C7N Community Meeting Minutes 2023-05-02

# C7N Community Meeting Minutes 2023-05-02 ## May 2nd 2023 :::info - **URL:** meet.google.com/mii-evqh-esh - **Date:** May 2, 2023 (2:00 PM (ET) / 11:00 AM (PT) / 7PM (UTC)) - **[Timezone Converter (Click me)](https://www.timeanddate.com/worldclock/converter.html?iso=20220621T180000&p1=263&p2=224&p3=136&p4=37&p5=367&p6=438&p7=248&p8=22)** - **Agenda** 1. Intros `10m` 1. Agenda Items `20m` 1. PR Party `30m` - **Meeting Contact:** AJ: <aj@stacklet.io> - **Video Archive and Transcripts**: https://mtngs.io/cloud-custodian/community-meetings/ ::: ## Agenda Items - Intros, etc. - We're testing Slack! Join us: - [Invite page](https://communityinviter.com/apps/cloud-custodian/c7n-chat) - We're moving on from Python 3.7 this year, details TBD, heads up: - https://github.com/cloud-custodian/cloud-custodian/issues/8092 - Tips and Tricks section in Discussions - https://github.com/cloud-custodian/cloud-custodian/discussions/categories/tips-and-tricks ### PR/Issue Discussion - [#8513 (Airflow - Add action to Block Public Access)](https://github.com/cloud-custodian/cloud-custodian/issues/8513) - Adding an `update-environment` action sounds good :thumbsup: - [#8505 (aws - convert key alias to key id before cache lookup)](https://github.com/cloud-custodian/cloud-custodian/pull/8505) - Pratyush verify in Capital One environment - AJ add test w/caching that reproduces the original issue - [#6667 (copy-related-tag rds-snapshot AssertionError Cross Accounts)](https://github.com/cloud-custodian/cloud-custodian/issues/6667) - Reopened. Previous fix attempted to work around the issue at the individual resource-level, but need higher-level fix. - https://github.com/cloud-custodian/cloud-custodian/issues/8501 suggests the same issue affects Redshift - [#8218 (aws - values_from support dynamodb)](https://github.com/cloud-custodian/cloud-custodian/pull/8218) - Needs tests - Good time to break provider-specific functionality (DynamoDB/S3 lookups) into a separate derived class and keep the core logic provider-neutral # Weekly Report Weekly status report for cloud-custodian/cloud-custodian Week #18 2023 ## Here's what the team has focused on this week: ## Weekly Stats | | Opened this week| Closed this week| |--|---|-----| |Issues| 8 | 5| |PR's| 16 | 14| | | | |--|--| | New stars | 17| | New forks | 11| ## PR's Opened * [#8530](https://github.com/cloud-custodian/cloud-custodian/pull/8530): feat: implement delete ECS cluster * [#8527](https://github.com/cloud-custodian/cloud-custodian/pull/8527): aws - post-finding - document usage of the title parameter * [#8526](https://github.com/cloud-custodian/cloud-custodian/pull/8526): update EBS retrieved information * [#8523](https://github.com/cloud-custodian/cloud-custodian/pull/8523): docs - fix sidebar formatting for c7n_kube * [#8521](https://github.com/cloud-custodian/cloud-custodian/pull/8521): Add `ip-address-usage` filter for `aws.subnet` * [#8520](https://github.com/cloud-custodian/cloud-custodian/pull/8520): core - fix memory cache reference data issue causing policy issues * [#8519](https://github.com/cloud-custodian/cloud-custodian/pull/8519): gc - added bigtable instance, bigtable instance cluster, bigtable ins… * [#8518](https://github.com/cloud-custodian/cloud-custodian/pull/8518): Added resources for Azure CDN custom Domain and Azure CDN Endpoint * [#8517](https://github.com/cloud-custodian/cloud-custodian/pull/8517): gcp - region psuedo resource from static data, and makefile data update target * [#8516](https://github.com/cloud-custodian/cloud-custodian/pull/8516): releng - readme update * [#8515](https://github.com/cloud-custodian/cloud-custodian/pull/8515): tools/c7n_org - exit early on an empty list of accounts or policies * [#8514](https://github.com/cloud-custodian/cloud-custodian/pull/8514): aws - add pinpoint resource * [#8509](https://github.com/cloud-custodian/cloud-custodian/pull/8509): core - don't expand {now} placeholder during provisioning * [#8507](https://github.com/cloud-custodian/cloud-custodian/pull/8507): Add functionality to check AWS Lambda role policies for wildcard in action. * [#8506](https://github.com/cloud-custodian/cloud-custodian/pull/8506): releng - test easycla for github web flow * [#8505](https://github.com/cloud-custodian/cloud-custodian/pull/8505): aws - convert key alias to key id before cache lookup ## PR's Closed * [#8526](https://github.com/cloud-custodian/cloud-custodian/pull/8526): update EBS retrieved information * [#8523](https://github.com/cloud-custodian/cloud-custodian/pull/8523): docs - fix sidebar formatting for c7n_kube * [#8521](https://github.com/cloud-custodian/cloud-custodian/pull/8521): Add `ip-address-usage` filter for `aws.subnet` * [#8517](https://github.com/cloud-custodian/cloud-custodian/pull/8517): gcp - region psuedo resource from static data, and makefile data update target * [#8516](https://github.com/cloud-custodian/cloud-custodian/pull/8516): releng - readme update * [#8515](https://github.com/cloud-custodian/cloud-custodian/pull/8515): tools/c7n_org - exit early on an empty list of accounts or policies * [#8514](https://github.com/cloud-custodian/cloud-custodian/pull/8514): aws - add pinpoint resource * [#8506](https://github.com/cloud-custodian/cloud-custodian/pull/8506): releng - test easycla for github web flow * [#8502](https://github.com/cloud-custodian/cloud-custodian/pull/8502): Add python3.10 to runtime property in policy lambda mode schema * [#8500](https://github.com/cloud-custodian/cloud-custodian/pull/8500): fix: get subnet_ids from all interfaces on an EC2 instance * [#8498](https://github.com/cloud-custodian/cloud-custodian/pull/8498): Adding Azure MariaDB Resource * [#8470](https://github.com/cloud-custodian/cloud-custodian/pull/8470): aws - fis - adding aws.fis-experiment resource * [#8469](https://github.com/cloud-custodian/cloud-custodian/pull/8469): Azure RedHat Openshift (ARO) support * [#8448](https://github.com/cloud-custodian/cloud-custodian/pull/8448): Fixing the Role name to arn for Ops tool for SAM Transformation ## Issues Opened * [#8529](https://github.com/cloud-custodian/cloud-custodian/issues/8529): Add support to add/remove lables to GKE resources * [#8528](https://github.com/cloud-custodian/cloud-custodian/issues/8528): GCP Cloud Run Service resource causing an error * [#8524](https://github.com/cloud-custodian/cloud-custodian/issues/8524): Run command not redirecting output to file as expected * [#8522](https://github.com/cloud-custodian/cloud-custodian/issues/8522): Policies from S3 Bucket * [#8513](https://github.com/cloud-custodian/cloud-custodian/issues/8513): Airflow - Add action to Block Public Access * [#8512](https://github.com/cloud-custodian/cloud-custodian/issues/8512): Azure set-public-access does not work on azure.storage-container * [#8511](https://github.com/cloud-custodian/cloud-custodian/issues/8511): Cloud Function to run policy - AssertionError: Resource:gcp.sql-instance not loaded * [#8504](https://github.com/cloud-custodian/cloud-custodian/issues/8504): Cache lookup doesn't return correct results with kms key alias ## Issues Closed * [#8511](https://github.com/cloud-custodian/cloud-custodian/issues/8511): Cloud Function to run policy - AssertionError: Resource:gcp.sql-instance not loaded * [#8495](https://github.com/cloud-custodian/cloud-custodian/issues/8495): aws - Pinpoint resource support * [#8486](https://github.com/cloud-custodian/cloud-custodian/issues/8486): c7n-org -l option fails when no policies match * [#8441](https://github.com/cloud-custodian/cloud-custodian/issues/8441): c7n-org fails if all policies filtered out * [#390](https://github.com/cloud-custodian/cloud-custodian/issues/390): find unused subnet