github cloud-custodian/cloud-custodian 0.8.45.0
on GitHub

latest releases: 0.9.35.0, 0.9.34.0, 0.9.33.0...
4 years ago

Compatibility Warning

A bug fix (#4277) around custodian schema validation of boolean filter blocks (or, and, and not) may now cause some validation errors on invalid policies. Previously these policies would have passed validation as it was not performed recursively on boolean blocks. Please check your policies with the latest release.

AWS

  • aws - handle missing ec2 launch template (#4579)
  • aws - acm certificate tag actions (#4529)
  • aws - arn resolver and type info class (#4104)
  • aws - auto tag support federated user (#4352)
  • aws - code commit resource by name (#4236)
  • aws - config rule mode validation of supported resource type (#4760)
  • aws - copy related tag more explicit handling of missing related ids (#4762)
  • aws - ebs default encryption filter & action (#4337)
  • aws - ebs resize - adjust max chunk size to stay under api filter limits (#3778) (#4350)
  • aws - eni vpc filter fix related ids expression typo (#4463)
  • aws - fix custodian lambda tag values to values supported in lambda (#4455)
  • aws - fix rds modify-security-groups via vpc filter fix (#4456)
  • aws - glue tables and databases w/ delete action (#4248)
  • aws - iam usage filter catch and go on no such entity (#4467)
  • aws - invoke step function (sfn) action (#4169)
  • aws - invoke-lambda support targeting lambda in different region (#4449)
  • aws - log-group normalize age to seconds since epoch (#4194)
  • aws - logging - support account, region log sinks and configurable log streams names (#4809)
  • aws - metrics filter allow optional fill value for missing metric data (#4348)
  • aws - metrics support user supplied dimensions, schema fix, s3 config fix (#4291)
  • aws - sechub - description is now non-null required (#4249)
  • aws - security hub event support (#4388)
  • aws - security hub finding mode event pattern fix (#4524)
  • aws - securityhub move all related functionality to securityhub module (#4622)
  • aws - sg ingress/egress cidr k:v fix (#4258)
  • aws - sg ingress/egress filter fixes (#4292)
  • aws - ssm ops center support (#4374)
  • aws - update set-flow-logs validation (#4759)
  • aws - various resources fix get-permission chaining (#4380)
  • aws.acm - set compatibility to false for universal tagging (#4633)
  • aws.appelb - modify-security-groups action (#4417)
  • aws.cloudtrail - delete action (#4472)
  • aws.cloudtrail - delete action check for shadow (org and multi region) (#4480)
  • aws.iam-role - adding force option for deleting an iam role (#4220)
  • aws.iam-user - set-groups action (#4730)
  • aws.lambda - modify-security-groups action (#4385)
  • aws.rest-api - tag actions and filters (#4755)

