# C7N Community Meeting Minutes 2024-04-16 ## April 16th, 2024 :::info - **URL:** meet.google.com/mii-evqh-esh - **Date:** April 16, 2024 (2:00 PM (ET) / 11:00 AM (PT) / 7PM (UTC)) - **[Timezone Converter (Click me)](https://www.timeanddate.com/worldclock/converter.html?iso=20220621T180000&p1=263&p2=224&p3=136&p4=37&p5=367&p6=438&p7=248&p8=22)** - **Agenda** 1. Intros `10m` 1. Agenda Items `20m` 1. PR Party `30m` - **Meeting Contact:** AJ: <aj@stacklet.io> - **Video Archive and Transcripts**: https://mtngs.io/cloud-custodian/community-meetings/ ::: ## Agenda Items - CNCF security audit - Audit complete, blog post upcoming - Recent CodeCov change - updated to newer version - PRs failing/not posting CodeCov checks can update from main - Ongoing tweaks to Docker images - Include additional providers? - Potentially have provider-specific images in addition to main "kitchen sink" image - Keep an eye on image size - Wolfi doesn't help much with the full c7n image due to the storage requirements of Azure SDK packages ### PR/Issue Discussion # Weekly Report Weekly status report for cloud-custodian/cloud-custodian Week #15 2024 ## Here's what the team has focused on this week: * ## Weekly Stats | | Opened this week| Closed this week| |--|---|-----| |Issues| 15 | 6| |PR's| 20 | 22| | | | |--|--| | New stars | 10| | New forks | 3| ## PR's Opened * [#9438](https://github.com/cloud-custodian/cloud-custodian/pull/9438): aws - sagemaker-compilation-job * [#9435](https://github.com/cloud-custodian/cloud-custodian/pull/9435): releng - dependency update 2024/04/15 * [#9434](https://github.com/cloud-custodian/cloud-custodian/pull/9434): Implement aws - sagemaker-auto-ml-job * [#9431](https://github.com/cloud-custodian/cloud-custodian/pull/9431): Bump idna from 3.6 to 3.7 * [#9430](https://github.com/cloud-custodian/cloud-custodian/pull/9430): Bump idna from 3.6 to 3.7 in /tools/c7n_gcp * [#9429](https://github.com/cloud-custodian/cloud-custodian/pull/9429): Bump idna from 3.6 to 3.7 in /tools/c7n_tencentcloud * [#9428](https://github.com/cloud-custodian/cloud-custodian/pull/9428): Bump idna from 3.6 to 3.7 in /tools/c7n_sphinxext * [#9427](https://github.com/cloud-custodian/cloud-custodian/pull/9427): Bump idna from 3.6 to 3.7 in /tools/c7n_azure * [#9426](https://github.com/cloud-custodian/cloud-custodian/pull/9426): Bump idna from 3.6 to 3.7 in /tools/c7n_kube * [#9425](https://github.com/cloud-custodian/cloud-custodian/pull/9425): Bump idna from 3.6 to 3.7 in /tools/c7n_policystream * [#9424](https://github.com/cloud-custodian/cloud-custodian/pull/9424): Bump idna from 3.6 to 3.7 in /tools/c7n_mailer * [#9423](https://github.com/cloud-custodian/cloud-custodian/pull/9423): Bump idna from 3.6 to 3.7 in /tools/c7n_openstack * [#9420](https://github.com/cloud-custodian/cloud-custodian/pull/9420): update azure-mgmt-rdbms major version * [#9418](https://github.com/cloud-custodian/cloud-custodian/pull/9418): aws - sagemaker-hyperparameter-tuning-job * [#9416](https://github.com/cloud-custodian/cloud-custodian/pull/9416): aws - session policy support via custodian cli * [#9414](https://github.com/cloud-custodian/cloud-custodian/pull/9414): Add snapshots filter to azure.disk * [#9413](https://github.com/cloud-custodian/cloud-custodian/pull/9413): Add api-management certificates filter * [#9412](https://github.com/cloud-custodian/cloud-custodian/pull/9412): Add compute-instances filter to machine-learning-workspace * [#9411](https://github.com/cloud-custodian/cloud-custodian/pull/9411): Feature/s3 data access points handlers * [#9407](https://github.com/cloud-custodian/cloud-custodian/pull/9407): fix(validation): Avoid raising spurious KeyError during policy validation ## PR's Closed * [#9435](https://github.com/cloud-custodian/cloud-custodian/pull/9435): releng - dependency update 2024/04/15 * [#9434](https://github.com/cloud-custodian/cloud-custodian/pull/9434): Implement aws - sagemaker-auto-ml-job * [#9431](https://github.com/cloud-custodian/cloud-custodian/pull/9431): Bump idna from 3.6 to 3.7 * [#9430](https://github.com/cloud-custodian/cloud-custodian/pull/9430): Bump idna from 3.6 to 3.7 in /tools/c7n_gcp * [#9429](https://github.com/cloud-custodian/cloud-custodian/pull/9429): Bump idna from 3.6 to 3.7 in /tools/c7n_tencentcloud * [#9428](https://github.com/cloud-custodian/cloud-custodian/pull/9428): Bump idna from 3.6 to 3.7 in /tools/c7n_sphinxext * [#9427](https://github.com/cloud-custodian/cloud-custodian/pull/9427): Bump idna from 3.6 to 3.7 in /tools/c7n_azure * [#9426](https://github.com/cloud-custodian/cloud-custodian/pull/9426): Bump idna from 3.6 to 