manheim_c7n_tools.runner module¶
-
class
manheim_c7n_tools.runner.
BaseStep
(region_name, config)[source]¶ Bases:
object
Base class representing one step in the deployment process. Subclass this for each step. It should have a name and two public methods,
run
anddryrun
.-
name
= None¶ The name of the step, as used on the CLI
-
static
run_in_region
(region_name, config)[source]¶ Return True if this step should run in the specified region, False if it should not.
Parameters: - region_name (str) – region name to test
- config (ManheimConfig) – The manheim-c7n-tools config to use for this step,
already made region-specific
(
config_for_region()
is called where this class is intialized in_run_step_in_regions()
).
Returns: whether this step should run in the specified region
Return type:
-
-
class
manheim_c7n_tools.runner.
CustodianRunner
(account_name, config_path='manheim-c7n-tools.yml')[source]¶ Bases:
object
Main class to run all steps required for manheim c7n deployment.
-
_run_step_in_regions
(action, step, regions)[source]¶ Called from
run()
; run a given step in all applicable / specified regions.Parameters:
-
_steps_to_run
(step_names, skip_steps)[source]¶ Given the
step_names
andskip_steps
passed torun()
, return the list of step classes to run (in order).Parameters: Returns: list of step classes to run, in order
Return type:
-
_validate_account
()[source]¶ Validate that we are connected to the configured account.
Raises: RuntimeError
-
ordered_step_classes
= [<class 'manheim_c7n_tools.runner.PolicygenStep'>, <class 'manheim_c7n_tools.runner.ValidateStep'>, <class 'manheim_c7n_tools.runner.MugcStep'>, <class 'manheim_c7n_tools.runner.CustodianStep'>, <class 'manheim_c7n_tools.runner.MailerStep'>, <class 'manheim_c7n_tools.runner.DryRunDiffStep'>, <class 'manheim_c7n_tools.runner.S3ArchiverStep'>, <class 'manheim_c7n_tools.runner.DocsBuildStep'>]¶ List of the
BaseStep
subclasses to run for deployment, in the order they should be run.
-
run
(action, regions=[], step_names=[], skip_steps=[])[source]¶ Main method to run all steps. This calls
_steps_to_run()
to determine which step classes to run and the order to run them in, and then loops through that list calling therun()
ordryrun()
method on each of them, according to theaction
specified.Parameters: - action (str) – Name of the action to do, “run” or “dryrun”
- regions (list) – list of string region names to run in; if left empty, run in all regions listed in config file
- step_names (list) – list of string step names to run; if not specified,
will run all defined steps. Steps are always run in the order defined
in
ordered_step_classes
. - skip_steps (list) – list of string step names to skip running
-
-
class
manheim_c7n_tools.runner.
CustodianStep
(region_name, config)[source]¶ Bases:
manheim_c7n_tools.runner.BaseStep
Step for actual custodian run
-
dryrun
()[source]¶ Perform a dry-run of custodian.
This replicates the command:
custodian run –region ‘${region}’ –dryrun -v -s dryrun/${region} -c custodian_${region}.yml –cache ‘/tmp/.cache/cloud-custodian.cache’
-
name
= 'custodian'¶
-
run
()[source]¶ Perform an actual run of cloud-custodian.
This replicates the command: custodian run –region ‘${region}’ –metrics -v -s cloud-custodian-${account_id}-${region}/logs –log-group=/cloud-custodian/${account_id}/${region} -c custodian_${region}.yml –cache ‘/tmp/.cache/cloud-custodian.cache’
-
-
class
manheim_c7n_tools.runner.
DocsBuildStep
(region_name, config)[source]¶ Bases:
manheim_c7n_tools.runner.BaseStep
Builds generated documentation.
-
name
= 'docs'¶
-
static
run_in_region
(region_name, conf)[source]¶ Return True if this step should run in the specified region, False if it should not.
Parameters: - region_name (str) – region name to test
- config (ManheimConfig) – The manheim-c7n-tools config to use for this step,
already made region-specific
(
config_for_region()
is called where this class is intialized in_run_step_in_regions()
).
Returns: whether this step should run in the specified region
Return type:
-
-
class
manheim_c7n_tools.runner.
DryRunDiffStep
(region_name, config)[source]¶ Bases:
manheim_c7n_tools.runner.BaseStep
Generates the dryrun diff during dry runs.
-
name
= 'dryrun-diff'¶
-
static
run_in_region
(region_name, conf)[source]¶ Return True if this step should run in the specified region, False if it should not.
Parameters: - region_name (str) – region name to test
- config (ManheimConfig) – The manheim-c7n-tools config to use for this step,
already made region-specific
(
config_for_region()
is called where this class is intialized in_run_step_in_regions()
).
Returns: whether this step should run in the specified region
Return type:
-
-
class
manheim_c7n_tools.runner.
MailerStep
(region_name, config)[source]¶ Bases:
manheim_c7n_tools.runner.BaseStep
Step for running c7n-mailer dryrun or Lambda provision
This replicates the parts of c7n_mailer.cli that we need for our use case.
-
mailer_config
¶ Return the validated c7n-mailer config.
Returns: c7n-mailer config
-
name
= 'mailer'¶
-
static
run_in_region
(region_name, config)[source]¶ Return True if this step should run in the specified region, False if it should not.
Parameters: - region_name (str) – region name to test
- config (ManheimConfig) – The manheim-c7n-tools config to use for this step,
already made region-specific
(
config_for_region()
is called where this class is intialized in_run_step_in_regions()
).
Returns: whether this step should run in the specified region
Return type:
-
-
class
manheim_c7n_tools.runner.
MugcStep
(region_name, config)[source]¶ Bases:
manheim_c7n_tools.runner.BaseStep
Step to run custodian mugc.py (lambda garbage collection), based on main() in that module.
-
name
= 'mugc'¶
-
-
class
manheim_c7n_tools.runner.
PolicygenStep
(region_name, config)[source]¶ Bases:
manheim_c7n_tools.runner.BaseStep
Step to run policygen to generate custodian-ready policies on disk.
-
name
= 'policygen'¶
-
static
run_in_region
(region_name, conf)[source]¶ Return True if this step should run in the specified region, False if it should not.
Parameters: - region_name (str) – region name to test
- config (ManheimConfig) – The manheim-c7n-tools config to use for this step,
already made region-specific
(
config_for_region()
is called where this class is intialized in_run_step_in_regions()
).
Returns: whether this step should run in the specified region
Return type:
-
-
class
manheim_c7n_tools.runner.
S3ArchiverStep
(region_name, config)[source]¶ Bases:
manheim_c7n_tools.runner.BaseStep
Runs s3archiver to archive logs of deleted policies.
-
name
= 's3archiver'¶
-
-
class
manheim_c7n_tools.runner.
ValidateStep
(region_name, config)[source]¶ Bases:
manheim_c7n_tools.runner.BaseStep
Step to run custodian validate on generated policies.
-
name
= 'validate'¶
-