C7n Community Meeting Minutes

# C7n Community Meeting Minutes ## March 7th 2023 :::info - **URL:** meet.google.com/mii-evqh-esh - **Date:** March 7th, 2023 (2:00 PM (ET) / 11:00 AM (PT) / 6PM (UTC)) - **[Timezone Converter (Click me)](https://www.timeanddate.com/worldclock/converter.html?iso=20220621T180000&p1=263&p2=224&p3=136&p4=37&p5=367&p6=438&p7=248&p8=22)** - **Agenda** 1. Intros `10m` 1. Agenda Items `20m` 1. PR Party `30m` - **Meeting Contact:** Jorge: <jorge@stacklet.io> - **Video Archive and Transcripts**: https://mtngs.io/cloud-custodian/community-meetings/ ::: [![Video Recording](https://img.youtube.com/vi/PuZLGzSYEEU/0.jpg)](https://youtu.be/PuZLGzSYEEU) ## Agenda Items - Intros, etc. - We're testing Slack! Join us: - [Invite page](https://communityinviter.com/apps/cloud-custodian/c7n-chat) - We're moving on from Python 3.7 this year, details TBD, heads up: - https://github.com/cloud-custodian/cloud-custodian/issues/8092 - Release Update [Kapil] - Get functional tests for aws going before next release. - So :dev docker image is now nightly - setup.py/requirements.txt workflow is going away per previous discussion - (Lots of minutea that we'll save for the end of the meeting) - Tips and Tricks section in Discussions - https://github.com/cloud-custodian/cloud-custodian/discussions/categories/tips-and-tricks Weekly status report for cloud-custodian/cloud-custodian Week #10 2023 ## Weekly Stats | | Opened this week| Closed this week| |--|---|-----| |Issues| 15 | 6| |PR's| 29 | 26| | | | |--|--| | New stars | 9| | New forks | 0| ## PR's Opened * [#8346](https://github.com/cloud-custodian/cloud-custodian/pull/8346): add new gcp resource access-approval * [#8343](https://github.com/cloud-custodian/cloud-custodian/pull/8343): releng - explicitly define bash as the makefile shell * [#8342](https://github.com/cloud-custodian/cloud-custodian/pull/8342): releng - change docker :dev tag to daily build * [#8341](https://github.com/cloud-custodian/cloud-custodian/pull/8341): releng - rev version and rebase dependencies * [#8340](https://github.com/cloud-custodian/cloud-custodian/pull/8340): Bump golang.org/x/net from 0.0.0-20200202094626-16171245cfb2 to 0.7.0 in /tools/omnissm * [#8337](https://github.com/cloud-custodian/cloud-custodian/pull/8337): aws - elasticsearch - enable support for server-side query filtering * :boom: [#8336](https://github.com/cloud-custodian/cloud-custodian/pull/8336): sns subscription unused #8316 * [#8332](https://github.com/cloud-custodian/cloud-custodian/pull/8332): releng - refactor ci and makefile * [#8331](https://github.com/cloud-custodian/cloud-custodian/pull/8331): releng - use layer cache when building images * [#8329](https://github.com/cloud-custodian/cloud-custodian/pull/8329): tools/c7n_mailer - handle lambda container images * [#8327](https://github.com/cloud-custodian/cloud-custodian/pull/8327): aws-ami-set-permissions: allow no 'add' in set-permissions action * [#8322](https://github.com/cloud-custodian/cloud-custodian/pull/8322): releng - cask dep updates * [#8320](https://github.com/cloud-custodian/cloud-custodian/pull/8320): Bump golang.org/x/sys from 0.0.0-20190215142949-d0b11bdaac8a to 0.1.0 in /tools/omnissm * [#8319](https://github.com/cloud-custodian/cloud-custodian/pull/8319): New filter for advanced threat protection on Azure SQL Servers * [#8317](https://github.com/cloud-custodian/cloud-custodian/pull/8317): tools/dev - fix poetry installation * [#8315](https://github.com/cloud-custodian/cloud-custodian/pull/8315): Bump markdown-it-py from 2.1.0 to 2.2.0 in /tools/c7n_sphinxext * [#8314](https://github.com/cloud-custodian/cloud-custodian/pull/8314): feat: Update SQL Server auditing filter to be more flexible * [#8313](https://github.com/cloud-custodian/cloud-custodian/pull/8313): feat: