools/c7n_trailcreator/poetry.lock index 222d93b46ec..1b02a15417a 100644 --- a/tools/c7n_trailcreator/poetry.lock +++ b/tools/c7n_trailcreator/poetry.lock @@ -1,13 +1,13 @@ [[package]] name = "argcomplete" -version = "1.12.2" +version = "1.12.3" description = "Bash tab completion for argparse" category = "dev" optional = false python-versions = "*" [package.dependencies] -importlib-metadata = {version = ">=0.23,<4", markers = "python_version == \"3.6\" or python_version == \"3.7\""} +importlib-metadata = {version = ">=0.23,<5", markers = "python_version == \"3.6\" or python_version == \"3.7\""} [package.extras] test = ["coverage", "flake8", "pexpect", "wheel"] @@ -28,20 +28,20 @@ tests_no_zope = ["coverage[toml] (>=5.0.2)", "hypothesis", "pympler", "pytest (> [[package]] name = "boto3" -version = "1.17.33" +version = "1.17.57" description = "The AWS SDK for Python" category = "dev" optional = false python-versions = ">= 2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" [package.dependencies] -botocore = ">=1.20.33,<1.21.0" +botocore = ">=1.20.57,<1.21.0" jmespath = ">=0.7.1,<1.0.0" -s3transfer = ">=0.3.0,<0.4.0" +s3transfer = ">=0.4.0,<0.5.0" [[package]] name = "botocore" -version = "1.20.33" +version = "1.20.57" description = "Low-level, data-driven core of boto 3." category = "dev" optional = false @@ -53,11 +53,11 @@ python-dateutil = ">=2.1,<3.0.0" urllib3 = ">=1.25.4,<1.27" [package.extras] -crt = ["awscrt (==0.10.8)"] +crt = ["awscrt (==0.11.11)"] [[package]] name = "c7n" -version = "0.9.11" +version = "0.9.12" description = "Cloud Custodian - Policy Rules Engine" category = "dev" optional = false @@ -68,7 +68,6 @@ develop = true argcomplete = "^1.11.1" boto3 = "^1.12.31" importlib-metadata = ">1.7.0;python_version<3.8" -jsonpickle = "1.3" jsonschema = "^3.2.0" python-dateutil = "^2.8.1" pyyaml = "^5.3" @@ -80,7 +79,7 @@ url = "../.." [[package]] name = "c7n-org" -version = "0.6.10" +version = "0.6.11" description = "Cloud Custodian - Parallel Execution" category = "dev" optional = false @@ -104,7 +103,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" [[package]] name = "importlib-metadata" -version = "3.7.3" +version = "4.0.1" description = "Read metadata from Python packages" category = "dev" optional = false @@ -116,7 +115,7 @@ zipp = ">=0.5" [package.extras] docs = ["sphinx", "jaraco.packaging (>=8.2)", "rst.linker (>=1.9)"] -testing = ["pytest (>=3.5,!=3.7.3)", "pytest-checkdocs (>=1.2.3)", "pytest-flake8", "pytest-cov", "pytest-enabler", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] +testing = ["pytest (>=4.6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-cov", "pytest-enabler (>=1.0.1)", "packaging", "pep517", "pyfakefs", "flufl.flake8", "pytest-black (>=0.3.7)", "pytest-mypy", "importlib-resources (>=1.3)"] [[package]] name = "jmespath" @@ -126,14 +125,6 @@ category = "dev" optional = false python-versions = ">=2.6, !=3.0.*, !=3.1.*, !=3.2.