3.7 in /tools/c7n_kube * [#9425](https://github.com/cloud-custodian/cloud-custodian/pull/9425): Bump idna from 3.6 to 3.7 in /tools/c7n_policystream * [#9424](https://github.com/cloud-custodian/cloud-custodian/pull/9424): Bump idna from 3.6 to 3.7 in /tools/c7n_mailer * [#9423](https://github.com/cloud-custodian/cloud-custodian/pull/9423): Bump idna from 3.6 to 3.7 in /tools/c7n_openstack * [#9420](https://github.com/cloud-custodian/cloud-custodian/pull/9420): update azure-mgmt-rdbms major version * [#9413](https://github.com/cloud-custodian/cloud-custodian/pull/9413): Add api-management certificates filter * [#9412](https://github.com/cloud-custodian/cloud-custodian/pull/9412): Add compute-instances filter to machine-learning-workspace * [#9407](https://github.com/cloud-custodian/cloud-custodian/pull/9407): fix(validation): Avoid raising spurious KeyError during policy validation * [#9390](https://github.com/cloud-custodian/cloud-custodian/pull/9390): aws - sagemaker-cluster * [#9380](https://github.com/cloud-custodian/cloud-custodian/pull/9380): aws - add workspaces bundle support * [#9287](https://github.com/cloud-custodian/cloud-custodian/pull/9287): feat: add condition_scope to cross-account filter * [#8539](https://github.com/cloud-custodian/cloud-custodian/pull/8539): feat: get header's value from AWS SecretManager secret * [#7911](https://github.com/cloud-custodian/cloud-custodian/pull/7911): AWS APIGateway can take longer than 5-minutes to perform an Update. * [#7798](https://github.com/cloud-custodian/cloud-custodian/pull/7798): feat: add 'copy-aws-service-tags' action to CW logs * [#7465](https://github.com/cloud-custodian/cloud-custodian/pull/7465): feat: support policy interpolation with environment variables ## Issues Opened * [#9437](https://github.com/cloud-custodian/cloud-custodian/issues/9437): Add support for SageMaker Data Quality Job resource * [#9436](https://github.com/cloud-custodian/cloud-custodian/issues/9436): aws - delete subscription filter on log group * [#9433](https://github.com/cloud-custodian/cloud-custodian/issues/9433): custodian run doesn't allow (AWS) --region=all with non-default --profile * [#9432](https://github.com/cloud-custodian/cloud-custodian/issues/9432): Tencent Cloud bucket encryption check fails for buckets that have encryption disabled * [#9421](https://github.com/cloud-custodian/cloud-custodian/issues/9421): Add support for SageMaker Compilation Job resource * [#9419](https://github.com/cloud-custodian/cloud-custodian/issues/9419): Add support for SageMaker Auto ML Job resource * [#9417](https://github.com/cloud-custodian/cloud-custodian/issues/9417): Include c7n_awscc in the official docker image, use recent version * [#9415](https://github.com/cloud-custodian/cloud-custodian/issues/9415): rds-snapshot instance filter not does not work * [#9410](https://github.com/cloud-custodian/cloud-custodian/issues/9410): Error when getting max Percentage CPU on Azure VM * [#9409](https://github.com/cloud-custodian/cloud-custodian/issues/9409): Update documentation on ECS service action resize * [#9408](https://github.com/cloud-custodian/cloud-custodian/issues/9408): No Handlers for S3 Data Access Point Account/ARN and ACLs * [#9406](https://github.com/cloud-custodian/cloud-custodian/issues/9406): Request to add support for region-wide support for AMI/EBS snapshot public access setting * [#9405](https://github.com/cloud-custodian/cloud-custodian/issues/9405): GCP: Error using service account from one project (A) to run policy on another projects (B) * [#9404](https://github.com/cloud-custodian/cloud-custodian/issues/9404): Leverage IAM session policies to extend custodian actions to users safely * [#9403](https://github.com/cloud-custodian/cloud-custodian/issues/9403): Add support for SageMaker Hyperparameter Tuning Job resource ## Issues Closed * [#9419](https://github.com/cloud-custodian/cloud-custodian/issues/9419): Add support for SageMaker Auto ML Job resource * [#9415](https://github.com/cloud-custodian/cloud-custodian/issues/9415): rds-snapshot instance filter not does not work * [#9406](https://github.com/cloud-custodian/cloud-custodian/issues/9406): Request to add support for region-wide support for AMI/EBS snapshot public access setting * [#9360](https://github.com/cloud-custodian/cloud-custodian/issues/9360): installing c7n-azure simultaneous to c7n fails * [#9355](https://github.com/cloud-custodian/cloud-custodian/issues/9355): Add support for SageMaker Hyperpod Cluster resource * [#9319](https://github.com/cloud-custodian/cloud-custodian/issues/9319): Add a `aws.workspaces-bundle` resource