C7n Community Meeting Minutes

# C7n Community Meeting Minutes ## February 7th 2023 :::info - **URL:** meet.google.com/mii-evqh-esh - **Date:** February 7th, 2023 (2:00 PM (ET) / 11:00 AM (PT) / 6PM (UTC)) - **[Timezone Converter (Click me)](https://www.timeanddate.com/worldclock/converter.html?iso=20220621T180000&p1=263&p2=224&p3=136&p4=37&p5=367&p6=438&p7=248&p8=22)** - **Agenda** 1. Intros `10m` 1. Agenda Items `20m` 1. PR Party `30m` - **Meeting Contact:** Jorge: <jorge@stacklet.io> - **Video Archive and Transcripts**: https://mtngs.io/cloud-custodian/community-meetings/ ::: [![Video Recording](https://img.youtube.com/vi/9n5h38FLhxM/0.jpg)](https://youtu.be/9n5h38FLhxM) ## Agenda Items - Intros, etc. - We're testing Slack! Join us: - [Invite page](https://communityinviter.com/apps/cloud-custodian/c7n-chat) - We're moving on from Python 3.7 this year, details TBD, heads up: - https://github.com/cloud-custodian/cloud-custodian/issues/8092 - Renaming `master` branch to `main` [Kapil] - This now done! - Release Update [Sonny] - No updates this week! # Weekly Report Weekly status report for cloud-custodian/cloud-custodian Week #06 2023 ## Here's what the team has focused on this week: * ## Weekly Stats | | Opened this week| Closed this week| |--|---|-----| |Issues| 23 | 14| |PR's| 21 | 27| | | | |--|--| | New stars | 628| | New forks | 148| ## PR's Opened * :boom:[#8172](https://github.com/cloud-custodian/cloud-custodian/pull/8172): aws - filter to annotate security configuration and filter with security configuration attributes * :boom:[#8232](https://github.com/cloud-custodian/cloud-custodian/pull/8232): aws - elasticsearch - Added new action to enable audit logs to cloudwatch * :boom:[#8246](https://github.com/cloud-custodian/cloud-custodian/pull/8246): aws - cloudwatch logs - added attribute to allow passing role arn to put-subscription-filter call * :boom:[#7140](https://github.com/cloud-custodian/cloud-custodian/pull/7140): aws - quota - fix usage-metric exceeds the limit of 1440 data points (cont.) * [#8243](https://github.com/cloud-custodian/cloud-custodian/pull/8243): releng - docker test image needs new oci name field * [#8242](https://github.com/cloud-custodian/cloud-custodian/pull/8242): gcp - mu - include boto3 in cloudfunctions requirements * [#8241](https://github.com/cloud-custodian/cloud-custodian/pull/8241): Adding new resource for mysql flexibleserver and a new filter * :boom: [#8240](https://github.com/cloud-custodian/cloud-custodian/pull/8240): aws - shield - handle elastic ip arn type delta * [#8236](https://github.com/cloud-custodian/cloud-custodian/pull/8236): aws - rds - include db instance option values * [#8235](https://github.com/cloud-custodian/cloud-custodian/pull/8235): aws readiness-check cross-account filter * [#8234](https://github.com/cloud-custodian/cloud-custodian/pull/8234): enabling 'missing' filter for gcp * [#8232](https://github.com/cloud-custodian/cloud-custodian/pull/8232): aws - elasticsearch - Added new action to enable audit logs to cloudwatch * [#8230](https://github.com/cloud-custodian/cloud-custodian/pull/8230): Adding network watcher resource * [#8229](https://github.com/cloud-custodian/cloud-custodian/pull/8229): docs - Update readme to point to slack, add tencent * [#8227](https://github.com/cloud-custodian/cloud-custodian/pull/8227): releng - fix poetrypkg test * [#8226](https://github.com/cloud-custodian/cloud-custodian/pull/8226): releng - fix docs publishing * [#8219](https://github.com/cloud-custodian/cloud-custodian/pull/8219): aws - tags - copy-related-tag load resources during validation * [#8218](https://github.com/cloud-custodian/cloud-custodian/pull/8218): aws - values_from support dynamodb * [#8217](https://github.com/cloud-custodian/cloud-custodian/pull/8217): fix input typo * [#8208](https://github.com/cloud-custodian/cloud-custodian/pull/8208): ecs task definition filter - To filter allow all permissions on attached roles * [#8206](https://github.com/cloud-custodian/cloud-custodian/pull/8206): Add Pratyush Mishra as a maintainer * [#8204](https://github.com/cloud-custodian/cloud-custodian/pull/8204): releng - directly