C7N Community Meeting Minutes 2023-11-14

# C7N Community Meeting Minutes 2023-11-14 ## November 14th 2023 :::info - **URL:** meet.google.com/mii-evqh-esh - **Date:** November 14, 2023 (2:00 PM (ET) / 11:00 AM (PT) / 7PM (UTC)) - **[Timezone Converter (Click me)](https://www.timeanddate.com/worldclock/converter.html?iso=20220621T180000&p1=263&p2=224&p3=136&p4=37&p5=367&p6=438&p7=248&p8=22)** - **Agenda** 1. Intros `10m` 1. Agenda Items `20m` 1. PR Party `30m` - **Meeting Contact:** AJ: <aj@stacklet.io> - **Video Archive and Transcripts**: https://mtngs.io/cloud-custodian/community-meetings/ ::: ## Agenda Items - Intros, etc. - KubeCon - Maintainer talk - External security audit recently completed with CNCF - Maintainers to review/triage findings - Graduation requirement for CNCF - Release planning - Soon - within the next few days (between KubeCon & US Thanksgiving) - Will _not_ include #9107 client caching - Highlights: new Azure resources - Custodian retry handling - Built-in boto3 retries: https://docs.aws.amazon.com/sdkref/latest/guide/feature-retry-behavior.html - Custodian additional handling on top of boto3 ### PR/Issue Discussion - [aws - cache clients by region #9107 ](https://github.com/cloud-custodian/cloud-custodian/pull/9107) # Weekly Report Weekly status report for cloud-custodian/cloud-custodian Week #46 2023 ## Weekly Stats | | Opened this week| Closed this week| |--|---|-----| |Issues| 8 | 4| |PR's| 9 | 20| | | | |--|--| | New stars | 11| | New forks | 5| ## PR's Opened * [#9146](https://github.com/cloud-custodian/cloud-custodian/pull/9146): awscc - update test for new access config properties on test resource * [#9145](https://github.com/cloud-custodian/cloud-custodian/pull/9145): openstack - container * [#9143](https://github.com/cloud-custodian/cloud-custodian/pull/9143): openstack - secret * [#9142](https://github.com/cloud-custodian/cloud-custodian/pull/9142): fix(asg): add InstanceRefresh to suspended processes * [#9140](https://github.com/cloud-custodian/cloud-custodian/pull/9140): openstack - image * [#9136](https://github.com/cloud-custodian/cloud-custodian/pull/9136): aws - fix import path for workspaces-web * [#9135](https://github.com/cloud-custodian/cloud-custodian/pull/9135): utils - multiple json encoders during json dump(s) #8860 * [#9134](https://github.com/cloud-custodian/cloud-custodian/pull/9134): feat(asg): add max-count param to resize action * [#9129](https://github.com/cloud-custodian/cloud-custodian/pull/9129): docs - minor fixes ## PR's Closed * [#9146](https://github.com/cloud-custodian/cloud-custodian/pull/9146): awscc - update test for new access config properties on test resource * [#9143](https://github.com/cloud-custodian/cloud-custodian/pull/9143): openstack - secret * [#9142](https://github.com/cloud-custodian/cloud-custodian/pull/9142): fix(asg): add InstanceRefresh to suspended processes * [#9140](https://github.com/cloud-custodian/cloud-custodian/pull/9140): openstack - image * [#9136](https://github.com/cloud-custodian/cloud-custodian/pull/9136): aws - fix import path for workspaces-web * [#9135](https://github.com/cloud-custodian/cloud-custodian/pull/9135): utils - multiple json encoders during json dump(s) #8860 * [#9126](https://github.com/cloud-custodian/cloud-custodian/pull/9126): fix: get SG IDs from all interfaces on an EC2 instance in 'security-group' filter * [#9125](https://github.com/cloud-custodian/cloud-custodian/pull/9125): aws - dynamodb-table - delete protection config and force delete * [#9123](https://github.com/cloud-custodian/cloud-custodian/pull/9123): openstack - user.filters.extended-info * [#9122](https://github.com/cloud-custodian/cloud-custodian/pull/9122): Bump github.com/docker/docker from 23.0.3+incompatible to 24.0.7+incompatible in /tools/cask * [#9069](https://github.com/cloud-custodian/cloud-custodian/pull/9069): gcp - fix workload identity federation access * [#9065](https://github.com/cloud-custodian/cloud-custodian/pull/9065): Boto3 clients memory leak * [#9042](https://github.com/cloud-custodian/cloud-custodian/pull/9042): azure - mysql-server-security-alert-policies-filter * [#9032](https://github.com/cloud-custodian/cloud-custodian/pull/9032): fix: use correct regex patterns in ami shares * [#8998](https://github.com/cloud-custodian/cloud-custodian/pull/8998): OCI Instance Principal Auth * [#8997](https://github.com/cloud-custodian/cloud-custodian/pull/8997): azure - app-configuration * [#8971](https://github.com/cloud-custodian/cloud-custodian/pull/8971): azure - kusho * [#8970](https://github.com/cloud-custodian/cloud-custodian/pull/8970): azure - network-watcher * [#8966](https://github.com/cloud-custodian/cloud-custodian/pull/8966): azure - datalake-analytics * [#8641](https://github.com/cloud-custodian/cloud-custodian/pull/8641): Added WAF resource and Filter for App Gateway WAF ## Issues Opened * [#9141](https://github.com/cloud-custodian/cloud-custodian/issues/9141): ASG suspend action does not suspend all processes * [#9139](https://github.com/cloud-custodian/cloud-custodian/issues/9139): S3 Bucket Replication * [#9138](https://github.com/cloud-custodian/cloud-custodian/issues/9138): Disabled AMIs not considered when looking for unused ebs-snapshots * [#9137](https://github.com/cloud-custodian/cloud-custodian/issues/9137): Unable to use percentile checks on CPUUtilization for EC2 * [#9133](https://github.com/cloud-custodian/cloud-custodian/issues/9133): Support for AWS Bedrock * [#9132](https://github.com/cloud-custodian/cloud-custodian/issues/9132): How to perform action on images present in Azure compute gallery? * [#9130](https://github.com/cloud-custodian/cloud-custodian/issues/9130): Possible to have security-group "unused" filter take into account Glue connectors/connections? * [#9128](https://github.com/cloud-custodian/cloud-custodian/issues/9128): Support AMI Block Public Access ## Issues Closed * [#9141](https://github.com/cloud-custodian/cloud-custodian/issues/9141): ASG suspend action does not suspend all processes * [#8860](https://github.com/cloud-custodian/cloud-custodian/issues/8860): aws - wafv2 raising TypeError when waf has ByteMatchStatement Rules * [#8531](https://github.com/cloud-custodian/cloud-custodian/issues/8531): aws.dynamodb - Add deletion-protection-enabled action * [#8488](https://github.com/cloud-custodian/cloud-custodian/issues/8488): Installing c7n-mailer brings in c7n-azure and c7n-gcp without asking for the extras