Azure

  • Azure - Add mailer support to the Container Host helm chart (#4711)
  • Azure - AzureDNS Resource Types (#4303)
  • Azure - Inline docs for a bunch of resources. (#4280)
  • Azure - Retention test fixes (#4787)
  • Azure - Update lookup schema and allow tag value to be lookup type (#4609)
  • Azure - docs - firewall scenario (#4444)
  • azure - API Management resource (#4109)
  • azure - Add custom prefix for NSG rules (#4722)
  • azure - Adding link to Azure functions doc from modes page (#4283)
  • azure - Lock filter and action. (#4223)
  • azure - Make on/off hours available on all arm (#4335)
  • azure - Resize API management resource (#4369)
  • azure - SQL db resize & filter event action (#4794)
  • azure - Skip certain tests when run live (#4745)
  • azure - Storage account permission issues exception messages + Delete locked resource group should be logged and skipped (#4384)
  • azure - Update 'delayed operations' docs (#4192)
  • azure - Update NSG policy example (#4225)
  • azure - Update key replace code & rerecord cassettes (#4272)
  • azure - access control functions bug (#4351)
  • azure - action - hdinsight resize action (#4758)
  • azure - add event hub resource (#4534)
  • azure - add execution mode permissions for azure functions test (#4780)
  • azure - add firewall-bypass filter (#4778)
  • azure - add handling of linux and consumption app service plans (#4584)
  • azure - add logic app E2E scenario (#4318)
  • azure - add metrics config option & update Application Insights & metrics docs (#4361)
  • azure - add more logging to notification delivery in mailer (#4408)
  • azure - add postgresql support (#4708)
  • azure - add storage container support (#4710)
  • azure - add storage diagnostic settings filter (#4222)
  • azure - add support for aci (#4533)
  • azure - app service test improvements (#4650)
  • azure - async provision\cleanup scripts & ability to run live tests (#4673)
  • azure - auth file parity with environment variables (#4373)
  • azure - autotag created date action & Tags tests refactor (#4416)
  • azure - cache metrics filter (#4541)
  • azure - child resource report fields (#4634)
  • azure - container host (#4426)
  • azure - container host aci template (#4632)
  • azure - container host cleanup (#4681)
  • azure - container host docs (#4732)
  • azure - container host k8s tooling (#4604)
  • azure - container host remove event filter (#4678)
  • azure - cosmos db throughput state (#4639)
  • azure - cosmos resources (#4305)
  • azure - cosmosdb firewall action (#4627)
  • azure - cost management exports resource (#4701)
  • azure - delete recordset (#4321)
  • azure - deployment unit & logic app tests fixes (#4792)
  • azure - docs - hosting options (#4607)
  • azure - docs - teams notification (#4620)
  • azure - docs and example fixes (#4610)
  • azure - docs fix sample (#4637)
  • azure - docs fix sql example (#4616)
  • azure - docs nav fix (#4286)
  • azure - docs page on azure policy (#4281)
  • azure - document azure use for mailer replay (#4323)
  • azure - event hub firewall filter (#4544)
  • azure - event_subscription functional test fix (#4757)
  • azure - firewall enhance (#4431)
  • azure - fix mailer sub id issue (#4475)
  • azure - fix Event Grid resource id extract & get_resources (#4473)
  • azure - fix app service plan scale out (#4735)
  • azure - fix applicationinsights functions packaging (#4434)
  • azure - fix azure functions runtime (#4368)
  • azure - fix functions sub id (#4798)
  • azure - fix knack dependency and rg regression (#4766)
  • azure - fix op for regeneration-period filter (#4645)
  • azure - fix packager code to remove duplicates (#4325)
  • azure - fix patch updates for tags (#4546)
  • azure - function app test name fixes (#4790)
  • azure - function cache bug (#4432)
  • azure - function event schema max array size (#4716)
  • azure - functional tests pipeline (#4688)
  • azure - host naming fixes (#4763)
  • azure - improve getting and naming loggers (#4720)
  • azure - improved handling of authentication errors (#4696)
  • azure - include Resource Groups in 'azure.armresource' (#4712)
  • azure - inline docs for the last batch of resources (#4304)
  • azure - keyvault certificates resource (#4630)
  • azure - keyvault integration (#4389)
  • azure - kv integration docs (#4427)
  • azure - kv managed storage (#4642)
  • azure - live pipeline and resource type (#4715)
  • azure - live tests pipeline fixes (#4707)
  • azure - marked for op - time zone reset (#4817)
  • azure - metric support for child resources (#4743)
  • azure - metrics - error handling (#4703)
  • azure - notification example docs (#4635)
  • azure - parent filter for child resources & bugfix (#4611)
  • azure - period modes cron regex (#4695)
  • azure - pipeline rename variables group (#4706)
  • azure - remove azure functions machinedecryption & dashboard app settings (#4411)
  • azure - remove supported resources doc section (#4536)
  • azure - remove timeout in azure tests pipeline (#4704)
  • azure - replace cosmos offer (#4332)
  • azure - require SP credentials for Azure Functions mode (#4598)
  • azure - require ssl action (#4657)
  • azure - resize sql action (#4324)
  • azure - resource cost filter (#4314)
  • azure - resources inline docs (#4284)
  • azure - session refactor (#4810)
  • azure - session supports override for cli auth (#4785)
  • azure - set storage access action (#4764)
  • azure - skip failed container enumerations (#4784)
  • azure - some resource docs (#4255)
  • azure - storage firewall action and service tag lookups (#4567)
  • azure - storage logging action (#4301)
  • azure - storage public access docs (#4599)
  • azure - support tag, resize from resource (#4588)
  • azure - test fix - test_lock_action fix (#4777)
  • azure - test fixes cosmosdb (#4748)
  • azure - tests fixes for KeyVault, Storage permissions, deployment units (#4786)
  • azure - text fixes for lock filter (#4791)
  • azure - timestamps on function archives (#4429)
  • azure - two nav fixes (#4287)
  • azure - update arm templates (#4742)
  • azure - update azure-functions (#4364)
  • azure - update container host keyword args (#4768)
  • azure - update cosmosdb tests patched function (#4652)
  • azure - update cost filter (#4336)
  • azure - update cost filter docs (#4672)
  • azure - update firewall tests (#4749)
  • azure - update firewall-rules filter to use effective rule set (#4756)
  • azure - update kv tests (#4728)
  • azure - update linux app service plan provisioning region
  • azure - update lookup schema (#4646)
  • azure - update provision\cleanup scripts to support --skip option (#4747)
  • azure - update provisioning of win consumption app service plans (#4789)
  • azure - update role assignment scope filter (#4509)
  • azure - update test_subscription.py (#4725)
  • azure - use cli options for azure container host (#4565)
  • azure - vm image docs update (#4282)
  • azure - web app functional test fix (#4788)
  • azure - web app ssl configuration (#4733)
  • azure - resource - Added support for hdinsight resource (#4731)
  • azure - Enable docs examples verification tests for Azure (#4214)
  • azure - support policy resource limits (#4649)