publish docs instead of merging back to gh-pages branch * [#8201](https://github.com/cloud-custodian/cloud-custodian/pull/8201): aws - docs - add example policies for the `finding` filter * [#8200](https://github.com/cloud-custodian/cloud-custodian/pull/8200): awscc - update type schemas * [#8199](https://github.com/cloud-custodian/cloud-custodian/pull/8199): core - handle non importable resources ## PR's Closed * [#8243](https://github.com/cloud-custodian/cloud-custodian/pull/8243): releng - docker test image needs new oci name field * [#8242](https://github.com/cloud-custodian/cloud-custodian/pull/8242): gcp - mu - include boto3 in cloudfunctions requirements * [#8236](https://github.com/cloud-custodian/cloud-custodian/pull/8236): aws - rds - include db instance option values * [#8227](https://github.com/cloud-custodian/cloud-custodian/pull/8227): releng - fix poetrypkg test * [#8226](https://github.com/cloud-custodian/cloud-custodian/pull/8226): releng - fix docs publishing * [#8219](https://github.com/cloud-custodian/cloud-custodian/pull/8219): aws - tags - copy-related-tag load resources during validation * [#8217](https://github.com/cloud-custodian/cloud-custodian/pull/8217): fix input typo * [#8206](https://github.com/cloud-custodian/cloud-custodian/pull/8206): Add Pratyush Mishra as a maintainer * [#8204](https://github.com/cloud-custodian/cloud-custodian/pull/8204): releng - directly publish docs instead of merging back to gh-pages branch * [#8201](https://github.com/cloud-custodian/cloud-custodian/pull/8201): aws - docs - add example policies for the `finding` filter * [#8199](https://github.com/cloud-custodian/cloud-custodian/pull/8199): core - handle non importable resources * [#8197](https://github.com/cloud-custodian/cloud-custodian/pull/8197): aws - emr-serverless resource delete, tag, mark actions * [#8196](https://github.com/cloud-custodian/cloud-custodian/pull/8196): add example policy to add lifecycle policy on bucket delete to empty bucket * [#8190](https://github.com/cloud-custodian/cloud-custodian/pull/8190): c7n-left - allow for policy and resource pre execution filtering on cli * [#8168](https://github.com/cloud-custodian/cloud-custodian/pull/8168): aws - secretsmanager - add set-encryption action * [#8159](https://github.com/cloud-custodian/cloud-custodian/pull/8159): aws - timestream-table, timestream-database - add resources * [#8155](https://github.com/cloud-custodian/cloud-custodian/pull/8155): gcp - add metric alert filter * [#8077](https://github.com/cloud-custodian/cloud-custodian/pull/8077): aws - kafka - migrate to list_clusters_v2 * [#6019](https://github.com/cloud-custodian/cloud-custodian/pull/6019): S3 policy condition add absent/present support * [#5946](https://github.com/cloud-custodian/cloud-custodian/pull/5946): return resources no matter limits exceeded or not * [#5176](https://github.com/cloud-custodian/cloud-custodian/pull/5176): tools/c7n-mailer - utils format more resources (cloud-custodian #5175) * [#5057](https://github.com/cloud-custodian/cloud-custodian/pull/5057): aws - asg propagate tags extract instance ids if not found * [#4929](https://github.com/cloud-custodian/cloud-custodian/pull/4929): azure - tag sql database * [#4907](https://github.com/cloud-custodian/cloud-custodian/pull/4907): docs - disable sticky sidebar * [#2524](https://github.com/cloud-custodian/cloud-custodian/pull/2524): add bucket-exists handling to cloudtrail create (account.py) * [#1768](https://github.com/cloud-custodian/cloud-custodian/pull/1768): when using AssumeRole, the tag should match principal id event * [#1061](https://github.com/cloud-custodian/cloud-custodian/pull/1061): Adding Redshift tags to its assosiated snapshots ## Issues Opened * :boom: [#8239](https://github.com/cloud-custodian/cloud-custodian/issues/8239): GCP: No module named 'botocore' * [#8238](https://github.com/cloud-custodian/cloud-custodian/issues/8238): FR: Generic HTTP provider * [#8233](https://github.com/cloud-custodian/cloud-custodian/issues/8233): how to tag event rules created by CloudCustodian * [#8231](https://github.com/cloud-custodian/cloud-custodian/issues/8231): EFS Mount