manheim_c7n_tools.config module¶
-
manheim_c7n_tools.config.
MANHEIM_CONFIG_SCHEMA
= {'additionalProperties': False, 'properties': {'account_id': {'type': ['number', 'string']}, 'account_name': {'type': 'string'}, 'always_notify': {'to': {'items': {'type': 'string'}, 'type': 'array'}, 'transport': {'oneOf': [{'type': 'object', 'required': ['type', 'queue'], 'properties': {'queue': {'type': 'string'}, 'type': {'enum': ['sqs']}}}, {'type': 'object', 'required': ['type', 'topic'], 'properties': {'topic': {'type': 'string'}, 'type': {'enum': ['sns']}, 'attributes': {'type': 'object'}}}]}}, 'assume_role': {'properties': {'duration_seconds': {'type': 'number'}, 'external_id': {'type': 'string'}, 'role_arn': {'type': 'string'}}, 'required': ['role_arn'], 'type': 'object'}, 'cleanup_notify': {'type': 'array'}, 'custodian_log_group': {'type': 'string'}, 'dead_letter_queue_arn': {'type': 'string'}, 'mailer_config': {'$schema': 'http://json-schema.org/draft-07/schema', 'additionalProperties': False, 'id': 'https://schema.cloudcustodian.io/v0/mailer.json', 'properties': {'account_emails': {'type': 'object'}, 'cache_engine': {'type': 'string'}, 'contact_tags': {'items': {'type': 'string'}, 'type': 'array'}, 'cross_accounts': {'type': 'object'}, 'datadog_api_key': {'type': 'string'}, 'datadog_application_key': {'type': 'string'}, 'dead_letter_config': {'type': 'object'}, 'debug': {'type': 'boolean'}, 'from_address': {'type': 'string'}, 'function_properties': {'appInsights': {'oneOf': [{'type': 'string'}, {'type': 'object', 'properties': {'name': 'string', 'location': 'string', 'resourceGroupName': 'string'}}], 'type': 'object'}, 'servicePlan': {'oneOf': [{'type': 'string'}, {'type': 'object', 'properties': {'name': 'string', 'location': 'string', 'resourceGroupName': 'string', 'skuTier': 'string', 'skuName': 'string'}}], 'type': 'object'}, 'storageAccount': {'oneOf': [{'type': 'string'}, {'type': 'object', 'properties': {'name': 'string', 'location': 'string', 'resourceGroupName': 'string'}}], 'type': 'object'}, 'type': 'object'}, 'function_schedule': {'type': 'string'}, 'function_sku': {'type': 'string'}, 'function_skuCode': {'type': 'string'}, 'http_proxy': {'type': 'string'}, 'https_proxy': {'type': 'string'}, 'lambda_description': {'type': 'string'}, 'lambda_name': {'type': 'string'}, 'lambda_schedule': {'type': 'string'}, 'lambda_tags': {'type': 'object'}, 'ldap_bind_dn': {'type': 'string'}, 'ldap_bind_password': {'type': 'string'}, 'ldap_bind_password_in_kms': {'type': 'boolean'}, 'ldap_bind_user': {'type': 'string'}, 'ldap_email_attribute': {'type': 'string'}, 'ldap_email_key': {'type': 'string'}, 'ldap_manager_attribute': {'type': 'string'}, 'ldap_uid_attribute': {'type': 'string'}, 'ldap_uid_regex': {'type': 'string'}, 'ldap_uid_tags': {'items': {'type': 'string'}, 'type': 'array'}, 'ldap_uri': {'type': 'string'}, 'memory': {'type': 'integer'}, 'org_domain': {'type': 'string'}, 'profile': {'type': 'string'}, 'queue_url': {'type': 'string'}, 'redis_host': {'type': 'string'}, 'redis_port': {'type': 'integer'}, 'region': {'type': 'string'}, 'role': {'type': 'string'}, 'runtime': {'type': 'string'}, 'security_groups': {'items': {'type': 'string'}, 'type': 'array'}, 'sendgrid_api_key': {'oneOf': [{'type': 'string'}, {'type': 'object', 'properties': {'type': {'enum': ['azure.keyvault']}, 'secret': {'type': 'string'}}, 'required': ['type', 'secret'], 'additionalProperties': False}]}, 'ses_region': {'type': 'string'}, 'slack_token': {'type': 'string'}, 'slack_webhook': {'type': 'string'}, 'smtp_password': {'oneOf': [{'type': 'string'}, {'type': 'object', 'properties': {'type': {'enum': ['azure.keyvault']}, 'secret': {'type': 'string'}}, 'required': ['type', 'secret'], 'additionalProperties': False}]}, 'smtp_port': {'type': 'integer'}, 'smtp_server': {'type': 'string'}, 'smtp_ssl': {'type': 'boolean'}, 'smtp_username': {'type': 'string'}, 'splunk_actions_list': {'type': 'boolean'}, 'splunk_hec_max_length': {'type': 'integer'}, 'splunk_hec_token': {'type': 'string'}, 'splunk_hec_url': {'type': 'string'}, 'splunk_max_attempts': {'type': 'integer'}, 'splunk_remove_paths': {'items': {'type': 'string'}, 'type': 'array'}, 'subnets': {'items': {'type': 'string'}, 'type': 'array'}, 'timeout': {'type': 'integer'}}, 'required': ['queue_url'], 'type': 'object'}, 'mailer_regions': {'items': {'type': 'string'}, 'type': 'array'}, 'output_s3_bucket_name': {'type': 'string'}, 'policy_source_paths': {'items': {'type': 'string'}, 'type': 'array'}, 'regions': {'items': {'type': 'string'}, 'type': 'array'}, 'role_arn': {'type': 'string'}}, 'required': ['account_id', 'account_name', 'regions', 'mailer_config', 'mailer_regions', 'output_s3_bucket_name', 'custodian_log_group', 'dead_letter_queue_arn', 'role_arn', 'cleanup_notify'], 'type': 'object'}¶ Schema of the
manheim-c7n-tools.yml
configuration file. This is a schema designed for use with thejsonschema
package. This schema is for ONE ACCOUNT in the config file; the file itself is made up of an array of objects matching this schema.
-
class
manheim_c7n_tools.config.
ManheimConfig
(**kwargs)[source]¶ Bases:
object
Configuration object for manheim-c7n-tools /
runner
.-
config_for_region
(region_name)[source]¶ Return a copy of this configuration for the specified region name. This currently uses an inefficient but simple approach - it serializes the current config to a YAML string, replaces all occurrences of
%%AWS_REGION%%
with the specifiedregion_name
and all occurrences of%%POLICYGEN_ENV_name%%
replaced with the value of the corresponding environment variable, then deserializes the result and returns a newManheimConfig
object using it.Parameters: region_name (str) – the region name to build a config for Returns: new ManheimConfig for the specified region Return type: ManheimConfig
-
static
from_file
(path, account_name)[source]¶ Construct a new ManheimConfig object from the YML configuration file at the specified path.
Parameters: Returns: new ManheimConfig object for the specified config file
Return type:
-
static
list_accounts
(path)[source]¶ Given the path to a manheim-c7n-tools YML configuration file, return a dict of account name to account ID number for each account defined in the file.
Parameters: path (str) – path of the yaml config file to load Returns: dict of account name/alias used in the file to Account ID Return type: dict
-