aws

aws - ami deregister exception when snapshot in use (#6706)
aws - asg - add update action to set max lifetime and other settings (#6612)
aws - batch - fix subnet and sg filters related resource expressions (#6644)
aws - cloud watch alarms - tag augment (#6598)
aws - config support for ecs service & eks cluster (#6605)
aws - dax fix tagging action (#6754)
aws - ebs - modify action - add gp3 ebs type to schema (#6753)
aws - ec2 svc id prefix for more resources (#6566)
aws - ecs-task-definition - config support (#6561)
aws - ecs-task-definition - fix get_resources exception due to double augment (#6705)
aws - eks - node group resources and delete action (#6737)
aws - fix datapipeline id field (#6746)
aws - glue connections - default describe parameters for omitting password (#6733)
aws - handle deprecated services and mark additional global resources (#6592)
aws - kafka kms-key filter for data-volume encryption (#6769)
aws - kinesis Analytics V2, subnet filter and delete action (#6689)
aws - kms - doc unification (#6626)
aws - kms - more resilient key lookups, fix for keyarn/arn behaviors, fix for config source (#6624)
aws - log metrics resource (#6694)
aws - network firewall resource (#6463)
aws - partition name available for substitution in policies and mailer templates (#6726)
aws - s3 toggle-logging error handling and region variables (#6610)
aws - sagemaker-model - fix augment (#6772)
aws - secrets manager - tag augmentation fix (#6663)
aws - ssm - document resource and filters/actions (#6574)
aws - support phd mode sans detail (#6639)
aws - swf resource (#6687)
aws - emr - use cluster state query from policy, if provided (#6675)

azure

azure - Ensure subscription override for all cases (#6629)
azure - custodian and c7n-org azure multi cloud bug fixes (#6614)
azure - data mask policy filter (#6665)
azure - fix delete action for resource groups (#6730)
azure - identity upgrade fixes (#6773)
azure - new resources (#6759)
azure - remove jsonpickle (#6632)
azure - review wrong schema_alias (#6569)
azure - sql filters (#6640)
azure - sql vulnerability scan filter (#6651)
azure - vm extensions filter (#6702)
azure - revert API version change in favor of resource graph (#6655)

core

cli - report - strip date portion from s3 output dir (#6593)
core - offhours support for fallback schedule when missing tag (#6603)
core - fix annotation merges inside or blocks (#6757)
core - fix value filters that specify a value type but no op (#6682)
core - log policy exceptions before closing log stream (#6698)

docs

docs - add example to aws tag action (#6653)
docs - aws - use detail.awsRegion as a key to access the region data (#6674)

gcp

gcp - dataflow - augment per api changes (#6652)
gcp - filter - scc findings (#6630)
gcp - instance effective firewall filter (#6586)
gcp - metric filter - custom resource mappings (#6647)
gcp - metrics filter (#6595)
gcp - pass project id into credentials constructor (#6608)
gcp - scc - post finding severity field (#6731)
gcp - security-center execution mode (#6568)
gcp - service account key resource (#6591)
gcp - adding disable,enable,delete service account actions (#6650)

releng

releng - dockerpkg - work around azure pipeline regression and docker client bug (#6695)
releng - github actions docker build fix (#6697)
releng - include license in generated setup and dep update (#6648)
releng - prep 0.9.12, rebase deps (#6606)
releng - static analyzers in ci (#6649)
releng - update dependencies (#6755)

tools

tools/c7n_mailer - add formatting for rds-cluster resources (#6700)
tools/c8m_prg - name templates for azure script (#6661)