Target network-location filter * [#8228](https://github.com/cloud-custodian/cloud-custodian/issues/8228): c7n-left - default to querying resources when running a policy * [#8225](https://github.com/cloud-custodian/cloud-custodian/issues/8225): AWS S3 - CreateBucket event not correctly constructed - event not called * [#8224](https://github.com/cloud-custodian/cloud-custodian/issues/8224): Security groups: Port filtering doesn't filter out "ALL-traffic" conditions * [#8223](https://github.com/cloud-custodian/cloud-custodian/issues/8223): proposal: iam-access-key resource * [#8222](https://github.com/cloud-custodian/cloud-custodian/issues/8222): shift-left - resolve local module references above the root directory * [#8221](https://github.com/cloud-custodian/cloud-custodian/issues/8221): shift-left - support multiple source roots * [#8220](https://github.com/cloud-custodian/cloud-custodian/issues/8220): ValueError: Invalid endpoint: https://ec2..amazonaws.com * [#8216](https://github.com/cloud-custodian/cloud-custodian/issues/8216): shift-left - build into docker images * [#8215](https://github.com/cloud-custodian/cloud-custodian/issues/8215): shift-left - documentation * [#8214](https://github.com/cloud-custodian/cloud-custodian/issues/8214): shift-left - terraform aws provider should propagate default tags * [#8213](https://github.com/cloud-custodian/cloud-custodian/issues/8213): shift-left - run with --verbose should output policy content * [#8212](https://github.com/cloud-custodian/cloud-custodian/issues/8212): Add support for custom headers in the value_from filter * [#8211](https://github.com/cloud-custodian/cloud-custodian/issues/8211): shift-left - cli validate command * [#8210](https://github.com/cloud-custodian/cloud-custodian/issues/8210): shift-left - support passing variables/inputs on run cli * [#8207](https://github.com/cloud-custodian/cloud-custodian/issues/8207): aws - route53.recovery-readiness - add cross-account filter * [#8205](https://github.com/cloud-custodian/cloud-custodian/issues/8205): dns - Add dns redirect for slack.cloudcustodian.io * [#8203](https://github.com/cloud-custodian/cloud-custodian/issues/8203): Azure function initialization fails with boto3 module not found error * [#8202](https://github.com/cloud-custodian/cloud-custodian/issues/8202): Be able to delete launch template * [#8198](https://github.com/cloud-custodian/cloud-custodian/issues/8198): MFA token transfer with Custodian to AWS ## Issues Closed * [#8239](https://github.com/cloud-custodian/cloud-custodian/issues/8239): GCP: No module named 'botocore' * [#8205](https://github.com/cloud-custodian/cloud-custodian/issues/8205): dns - Add dns redirect for slack.cloudcustodian.io * [#8195](https://github.com/cloud-custodian/cloud-custodian/issues/8195): AWS EMR-Serverless support * [#8163](https://github.com/cloud-custodian/cloud-custodian/issues/8163): AWS Secrets-manager remove AWS default KMS * [#8156](https://github.com/cloud-custodian/cloud-custodian/issues/8156): Support for AWS Timestream * [#8079](https://github.com/cloud-custodian/cloud-custodian/issues/8079): aws - route53.recovery-readiness - add resource and tagging support * [#7997](https://github.com/cloud-custodian/cloud-custodian/issues/7997): Add AWS MSK (Kafka) V2 Serverless Support * [#7847](https://github.com/cloud-custodian/cloud-custodian/issues/7847): Unable to Copy tags from EC2 to Security Groups. * [#6786](https://github.com/cloud-custodian/cloud-custodian/issues/6786): Releng - switch off drone to github actions for docs build * [#6301](https://github.com/cloud-custodian/cloud-custodian/issues/6301): Allow custom periods to be used with CPU utilization filters * [#5084](https://github.com/cloud-custodian/cloud-custodian/issues/5084): ci - azure has broken tests depending on time of day * [#5017](https://github.com/cloud-custodian/cloud-custodian/issues/5017): ci - azure provider - mass failure * [#4819](https://github.com/cloud-custodian/cloud-custodian/issues/4819): cask - change default behavior of automatic latest image pulling * [#4259](https://github.com/cloud-custodian/cloud-custodian/issues/4259): ci - new linter doc8