aws
- aws - account access-analyzer filter (#6075)
- aws - add delete action to iam user group (#6088)
- aws - ami - remove permission - support only on matched cross accounts (#6009)
- aws - auto filter classic elastic ips, we only support vpc elastic ips (#6168)
- aws - cloud watch - contributor insight rule resource (#6157)
- aws - code artifact support (#6119)
- aws - config - more aws config garbage unmangling (#6185)
- aws - config source - implicitly sniff date keys in isoformat and convert (#6181)
- aws - ec2 dedicated host resource (#6165)
- aws - elasticsearch - kms-key filter (#6123)
- aws - fix phd mode error for resource 'account' without 'events' (#6141)
- aws - iam group - delete - fix test for functional runs (#6191)
- aws - iam role delete force removes inline policies (#6115)
- aws - kms - fix error log statement (#6200)
- aws - lambda network-location - check existence before referring (#5945)
- aws - log-group last-write - bug fix - normalize timestamps (#6126)
- aws - natgateway metrics filter (#6140)
- aws - rdscluster network-location fix via subnet filter support (#5955)
- aws - route53 hosted zone force delete - fix record removal (#6192)
- aws - s3 - config normalization - handle account id missing in replication (#6136)
- aws - s3 - fixed typo in error log format string (#6035)
- aws - security group - unused filter accounts for codebuild projects (#6153)
- aws - service catalog portfolio resource w/ cross-account, delete share (#6166)
- aws - sns - modify policy - fix via change logical or to and (#6124)
- aws - tag support for redshift subnets, ds, cloudhsm subnet filter and delete action (#6047)
- aws - vpc-endpoint filter for vpc and subnets (#5934)
azure
- azure - metrics filter - add to_zero support for no_data action (#6194)
- azure - metrics filter - fix aggregation funcs (#6186)
- azure - update policy mode reference to 'function_app_name' (#6169)
core
- chore - minor tweak for current time with UTC tz (#6150)
- cli - internals - change 'blacklist' to 'exclude' in function arg. (#6127)
- cli - update the metavar for the metrics CLI help. (#6104)
- core - refactor action and filter base classes to remove duplication. (#6128)
- core - value_from enhancement to use sets instead of lists for speed ups on large sets (#6043)
gcp
- gcp - add handling for disabled service api errors (#6208)
- gcp - aws 53 zones, gke clusters, gcp dns zones - delete action
- gcp - enable functional testing (#6196)
docs
- docs - add value_from docstrings to value filter docs (#6195)
- docs - aws - fix sg ingress ipv6 filtering example (#6117)
- docs - developer testing with pytest-terraform (#6142)
- docs - show filter/action permissions (#6116)
release engineering
- releng - update deps, address docker build / ci issues (#6178)
- releng - upgrade pytest-terraform to 0.5.0 (#6112)
- test - support pytest-terraform for flight recording test setup (#6040)
- ci - fix the intermittent test failure by explicitly setting rand seed. (#6110)
tools
- tools - add schema diff to script that generates changelogs
- tools/c7n-org - support just specifying role name in config file (#6177)
- tools/cask - releng - tidy up go.mod (#6092)
- tools/changelog - do not add to dev requirements which we use in CI
- tools/changelog - do not repeat changes in global actions, filters
- tools/changelog - link to resources and actions in online docs
- tools/ops/policylambda - fix - switch func ref to arn attribute and perm name change (#6114)
- tools/ops/policylambda - refactor, clean up tech debt, and add tests (#6094)
schema changes
aws.artifact-domain
addedaws.artifact-repo
addedaws.catalog-portfolio
addedaws.ec2-host
addedaws.insight-rule
addedaws.account
- added filters:
access-analyzer
- added filters:
aws.cloudhsm-cluster
- added actions:
delete
,mark-for-op
- added filters:
marked-for-op
,subnet
- added actions:
aws.directory
- added actions:
mark-for-op
- added filters:
marked-for-op
- added actions:
aws.elasticsearch
- added filters:
kms-key
- added filters:
aws.hostedzone
- added actions:
delete
- added actions:
aws.iam-group
- added actions:
delete
- added actions:
aws.nat-gateway
- added filters:
metrics
- added filters:
aws.redshift-subnet-group
- added actions:
auto-tag-user
,copy-related-tag
,mark-for-op
,remove-tag
,tag
- added filters:
marked-for-op
- added actions:
aws.subnet
- added filters:
vpc-endpoint
- added filters:
aws.vpc
- added filters:
vpc-endpoint
- added filters:
gcp.dns-managed-zone
- added actions:
delete
- added actions:
gcp.gke-cluster
- added actions:
delete
- added actions: