C7n Community Meeting Minutes

# C7n Community Meeting Minutes # September 27th 2022 :::info - **URL:** meet.google.com/mii-evqh-esh - **Date:** September 27th, 2022 (2:00 PM (ET) / 11:00 AM (PT) / 6PM (UTC)) - **[Timezone Converter (Click me)](https://www.timeanddate.com/worldclock/converter.html?iso=20220621T180000&p1=263&p2=224&p3=136&p4=37&p5=367&p6=438&p7=248&p8=22)** - **Agenda** 1. Intros `10m` 1. Agenda Items `20m` 1. PR Party `30m` - **Meeting Contact:** Jorge: <jorge@stacklet.io> - **Video Archive and Transcripts**: https://mtngs.io/cloud-custodian/community-meetings/ ::: [![Video Recording](https://img.youtube.com/vi/QF0U_RurD6E/0.jpg)](https://youtu.be/QF0U_RurD6E) ## Agenda Item - Intros, etc. - Governance Updates - See this [GitHub issue](https://github.com/cloud-custodian/cloud-custodian/issues/7149) for the latest draft revisions. - Governance as Code day: LAST CALL - - https://github.com/orgs/cloud-custodian/discussions/7625 - [CFP Form](https://docs.google.com/forms/d/e/1FAIpQLSfUf5bB0k-XZRH_IXUnCQxIX1nxHI0dxrSxOXUMBhMNtUh0lQ/viewform) - [Registration](https://hopin.com/events/governance-as-code-day-with-cloud-custodian-hosted-by-stacklet-2022?hss_channel=tw-1242918094160498699) - We're testing Slack! Join us: - [Invite page](https://communityinviter.com/apps/cloud-custodian/c7n-chat) - PRs incoming to update project link - Still working on an archive solution, more to follow next week - [sonny] - K8s provider update - See [#7697](https://github.com/cloud-custodian/cloud-custodian/pull/7697) - Image signing update - [aj/jorge/sonny] - Release discussion - Kapil: We should move away from test pypi and do a Code Artifact, full stack install in a clean virtualenv. - Survey: https://www.surveymonkey.com/r/8Y53GJQ - From the community: https://github.com/cloud-custodian/cloud-custodian/issues/7553 # Weekly Report ## Here's what the team has focused on this week: * ## Weekly Stats | | Opened this week| Closed this week| |--|---|-----| |Issues| 13 | 4| |PR's| 36 | 25| | | | |--|--| | New stars | 102| | New forks | 14| ## PR's Opened * [#7753](https://github.com/cloud-custodian/cloud-custodian/issues/7553) * :boom: [#7706](https://github.com/cloud-custodian/cloud-custodian/pull/7706) - Add FMS WAFv2 support * :boom: [#7749](https://github.com/cloud-custodian/cloud-custodian/pull/7749) - redshift consecutive snapshot filter * :boom: [#7029](https://github.com/cloud-custodian/cloud-custodian/pull/7029) - adding support for config managed rules * [#7798](https://github.com/cloud-custodian/cloud-custodian/pull/7798): feat: add 'copy-aws-service-tags' action to CW logs * :boom: [#7796](https://github.com/cloud-custodian/cloud-custodian/pull/7796): releng - update ci and docker builds to use poetry 1.2.1 * [#7793](https://github.com/cloud-custodian/cloud-custodian/pull/7793): aws.rds - type: db-parameter fix cache usage * [#7792](https://github.com/cloud-custodian/cloud-custodian/pull/7792): added gcp resource compute/project-info * :boom: [#7790](https://github.com/cloud-custodian/cloud-custodian/pull/7790): docs - tencentcloud usage readme * :boom: [#7789](https://github.com/cloud-custodian/cloud-custodian/pull/7789): aws - ec2 - Infracost integration, add cost filter * :boom: [#7788](https://github.com/cloud-custodian/cloud-custodian/pull/7788): Gov 500 azure stacklet cis 4 1 3 ensure that auditing retention is greater than 90 days * [#7787](https://github.com/cloud-custodian/cloud-custodian/pull/7787): Apigw reststage * [#7786](https://github.com/cloud-custodian/cloud-custodian/pull/7786): Add aliases for other common AWS events * [#7785](https://github.com/cloud-custodian/cloud-custodian/pull/7785): AWS - Added new action "set-enhanced-monitoring" for lambda resource * [#7784](https://github.com/cloud-custodian/cloud-custodian/pull/7784): AWS - Added new action "set-enhanced-monitoring" for Lambda resources * :boom: [#7782](https://github.com/cloud-custodian/cloud-custodian/pull/7782): releng - roll back grpcio due to yank, switch toml import to tomli * :boom: [#7781](https://github.com/cloud-custodian/cloud-custodian/pull/7781): make `tox -e docs` work on ARM64 + Python3.10 * [#7779](https://github.com/cloud-custodian/cloud-custodian/pull/7779): releng - 0.9.19.0 pkg rebase * [#7774](https://github.com/cloud-custodian/cloud-custodian/pull/7774): releng - 0.9.19.0 release prep * [#7773](https://github.com/cloud-custodian/cloud-custodian/pull/7773): added filter for sqlserver * [#7772](https://github.com/cloud-custodian/cloud-custodian/pull/7772): aws - ec2 - set-metadata-access - include instance tags option * [#7770](https://github.com/cloud-custodian/cloud-custodian/pull/7770): Bump oauthlib from 3.2.0 to 3.2.1 in /tools/c7n_kube * [#7769](https://github.com/cloud-custodian/cloud-custodian/pull/7769): Bump oauthlib from 3.2.0 to 3.2.1 in /tools/c7n_azure * [#7767](https://github.com/cloud-custodian/cloud-custodian/pull/7767): releng - docker - fix the dockerfile symlink * [#7766](https://github.com/cloud-custodian/cloud-custodian/pull/7766): aws - sqs - fix queue url format * [#7765](https://github.com/cloud-custodian/cloud-custodian/pull/7765): aws - sqs - fix queue URL format * [#7764](https://github.com/cloud-custodian/cloud-custodian/pull/7764): releng - docker - update install-poetry url * [#7761](https://github.com/cloud-custodian/cloud-custodian/pull/7761): Reuse (and invert) conditional policy execution for cleanup * [#7759](https://github.com/cloud-custodian/cloud-custodian/pull/7759): AWS - Connect - Adding various Connect resource types to implement tagging support * [#7758](https://github.com/cloud-custodian/cloud-custodian/pull/7758): add cfn_type to rds-snapshot, redshift-snapshot and elastic-ip * [#7757](https://github.com/cloud-custodian/cloud-custodian/pull/7757): Azure Postgresql Server - new filter for configuration parameters * [#7754](https://github.com/cloud-custodian/cloud-custodian/pull/7754): Add option to invert account filter * [#7753](https://github.com/cloud-custodian/cloud-custodian/pull/7753): c7n_tencentcloud - resources - cvm * [#7752](https://github.com/cloud-custodian/cloud-custodian/pull/7752): c7n_tencentcloud - resources - cvm * [#7751](https://github.com/cloud-custodian/cloud-custodian/pull/7751): aws - es - add "has-statement" filter * [#7750](https://github.com/cloud-custodian/cloud-custodian/pull/7750): aws - dynamodb - disable consecutive backups filter * [#7749](https://github.com/cloud-custodian/cloud-custodian/pull/7749): aws - redshift - efs - add consecutive daily snapshot count filter * [#7748](https://github.com/cloud-custodian/cloud-custodian/pull/7748): releng - docker - fix bad merge * [#7747](https://github.com/cloud-custodian/cloud-custodian/pull/7747): docs - Change gitter link to slack for chat * [#7746](https://github.com/cloud-custodian/cloud-custodian/pull/7746): docs - Add Slack invite link ## PR's Closed * [#7788](https://github.com/cloud-custodian/cloud-custodian/pull/7788): Gov 500 azure stacklet cis 4 1 3 ensure that auditing retention is greater than 90 days * [#7784](https://github.com/cloud-custodian/cloud-custodian/pull/7784): AWS - Added new action "set-enhanced-monitoring" for Lambda resources * [#7782](https://github.com/cloud-custodian/cloud-custodian/pull/7782): releng - roll back grpcio due to yank, switch toml import to tomli * [#7781](https://github.com/cloud-custodian/cloud-custodian/pull/7781): make `tox -e docs` work on ARM64 + Python3.10 * [#7779](https://github.com/cloud-custodian/cloud-custodian/pull/7779): releng - 0.9.19.0 pkg rebase * [#7774](https://github.com/cloud-custodian/cloud-custodian/pull/7774): releng - 0.9.19.0 release prep * [#7773](https://github.com/cloud-custodian/cloud-custodian/pull/7773): added filter for sqlserver * [#7770](https://github.com/cloud-custodian/cloud-custodian/pull/7770): Bump oauthlib from 3.2.0 to 3.2.1 in /tools/c7n_kube * [#7769](https://github.com/cloud-custodian/cloud-custodian/pull/7769): Bump oauthlib from 3.2.0 to 3.2.1 in /tools/c7n_azure * [#7767](https://github.com/cloud-custodian/cloud-custodian/pull/7767): releng - docker - fix the dockerfile symlink * [#7766](https://github.com/cloud-custodian/cloud-custodian/pull/7766): aws - sqs - fix queue url format * [#7765](https://github.com/cloud-custodian/cloud-custodian/pull/7765): aws - sqs - fix queue URL format * [#7764](https://github.com/cloud-custodian/cloud-custodian/pull/7764): releng - docker - update install-poetry url * [#7758](https://github.com/cloud-custodian/cloud-custodian/pull/7758): add cfn_type to rds-snapshot, redshift-snapshot and elastic-ip * [#7754](https://github.com/cloud-custodian/cloud-custodian/pull/7754): Add option to invert account filter * [#7752](https://github.com/cloud-custodian/cloud-custodian/pull/7752): c7n_tencentcloud - resources - cvm * [#7751](https://github.com/cloud-custodian/cloud-custodian/pull/7751): aws - es - add "has-statement" filter * [#7748](https://github.com/cloud-custodian/cloud-custodian/pull/7748): releng - docker - fix bad merge * [#7746](https://github.com/cloud-custodian/cloud-custodian/pull/7746): docs - Add Slack invite link * [#7722](https://github.com/cloud-custodian/cloud-custodian/pull/7722): AWS - Lambda added new action 'set-xray-tracing' * [#7720](https://github.com/cloud-custodian/cloud-custodian/pull/7720): aws - dynamodb - add consecutive daily snapshot count filter * [#7701](https://github.com/cloud-custodian/cloud-custodian/pull/7701): releng - docker - sign docker images * [#7668](https://github.com/cloud-custodian/cloud-custodian/pull/7668): Datalake registered location * [#7585](https://github.com/cloud-custodian/cloud-custodian/pull/7585): AWS - RedshiftParameterGroup Added new resource type param-group * [#5971](https://github.com/cloud-custodian/cloud-custodian/pull/5971): AWS Security Group Cidr Ingress bugfix ## Issues Opened * [#7795](https://github.com/cloud-custodian/cloud-custodian/issues/7795): Tagging for Azure subscriptions * [#7794](https://github.com/cloud-custodian/cloud-custodian/issues/7794): Tagging failing for ARM resource of SQL database * [#7791](https://github.com/cloud-custodian/cloud-custodian/issues/7791): sqlkvcache errors: AttributeError: __enter__ and sqlite3.InterfaceError: Error binding parameter 1 - probably unsupported type. * [#7783](https://github.com/cloud-custodian/cloud-custodian/issues/7783): Azure: Error installing new version of custodian * [#7778](https://github.com/cloud-custodian/cloud-custodian/issues/7778): releng - add tecentcloud to tools/dev/dockerpkg and the docker images * [#7777](https://github.com/cloud-custodian/cloud-custodian/issues/7777): releng - add tencent cloud to changelog script * [#7776](https://github.com/cloud-custodian/cloud-custodian/issues/7776): Distroless images are not getting built * [#7775](https://github.com/cloud-custodian/cloud-custodian/issues/7775): Add post-finding action to backup-plan, backup-vault * [#7771](https://github.com/cloud-custodian/cloud-custodian/issues/7771): IaC Support (Terraform, Crossplane, etc.) * [#7763](https://github.com/cloud-custodian/cloud-custodian/issues/7763): cloudwatch alarms deletion failing * [#7762](https://github.com/cloud-custodian/cloud-custodian/issues/7762): SQS Set-Encryption Not Standard * [#7760](https://github.com/cloud-custodian/cloud-custodian/issues/7760): Still Getting Type Error when using set-s3-public-block * [#7755](https://github.com/cloud-custodian/cloud-custodian/issues/7755): Sounds like a circular import in module 'c7n.query' ## Issues Closed * [#7776](https://github.com/cloud-custodian/cloud-custodian/issues/7776): Distroless images are not getting built * [#7755](https://github.com/cloud-custodian/cloud-custodian/issues/7755): Sounds like a circular import in module 'c7n.query' * [#7587](https://github.com/cloud-custodian/cloud-custodian/issues/7587): AWS Lakeformation registered location for S3 and role * [#7219](https://github.com/cloud-custodian/cloud-custodian/issues/7219): Add AWS Lake Formation to cloud-custodian