*" -[[package]] -name = "jsonpickle" -version = "1.3" -description = "Python library for serializing any arbitrary object graph into JSON" -category = "dev" -optional = false -python-versions = "*" - [[package]] name = "jsonschema" version = "3.2.0" @@ -181,7 +172,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" [[package]] name = "s3transfer" -version = "0.3.6" +version = "0.4.2" description = "An Amazon S3 Transfer Manager" category = "dev" optional = false @@ -190,6 +181,9 @@ python-versions = "*" [package.dependencies] botocore = ">=1.12.36,<2.0a.0" +[package.extras] +crt = ["botocore[crt] (>=1.20.29,<2.0a.0)"] + [[package]] name = "six" version = "1.15.0" @@ -249,20 +243,20 @@ content-hash = "ecb5fa306cd6e3ced2cd549c4048289e71c0119d338f619a75def237580d53c1 [metadata.files] argcomplete = [ - {file = "argcomplete-1.12.2-py2.py3-none-any.whl", hash = "sha256:17f01a9b9b9ece3e6b07058eae737ad6e10de8b4e149105f84614783913aba71"}, - {file = "argcomplete-1.12.2.tar.gz", hash = "sha256:de0e1282330940d52ea92a80fea2e4b9e0da1932aaa570f84d268939d1897b04"}, + {file = "argcomplete-1.12.3-py2.py3-none-any.whl", hash = "sha256:291f0beca7fd49ce285d2f10e4c1c77e9460cf823eef2de54df0c0fec88b0d81"}, + {file = "argcomplete-1.12.3.tar.gz", hash = "sha256:2c7dbffd8c045ea534921e63b0be6fe65e88599990d8dc408ac8c542b72a5445"}, ] attrs = [ {file = "attrs-20.3.0-py2.py3-none-any.whl", hash = "sha256:31b2eced602aa8423c2aea9c76a724617ed67cf9513173fd3a4f03e3a929c7e6"}, {file = "attrs-20.3.0.tar.gz", hash = "sha256:832aa3cde19744e49938b91fea06d69ecb9e649c93ba974535d08ad92164f700"}, ] boto3 = [ - {file = "boto3-1.17.33-py2.py3-none-any.whl", hash = "sha256:3306dad87f993703b102a0a70ca19c549b7f41e7f70fa7b4c579735c9f79351d"}, - {file = "boto3-1.17.33.tar.gz", hash = "sha256:0cac2fffc1ba915f7bb5ecee539318532db51f218c928a228fafe3e501e9472e"}, + {file = "boto3-1.17.57-py2.py3-none-any.whl", hash = "sha256:2783947ec34dd84fc36093e8fc8a9a24679cf912a97bc9a0c47f4966ed059a29"}, + {file = "boto3-1.17.57.tar.gz", hash = "sha256:6b4a79691a48740816f03c4cb1e8ef46f8335ad2019d9c4a95da73eb5cb98f05"}, ] botocore = [ - {file = "botocore-1.20.33-py2.py3-none-any.whl", hash = "sha256:a33e862685259fe22d9790d9c9f3567feda8b824d44d3c62a3617af1133543a4"}, - {file = "botocore-1.20.33.tar.gz", hash = "sha256:e355305309699d3aca1e0050fc21d48595b40db046cb0d2491cd57ff5b26920b"}, + {file = "botocore-1.20.57-py2.py3-none-any.whl", hash = "sha256:fa430bc773363a3d332c11c55bd8c0c0a5819d576121eb6990528a1bdaa89bcd"}, + {file = "botocore-1.20.57.tar.gz", hash = "sha256:ae4ac72921f23d35ad54a5fb0989fc00c6fff8a39e24f26128b9315cc6209fec"}, ] c7n = [] c7n-org = [] @@ -271,17 +265,13 @@ click = [ {file = "click-7.1.2.tar.gz", hash = "sha256:d2b5255c7c6349bc1bd1e59e08cd12acbbd63ce649f2588755783aa94dfb6b1a"}, ] importlib-metadata = [ - {file = "importlib_metadata-3.7.3-py3-none-any.whl", hash = "sha256:b74159469b464a99cb8cc3e21973e4d96e05d3024d337313fedb618a6e86e6f4"}, - {file = "importlib_metadata-3.7.3.tar.gz", hash = "sha256:742add720a20d0467df2f444ae41704000f50e1234f46174b51f9c6031a1bd71"}, + {file = "importlib_metadata-4.0.1-py3-none-any.whl", hash = "sha256:d7eb1dea6d6a6086f8be21784cc9e3bcfa55872b52309bc5fad53a8ea444465d"}, + {file = "importlib_metadata-4.0.1.tar.gz", hash = "sha256:8c501196e49fb9df5df43833bdb1e4328f64847763ec8a50703148b73784d581"}, ] jmespath = [ {file = "jmespath-0.10.0-py2.py3-none-any.whl", hash = "sha256:cdf6525904cc597730141d61b36f2e4b8ecc257c420fa2f4549bac2c2d0cb72f"}, {file = "jmespath-0.10.0.tar.gz", hash = "sha256:b85d0567b8666149a93172712e68920734333c0ce7e89b78b3e987f71e5ed4f9"}, ] -jsonpickle = [ - {file = "jsonpickle-1.3-py2.py3-none-any.whl", hash = "sha256:efc6839cb341985f0c24f98650a4c1063a2877c236ffd3d7e1662f0c482bac93"}, - {file = "jsonpickle-1.3.tar.gz", hash = "sha256:71bca2b80ae28af4e3f86629ef247100af7f97032b5ca8d791c1f8725b411d95"}, -] jsonschema = [ {file = "jsonschema-3.2.0-py2.py3-none-any.whl", hash = "sha256:4e5b3cf8216f577bee9ce139cbe72eca3ea4f292ec60928ff24758ce626cd163"}, {file = "jsonschema-3.2.0.tar.gz", hash = "sha256:c8a85b28d377cc7737e46e2d9f2b4f44ee3c0e1deac6bf46ddefc7187d30797a"}, @@ -317,8 +307,8 @@ pyyaml = [ {file = "PyYAML-5.4.1.tar.gz", hash = "sha256:607774cbba28732bfa802b54baa7484215f530991055bb562efbed5b2f20a45e"}, ] s3transfer = [ - {file = "s3transfer-0.3.6-py2.py3-none-any.whl", hash = "sha256:5d48b1fd2232141a9d5fb279709117aaba506cacea7f86f11bc392f06bfa8fc2"}, - {file = "s3transfer-0.3.6.tar.gz", hash = "sha256:c5dadf598762899d8cfaecf68eba649cd25b0ce93b6c954b156aaa3eed160547"}, + {file = "s3transfer-0.4.2-py2.py3-none-any.whl", hash = "sha256:9b3752887a2880690ce628bc263d6d13a3864083aeacff4890c1c9839a5eb0bc"}, + {file = "s3transfer-0.4.2.tar.gz", hash = "sha256:cb022f4b16551edebbb31a377d3f09600dbada7363d8c5db7976e7f47732e1b2"}, ] six = [ {file = "six-1.15.0-py2.py3-none-any.whl", hash = "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced"}, diff --git a/tools/c7n_trailcreator/pyproject.toml b/tools/c7n_trailcreator/pyproject.toml index 014249f02a6..356864ac74b 100644 --- a/tools/c7n_trailcreator/pyproject.toml +++ b/tools/c7n_trailcreator/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "c7n_trailcreator" -version = "0.2.10" +version = "0.2.11" readme = "readme.md" homepage = "https://cloudcustodian.io" repository = "https://github.com/cloud-custodian/cloud-custodian" @@ -10,6 +10,7 @@ authors = ["Cloud Custodian Project"] license = "Apache-2.0" classifiers=[ + "License :: OSI Approved :: Apache Software License", "Topic :: System :: Systems Administration", "Topic :: System :: Distributed Computing" ] diff --git a/tools/c7n_trailcreator/setup.py b/tools/c7n_trailcreator/setup.py index 19e7cde306d..745b3abdbaf 100644 --- a/tools/c7n_trailcreator/setup.py +++ b/tools/c7n_trailcreator/setup.py @@ -10,22 +10,21 @@ {'': ['*']} install_requires = \ -['argcomplete (>=1.12.2,<2.0.0)', +['argcomplete (>=1.12.3,<2.0.0)', 'attrs (>=20.3.0,<21.0.0)', - 'boto3 (>=1.17.33,<2.0.0)', - 'botocore (>=1.20.33,<2.0.0)', - 'c7n (>=0.9.11,<0.10.0)', - 'c7n-org (>=0.6.10,<0.7.0)', + 'boto3 (>=1.17.57,<2.0.0)', + 'botocore (>=1.20.57,<2.0.0)', + 'c7n (>=0.9.12,<0.10.0)', + 'c7n-org (>=0.6.11,<0.7.0)', 'click (>=7.1.2,<8.0.0)', 'click>=7.0,<8.0', - 'importlib-metadata (>=3.7.3,<4.0.0)', + 'importlib-metadata (>=4.0.1,<5.0.0)', 'jmespath (>=0.10.0,<0.11.0)', - 'jsonpickle (>=1.3,<2.0)', 'jsonschema (>=3.2.0,<4.0.0)', 'pyrsistent (>=0.17.3,<0.18.0)', 