core

  • cli - default report field fixes (#4319)
  • c7n - allow webhook action to use proxy (#4726)
  • core - certifi dependency optional for serverless envs (#4197)
  • core - jsonschema boolean blocks validation (#4277)
  • core - load only known cloud providers by default (#4195)
  • core - postpone initializing webhook lookup data (#4342)
  • core - remove debug code which created serverless dep on boto3 (#4237)
  • core - uri resolver supports http gzip encoding (#4752)
  • core - value filter fix the expression value_type (#2148)
  • core - yaml utils simplify conditional import (#4232)
  • utils - remove worker decorator (#4746)

docs

  • docs - Update generated html for Schema arrow (#4199)
  • docs - Update inline comments to get rid of docs warnings (#4317)
  • docs - add manual groups and individual resource pages (#4306)
  • docs - automated reference docs (#4166)
  • docs - aws s3 global-grants filter document default and how to disable (#4468)
  • docs - aws ebs examples update (#4354)
  • docs - aws gettingstarted.rst fixed typo in policy(#4059)
  • docs - aws unique example policy names (#4262)
  • docs - azure docs refactor (#4316)
  • docs - azure inline docs for a bunch of resources (#4288)
  • docs - c7n-mailer readme: document lambda_tags (#4590)
  • docs - clean up intro, fix gcp getting started link (#4206)
  • docs - fix guard-duty example to reflect actual attribute value (#4355)
  • docs - gcp bigquery resources add rest api links (#4274)
  • docs - gcp dataflow (#4227)
  • docs - gcp dns examples (#4250)
  • docs - gcp pubsub examples (#4226)
  • docs - improve regex example. (#4562)
  • docs - link and formatting fixes for aws topics (#4457)
  • docs - link manheim-c7n-tools repo (#4254)
  • docs - no yaml aliases in schema docs (#4805)
  • docs - readme add stackoverflow and alphabetize list (#4806)
  • docs - readme fix a typo in the docker run command example (#4419)
  • docs - reference docbuilder fix output path normalization (#4479)
  • docs - reiterate tox config (#4648)
  • docs - update code of conduct link (#4816)