schema changes

aws.eks-nodegroup added
aws.firewall added
aws.kinesis-analyticsv2 added
aws.log-metric added
aws.ssm-document added
aws.swf-domain added
azure.application-gateway added
azure.container-registry added
azure.containerregistry removed
azure.front-door added
azure.logic-app-workflow added
azure.mysql added
azure.service-fabric-cluster added
azure.service-fabric-cluster-managed added
azure.traffic-manager-profile added
gcp.service-account-key added
aws.alarm
- added actions: auto-tag-user, copy-related-tag, mark-for-op, remove-tag, tag
- added filters: marked-for-op
aws.asg
- added actions: update
aws.ecs-service
- added filters: json-diff
aws.ecs-task-definition
- added filters: json-diff
aws.eks
- added filters: json-diff
aws.kafka
- added filters: kms-key
azure.sql-database
- added filters: data-masking-policy, transparent-data-encryption
azure.sql-server
- added filters: azure-ad-administrators, vulnerability-assessment
azure.vm
- added filters: vm-extensions
gcp.app-engine
- added filters: metrics, scc-findings
gcp.app-engine-certificate
- added filters: metrics, scc-findings
gcp.app-engine-domain
- added filters: metrics, scc-findings
gcp.app-engine-domain-mapping
- added filters: metrics, scc-findings
gcp.app-engine-firewall-ingress-rule
- added filters: metrics, scc-findings
gcp.autoscaler
- added filters: metrics, scc-findings
gcp.bq-dataset
- added filters: metrics, scc-findings
gcp.bq-job
- added filters: metrics, scc-findings
gcp.bq-table
- added filters: metrics, scc-findings
gcp.bucket
- added filters: metrics, scc-findings
gcp.build
- added filters: metrics, scc-findings
gcp.cloudbilling-account
- added filters: metrics, scc-findings
gcp.dataflow-job
- added filters: metrics, scc-findings
gcp.disk
- added filters: metrics, scc-findings
gcp.dm-deployment
- added filters: metrics, scc-findings
gcp.dns-managed-zone
- added filters: metrics, scc-findings
gcp.dns-policy
- added filters: metrics, scc-findings
gcp.firewall
- added filters: metrics, scc-findings
gcp.folder
- added filters: metrics, scc-findings
gcp.function
- added filters: metrics, scc-findings
gcp.gke-cluster
- added filters: metrics, scc-findings
gcp.gke-nodepool
- added filters: metrics, scc-findings
gcp.iam-role
- added filters: metrics, scc-findings
gcp.image
- added filters: metrics, scc-findings
gcp.instance
- added filters: effective-firewall, metrics, scc-findings
gcp.instance-template
- added filters: metrics, scc-findings
gcp.interconnect
- added filters: metrics, scc-findings
gcp.interconnect-attachment
- added filters: metrics, scc-findings
gcp.kms-cryptokey
- added filters: metrics, scc-findings
gcp.kms-cryptokey-version
- added filters: metrics, scc-findings
gcp.kms-keyring
- added filters: metrics, scc-findings
gcp.loadbalancer-address
- added filters: metrics, scc-findings
gcp.loadbalancer-backend-bucket
- added filters: metrics, scc-findings
gcp.loadbalancer-backend-service
- added filters: metrics, scc-findings
gcp.loadbalancer-forwarding-rule
- added filters: metrics, scc-findings
gcp.loadbalancer-global-address
- added filters: metrics, scc-findings
gcp.loadbalancer-global-forwarding-rule
- added filters: metrics, scc-findings
gcp.loadbalancer-health-check
- added filters: metrics, scc-findings
gcp.loadbalancer-http-health-check
- added filters: metrics, scc-findings
gcp.loadbalancer-https-health-check
- added filters: metrics, scc-findings
gcp.loadbalancer-ssl-certificate
- added filters: metrics, scc-findings
gcp.loadbalancer-ssl-policy
- added filters: metrics, scc-findings
gcp.loadbalancer-target-http-proxy
- added filters: metrics, scc-findings
gcp.loadbalancer-target-https-proxy
- added filters: metrics, scc-findings
gcp.loadbalancer-target-instance
- added filters: metrics, scc-findings
gcp.loadbalancer-target-pool
- added filters: metrics, scc-findings
gcp.loadbalancer-target-ssl-proxy
- added filters: metrics, scc-findings
gcp.loadbalancer-target-tcp-proxy
- added filters: metrics, scc-findings
gcp.loadbalancer-url-map
- added filters: metrics, scc-findings
gcp.log-exclusion
- added filters: metrics, scc-findings
gcp.log-project-metric
- added filters: metrics, scc-findings
gcp.log-project-sink
- added filters: metrics, scc-findings
gcp.ml-job
- added filters: metrics, scc-findings
gcp.ml-model
- added filters: metrics, scc-findings
gcp.organization
- added filters: metrics, scc-findings
gcp.project
- added filters: metrics, scc-findings
gcp.project-role
- added filters: metrics, scc-findings
gcp.pubsub-snapshot
- added filters: metrics, scc-findings
gcp.pubsub-subscription
- added filters: metrics, scc-findings
gcp.pubsub-topic
- added filters: metrics, scc-findings
gcp.route
- added filters: metrics, scc-findings
gcp.router
- added filters: metrics, scc-findings
gcp.service
- added filters: metrics, scc-findings
gcp.service-account
- added actions: delete, disable, enable
- added filters: metrics, scc-findings
gcp.snapshot
- added filters: metrics, scc-findings
gcp.sourcerepo
- added filters: metrics, scc-findings
gcp.spanner-database-instance
- added filters: metrics, scc-findings
gcp.spanner-instance
- added filters: metrics, scc-findings
gcp.sql-backup-run
- added filters: metrics, scc-findings
gcp.sql-instance
- added filters: metrics, scc-findings
gcp.sql-ssl-cert
- added filters: metrics, scc-findings
gcp.sql-user
- added filters: metrics, scc-findings
gcp.subnet
- added filters: metrics, scc-findings
gcp.vpc
- added filters: metrics, scc-findings

cloud-custodian/cloud-custodian 0.9.12.0 0.9.12 on GitHub

aws

azure

core

docs

gcp

releng

tools

schema changes

cloud-custodian/cloud-custodian 0.9.12.0
0.9.12

on GitHub