'python-dateutil (>=2.8.1,<3.0.0)', 'pyyaml (>=5.4.1,<6.0.0)', - 's3transfer (>=0.3.6,<0.4.0)', + 's3transfer (>=0.4.2,<0.5.0)', 'six (>=1.15.0,<2.0.0)', 'tabulate (>=0.8.9,<0.9.0)', 'typing-extensions (>=3.7.4.3,<4.0.0.0)', @@ -37,8 +36,14 @@ setup_kwargs = { 'name': 'c7n-trailcreator', - 'version': '0.2.10', + 'version': '0.2.11', 'description': 'Cloud Custodian - Retroactive Tag Resource Creators from CloudTrail', + 'license': 'Apache-2.0', + 'classifiers': [ + 'License :: OSI Approved :: Apache Software License', + 'Topic :: System :: Systems Administration', + 'Topic :: System :: Distributed Computing' + ], 'long_description': '# c7n-trailcreator: Retroactive Resource Creator Tagging\n\nThis script will process cloudtrail records to create a sqlite db of\nresources and their creators, and then use that sqlitedb to tag\nthe resources with their creator\'s name.\n\nIn processing cloudtrail it can use either Athena or S3 Select. A\nconfig file of the events and resources of interest is required.\n\n## Install\n\n```shell\n$ pip install c7n_trailcreator\n\n$ c7n-trailcreator --help\n```\n\n## Config File\n\nThe config file format here is similiar to what custodian requires\nfor lambda policies on cloudtrail api events as an event selector.\n\nFirst for each resource, the custodian resource-type is required\nto be specified, and then for each event, we need to know the\nname of the service, the event name, and a jmespath expression\nto get the resource ids.\n\nHere\'s a a few examples, covering iam-user, iam-role, and and an s3 bucket.\n\n\n```json\n{\n "resources": [\n {\n "resource": "iam-role",\n "events": [\n {\n "event": "CreateRole",\n "ids": "requestParameters.roleName",\n "service": "iam.amazonaws.com"\n }\n ]\n },\n {\n "resource": "s3",\n "events": [\n {\n "ids": "requestParameters.bucketName",\n "event": "CreateBucket",\n "service": "s3.amazonaws.com"\n }\n ]\n },\n {\n "resource": "iam-user",\n "events": [\n {\n "event": "CreateUser",\n "ids": "requestParameters.userName",\n "service": "iam.amazonaws.com"\n }\n ]\n }]\n}\n```\n\n## Athena Usage\n\nTrail creators supports loading data from s3 using s3 select or from cloudtrail s3 using athena.\n\nNote you\'ll have to pre-created the athena table for cloudtrail previously per\nhttps://docs.aws.amazon.com/athena/latest/ug/cloudtrail-logs.html\n\nLet\'s use the example config file to load up data for all the roles, buckets, and users created in 2019\n\n```\nc7n-trailcreator load-athena \\\n --region us-east-1 \\\n\t--resource-map resource_map.json \\\n\t--table cloudtrail_logs_custodian_skunk_trails \\\n\t--db "creators.db" \\\n\t--year 2019\n```\n\nBy default we\'ll use the default s3 athena output used by the console,\nand the default db and primary workgroup, you can pass all of these in\non the cli to be more explicit.