fix marked-for-op filter bug * [#8312](https://github.com/cloud-custodian/cloud-custodian/pull/8312): feat: new filter for azure network security group flow logs * [#8311](https://github.com/cloud-custodian/cloud-custodian/pull/8311): Bump golang.org/x/text from 0.3.0 to 0.3.8 in /tools/omnissm * [#8310](https://github.com/cloud-custodian/cloud-custodian/pull/8310): chore: Have the arg names the same as the base class. * :boom: [#8309](https://github.com/cloud-custodian/cloud-custodian/pull/8309): feat: adding flag to allow the inclusion of the azure 'magic' ip range for sql and postgresql * [#8308](https://github.com/cloud-custodian/cloud-custodian/pull/8308): aws - asg - let valid/invalid filters work in explicit pull mode * [#8307](https://github.com/cloud-custodian/cloud-custodian/pull/8307): aws - filters - add headers to valuefrom * [#8305](https://github.com/cloud-custodian/cloud-custodian/pull/8305): Pass validate to c7n.loader.PolicyLoader.load_data * [#8303](https://github.com/cloud-custodian/cloud-custodian/pull/8303): adding gcp filter essentialcontacts * [#8301](https://github.com/cloud-custodian/cloud-custodian/pull/8301): aws - route53.recovery-cluster - add resource and tagging support * [#8300](https://github.com/cloud-custodian/cloud-custodian/pull/8300): aws - route53.recovery-cluster - add resource and tagging support * [#8299](https://github.com/cloud-custodian/cloud-custodian/pull/8299): c7n-left - traverse filter supports non value type filters ## PR's Closed * [#8343](https://github.com/cloud-custodian/cloud-custodian/pull/8343): releng - explicitly define bash as the makefile shell * [#8342](https://github.com/cloud-custodian/cloud-custodian/pull/8342): releng - change docker :dev tag to daily build * [#8340](https://github.com/cloud-custodian/cloud-custodian/pull/8340): Bump golang.org/x/net from 0.0.0-20200202094626-16171245cfb2 to 0.7.0 in /tools/omnissm * [#8337](https://github.com/cloud-custodian/cloud-custodian/pull/8337): aws - elasticsearch - enable support for server-side query filtering * [#8332](https://github.com/cloud-custodian/cloud-custodian/pull/8332): releng - refactor ci and makefile * [#8331](https://github.com/cloud-custodian/cloud-custodian/pull/8331): releng - use layer cache when building images * [#8329](https://github.com/cloud-custodian/cloud-custodian/pull/8329): tools/c7n_mailer - handle lambda container images * [#8327](https://github.com/cloud-custodian/cloud-custodian/pull/8327): aws-ami-set-permissions: allow no 'add' in set-permissions action * [#8322](https://github.com/cloud-custodian/cloud-custodian/pull/8322): releng - cask dep updates * [#8320](https://github.com/cloud-custodian/cloud-custodian/pull/8320): Bump golang.org/x/sys from 0.0.0-20190215142949-d0b11bdaac8a to 0.1.0 in /tools/omnissm * [#8317](https://github.com/cloud-custodian/cloud-custodian/pull/8317): tools/dev - fix poetry installation * [#8315](https://github.com/cloud-custodian/cloud-custodian/pull/8315): Bump markdown-it-py from 2.1.0 to 2.2.0 in /tools/c7n_sphinxext * [#8313](https://github.com/cloud-custodian/cloud-custodian/pull/8313): feat: fix marked-for-op filter bug * [#8311](https://github.com/cloud-custodian/cloud-custodian/pull/8311): Bump golang.org/x/text from 0.3.0 to 0.3.8 in /tools/omnissm * [#8310](https://github.com/cloud-custodian/cloud-custodian/pull/8310): chore: Have the arg names the same as the base class. * [#8308](https://github.com/cloud-custodian/cloud-custodian/pull/8308): aws - asg - let valid/invalid filters work in explicit pull mode * [#8305](https://github.com/cloud-custodian/cloud-custodian/pull/8305): Pass validate to c7n.loader.PolicyLoader.load_data * [#8301](https://github.com/cloud-custodian/cloud-custodian/pull/8301): aws - route53.recovery-cluster - add resource and tagging support * [#8300](https://github.com/cloud-custodian/cloud-custodian/pull/8300): aws - route53.recovery-cluster - add resource and tagging support * [#8297](https://github.com/cloud-custodian/cloud-custodian/pull/8297): aws - vpc - sg : Add Batch (un)used filter * [#8269](https://github.com/cloud-custodian/cloud-custodian/pull/8269): aws - config_id support added to get Configuration Item for R53 hostedzone * [#8241](https://github.com/cloud-custodian/cloud-custodian/pull/8241): Adding new resource for mysql flexibleserver and a new filter * [#8232](https://github.com/cloud-custodian/cloud-custodian/pull/8232): aws - elasticsearch - Added new action to enable audit logs to cloudwatch * [#8120](https://github.com/cloud-custodian/cloud-custodian/pull/8120): aws - wafv2 - add scope param to list_web_acls call in lambda modes * [#7952](https://github.com/cloud-custodian/cloud-custodian/pull/7952): c7n_gcp-add-augment-to-big-query-resource-bq-table-to-extract-encryptionconfiguration * [#7929](https://github.com/cloud-custodian/cloud-custodian/pull/7929): Fixing typo on fallback-schedule schema ## Issues Opened * [#8345](https://github.com/cloud-custodian/cloud-custodian/issues/8345): releng - doc action caching seems busted * [#8344](https://github.com/cloud-custodian/cloud-custodian/issues/8344): Generic related resource filter * [#8339](https://github.com/cloud-custodian/cloud-custodian/issues/8339): releng - run only relevant tests during PR CI runs * [#8338](https://github.com/cloud-custodian/cloud-custodian/issues/8338): EFS network-location filter * [#8333](https://github.com/cloud-custodian/cloud-custodian/issues/8333): c7n_kube - tests spin up threads without closing them * [#8330](https://github.com/cloud-custodian/cloud-custodian/issues/8330): C7N Mailer - crashes when reporting lambda resources where runtime is blank * [#8328](https://github.com/cloud-custodian/cloud-custodian/issues/8328): Failed Docker publishing for 0.9.23.0 * [#8326](https://github.com/cloud-custodian/cloud-custodian/issues/8326): releng - Set up docker builds with the custodian AWS account * [#8325](https://github.com/cloud-custodian/cloud-custodian/issues/8325): releng - setup functional tests in GitHub actions against custodian aws cncf account * [#8323](https://github.com/cloud-custodian/cloud-custodian/issues/8323): Set-permissions action in aws.ami resource failed to execute * :boom: [#8318](https://github.com/cloud-custodian/cloud-custodian/issues/8318): Use of {now} produces exception: AttributeError: 'datetime.datetime' object has no attribute 'format' * [#8316](https://github.com/cloud-custodian/cloud-custodian/issues/8316): unused filter needed for sns-subscription resource * [#8306](https://github.com/cloud-custodian/cloud-custodian/issues/8306): Bug in marked-for-op filter * [#8304](https://github.com/cloud-custodian/cloud-custodian/issues/8304): c7n-left - traverse filter better output * [#8302](https://github.com/cloud-custodian/cloud-custodian/issues/8302): c7n-org report with S3 as source shows duplicate resources when policy is run more than once ## Issues Closed * [#8330](https://github.com/cloud-custodian/cloud-custodian/issues/8330): C7N Mailer - crashes when reporting lambda resources where runtime is blank * [#8328](https://github.com/cloud-custodian/cloud-custodian/issues/8328): Failed Docker publishing for 0.9.23.0 * [#8323](https://github.com/cloud-custodian/cloud-custodian/issues/8323): Set-permissions action in aws.ami resource failed to execute * [#8306](https://github.com/cloud-custodian/cloud-custodian/issues/8306): Bug in marked-for-op filter * [#8295](https://github.com/cloud-custodian/cloud-custodian/issues/8295): aws - route53.recovery-cluster - add resource and tagging support