gcp

  • gcp - add autoscalers resource, actions, docs (#4538)
  • gcp - add kubernetes nodepools resource (#4208)
  • gcp - add stack driver logging initial setup (#3820)
  • gcp - cloud dataflow get method updated tests resource (#4308)
  • gcp - delete action for cloud router and docs (#4356)
  • gcp - delete sql-database resource (#4294)
  • gcp - deployment delete action and docs (#4307)
  • gcp - fix cloudbilling-account get method (#4091)
  • gcp - fix sqldb exception caused by retrieval of children from stopped parents (#4173)
  • gcp - fixed get method on network resources (route, router, interconnect, interconnect attachment) (#4089)
  • gcp - gce instance templates resource and delete action (#4507)
  • gcp - iam project-role backfill event data test (#4207)
  • gcp - image delete action (#4135)
  • gcp - kms resources and docs (#4171)
  • gcp - load balancer - backend bucket delete action (#4346)
  • gcp - load balancer policy delete action (#4345)
  • gcp - load balancer service - fix get methods across many resources (#4110)
  • gcp - ml fix get method and tests for models and jobs (#4309)
  • gcp - resourcemanager docstrings and parent folder query (#4231)
  • gcp - set-iam-policy base use resource metadata id field instead of 'name' string (#4691)
  • gcp - spanner - delete and generic set-iam-policy action (#4454)
  • gcp - support for usage of serverless modes in other regions than us-central1 (#4664)
  • gcp - support policy resource limits (#4649)

tools

  • cask - bug (#4246)
  • cask - Update links (#4328)
  • cask - auto rm after run, fix some golint warnings (#4458)
  • cask - azure release pipeline (#4224)
  • cask - bug fixes (#4469)
  • cask - docker wrapper initial commit (#4159)
  • cask - docs, installer, pipeline (#4694)
  • cask - image pull if there is no image (#4663)
  • cask - linux install file overwrite (#4718)
  • cask - windows installer bugs (#4516)
  • cask - windows powershell and instructions (#4322)
  • dockerfile - azure functions cache (#4247)
  • tools/c7n_mailer - Azure SMTP fix & c7n_mailer functional test (#4186)
  • tools/c7n_mailer - fix slack://tag/ delivery method and add tests (#4228)
  • tools/c7n_mailer - remove enum, which isn't part of 2.7 and increment version (#4204)
  • tools/c7n_mailer - slack transport dont decode json before checking status codes (#4462)
  • tools/c7n_mailer - Update string encoding for printing for py3 (#4440)
  • c7n_mailer - format utility strip provider when matching (#4601)
  • mailer - implement org_domain logic for for non-events based policies (#4229)
  • mailer - kv integration for azure (#4602)
  • mailer - rename directory to avoid conflicts with sdk (#4409)
  • mailer - support channel name without # in tags (#4421)
  • tools/c7n-org - when provisioning lambda policies don't count them for resource counts (#4357)
  • tools/c7n_logexporter - click options with help text (#4647)
  • tools/c7n_org - aws & azure account gen use c7n yaml_dump to avoid inline anchors (#4211)
  • tools/c7n_org - aws org account gen script populate account tags (#4690)
  • tools/c7n_org - fix package metadata readme content type as markdown (#4289)
  • tools/c7n_org - support reporting across providers (#4256)

tests

  • ci - cache pip downloads (#4451)
  • ci - docs build split into separate job (#4461)
  • ci - gcp strip test data (#4615)
  • ci - revert cache (#4474)
  • ci - use codecov bash uploader (#4327)
  • test - registered skiplive marker (#4813)
  • tests - clean up deprecations (#4719)
  • ci - Fix CI docker build (#4596)
Check out latest releases or
releases around cloud-custodian/cloud-custodian 0.8.45.0

Don't miss a new cloud-custodian release

NewReleases is sending notifications on new releases.

Get notifications