\n\nYou can also specify to just process a month with `--month 2019/11` or\nan individual day with `--day 2019/02/01`\n\n```\nINFO:c7n_trailowner:Athena query:569712dc-d1e9-4474-b86f-6579c53b5b46\nINFO:c7n_trailowner:Polling athena query progress scanned:489.24 Mb qexec:28.62s\nINFO:c7n_trailowner:Polling athena query progress scanned:1.29 Gb qexec:88.96s\nINFO:c7n_trailowner:Polling athena query progress scanned:2.17 Gb qexec:141.16s\nINFO:c7n_trailowner:processing athena result page 78 records\nINFO:c7n_trailowner:Athena Processed 78 records\n```\n\nNote you can reprocess a completed query\'s results, by passing in `--query-id` on the cli.\n\n## Tagging\n\nIt supports this across all the resources that custodian supports.\n\n```\n$ c7n-trailcreator tag \\\n\t--db creators.db \\\n\t--creator-tag Owner \\\n\t--region us-east-1\nINFO:c7n_trailowner:account:644160558196 region:us-east-1 tag 13 iam-role resources users:5 population:97 not-found:84 records:124\nINFO:c7n_trailowner:account:644160558196 region:us-east-1 tag 5 iam-user resources users:4 population:6 not-found:1 records:18\nINFO:c7n_trailowner:account:644160558196 region:us-east-1 tag 9 s3 resources users:4 population:14 not-found:5 records:20\nINFO:c7n_trailowner:auto tag summary account:644160558196 region:us-east-1\n iam-role-not-found: 84\n iam-role: 13\n iam-user-not-found: 1\n iam-user: 5\n s3-not-found: 5\n s3: 9\nINFO:c7n_trailowner:Total resources tagged: 27\n```\n\nlet\'s break down one of these log messages\n\n```\nINFO:c7n_trailowner:account:644160558196 region:us-east-1 tag 13 iam-role resources users:5 population:97 not-found:84 records:124\n```\n\n- records: the count of database create events we have for this resource type.\n- users: the number of unique users for whom we have create events.\n- not-found: the number of resources for whom we do not have create events, ie created before or after our trail analysis period.\n- population: the total number of resources in the account region.\n\n## Multi Account / Multi Region\n\nc7n-trailcreator supports executing across multiple accounts and regions when tagging\nusing the same file format that c7n-org uses to denote accounts. See `tag-org` subcommand.\n\n', 'long_description_content_type': 'text/markdown', 'author': 'Cloud Custodian Project', diff --git a/tools/dev/dockerpkg.py b/tools/dev/dockerpkg.py index 66612d6d1ae..2998ef96bbb 100644 --- a/tools/dev/dockerpkg.py +++ b/tools/dev/dockerpkg.py @@ -17,6 +17,7 @@ import time import subprocess import sys +import traceback from datetime import datetime from pathlib import Path @@ -277,8 +278,11 @@ def build(provider, registry, tag, image, quiet, push, test, scan, verbose): """ try: import docker - except ImportError: + except ImportError as e: + print("import error %s" % e) + traceback.print_exc() print("python docker client library required") + print("python %s" % ("\n".join(sys.path))) sys.exit(1) if quiet: logging.getLogger().setLevel(logging.WARNING) diff --git a/tools/dev/license-check.py b/tools/dev/license-check.py new file mode 100644 index 00000000000..34e9d92313d --- /dev/null +++ b/tools/dev/license-check.py @@ -0,0 +1,78 @@ +from importlib import metadata +import sys + +accept = ( + 'MIT', + 'BSD', + 'Apache License 2.0', + 'Apache 2.0', + 'MIT License', + 'Apache 2', + 'BSD License', + 'MPL 2.0', + 'BSD-3-Clause', + 'Apache-2.0', +) + +accept_classifiers = set( + ( + 'License :: OSI Approved', + 'License :: OSI Approved :: Python Software Foundation License', + 'License :: OSI Approved :: Apache Software License', + 'License :: OSI Approved :: MIT License', + 'License :: OSI Approved :: BSD License', + 'License :: OSI Approved :: Mozilla Public License 2.0 (MPL 2.0)', + # 'License :: OSI Approved :: GNU Library or Lesser General Public License (LGPL)' + ) +) + +whitelist_packages = set( + ( + # + # Deps with licenses that get flagged + 'pygit2', # tools/c7n_policystream dep, GPL w/ Linking Exception + 'astroid', # ci for codelint, LGPL-2.1 + 'pylint', # ci for codelint, GPL + 'semgrep', # ci, LGPLv2 + 'ldap3', # mailer dependency, LGPL + 'sphinx-markdown-tables', # docgen - GPL + 'docutils', # docgen - couple of different licenses but bulk is public domain + 'chardet', # requests dep - LPGL + 'websocket-client', # c7n_kube dep - LGPL-2.1 + # + # packages with bad metadata + 'applicationinsights', # MIT + 'msal-extensions', # MIT + 'protobuf', # BSD-3-Clause + 'python-http-client', # MIT + 'sendgrid', # MIT + 'typed-ast', # apache 2.0 + 'starkbank-ecdsa', # MIT + 'portalocker', # PSF + ) +) + + +def main(): + seen = set() + found = False + for d in sorted(metadata.distributions(), key=lambda d: d.metadata['Name']): + dname = d.metadata['Name'] + + if dname in seen: + continue + + classifiers = d.metadata.get_all('Classifier') or () + classifiers = [c for c in classifiers if c.startswith('License')] + delta = set(classifiers).difference(accept_classifiers) + if (delta or not classifiers) and dname not in whitelist_packages: + found = True + print(f"{dname}: {d.metadata['License']} {classifiers}") + + seen.add(dname) + if found: + sys.exit(1) + + +if __name__ == '__main__': + main() diff --git a/tools/dev/poetrypkg.py b/tools/dev/poetrypkg.py index 0827c9ede27..1b6019cbf1c 100644 --- a/tools/dev/poetrypkg.py +++ b/tools/dev/poetrypkg.py @@ -43,6 +43,12 @@ def cli(): 'name': {name!r}, 'version': {version!r}, 'description': {description!r}, + 'license': 'Apache-2.0', + 'classifiers': [ + 'License :: OSI Approved :: Apache Software License', + 'Topic :: System :: Systems Administration', + 'Topic :: System :: Distributed Computing' + ], 'long_description': {long_description!r}, 'long_description_content_type': 'text/markdown', 'author': {author!r}, diff --git a/tools/sandbox/c7n_autodoc/requirements.txt b/tools/sandbox/c7n_autodoc/requirements.txt index 248000a9f05..a47356a3728 100644 --- a/tools/sandbox/c7n_autodoc/requirements.txt +++ b/tools/sandbox/c7n_autodoc/requirements.txt @@ -1,4 +1,4 @@ boto3 pyyaml>=4.2b4 -jinja2>2.11.3 +jinja2>=2.11.3 jsonschema diff --git a/tools/sandbox/c7n_autodoc/setup.py b/tools/sandbox/c7n_autodoc/setup.py index 8367ba9f383..401a38dd9f2 100644 --- a/tools/sandbox/c7n_autodoc/setup.py +++ b/tools/sandbox/c7n_autodoc/setup.py @@ -23,5 +23,5 @@ author_email="ryanash@gmail.com", license="Apache-2.0", py_modules=["c7n_autodoc"], - install_requires=["c7n", "pyyaml>=4.2b4", "boto3", "jinja2>2.11.3", "jsonschema"] + install_requires=["c7n", "pyyaml>=4.2b4", "boto3", "jinja2>=2.11.3", "jsonschema"] )