manheim_c7n_tools.config module¶

manheim_c7n_tools.config.MANHEIM_CONFIG_SCHEMA = {'additionalProperties': False, 'properties': {'account_id': {'type': ['number', 'string']}, 'account_name': {'type': 'string'}, 'always_notify': {'to': {'items': {'type': 'string'}, 'type': 'array'}, 'transport': {'oneOf': [{'type': 'object', 'required': ['type', 'queue'], 'properties': {'queue': {'type': 'string'}, 'type': {'enum': ['sqs']}}}, {'type': 'object', 'required': ['type', 'topic'], 'properties': {'topic': {'type': 'string'}, 'type': {'enum': ['sns']}, 'attributes': {'type': 'object'}}}]}}, 'assume_role': {'properties': {'duration_seconds': {'type': 'number'}, 'external_id': {'type': 'string'}, 'role_arn': {'type': 'string'}}, 'required': ['role_arn'], 'type': 'object'}, 'cleanup_notify': {'type': 'array'}, 'custodian_log_group': {'type': 'string'}, 'dead_letter_queue_arn': {'type': 'string'}, 'function_prefix': {'type': 'string'}, 'mailer_config': {'$schema': 'http://json-schema.org/draft-07/schema', 'additionalProperties': False, 'id': 'https://schema.cloudcustodian.io/v0/mailer.json', 'properties': {'account_emails': {'type': 'object'}, 'additional_email_headers': {'patternProperties': {'': {'type': 'string'}}, 'type': 'object'}, 'cache_engine': {'type': 'string'}, 'contact_tags': {'items': {'type': 'string'}, 'type': 'array'}, 'cross_accounts': {'type': 'object'}, 'datadog_api_key': {'type': 'string'}, 'datadog_application_key': {'type': 'string'}, 'dead_letter_config': {'type': 'object'}, 'debug': {'type': 'boolean'}, 'endpoint_url': {'type': 'string'}, 'from_address': {'type': 'string'}, 'function_properties': {'appInsights': {'oneOf': [{'type': 'string'}, {'type': 'object', 'properties': {'name': 'string', 'location': 'string', 'resourceGroupName': 'string'}}], 'type': 'object'}, 'identity': {'additionalProperties': False, 'properties': {'client_id': {'type': 'string'}, 'id': {'type': 'string'}, 'type': {'enum': ['Embedded', 'SystemAssigned', 'UserAssigned']}}, 'type': 'object'}, 'servicePlan': {'oneOf': [{'type': 'string'}, {'type': 'object', 'properties': {'name': 'string', 'location': 'string', 'resourceGroupName': 'string', 'skuTier': 'string', 'skuName': 'string'}}], 'type': 'object'}, 'storageAccount': {'oneOf': [{'type': 'string'}, {'type': 'object', 'properties': {'name': 'string', 'location': 'string', 'resourceGroupName': 'string'}}], 'type': 'object'}, 'type': 'object'}, 'function_schedule': {'type': 'string'}, 'function_sku': {'type': 'string'}, 'function_skuCode': {'type': 'string'}, 'http_proxy': {'type': 'string'}, 'https_proxy': {'type': 'string'}, 'lambda_description': {'type': 'string'}, 'lambda_name': {'type': 'string'}, 'lambda_schedule': {'type': 'string'}, 'lambda_tags': {'type': 'object'}, 'ldap_bind_dn': {'type': 'string'}, 'ldap_bind_password': {'type': 'string'}, 'ldap_bind_password_in_kms': {'type': 'boolean'}, 'ldap_bind_user': {'type': 'string'}, 'ldap_email_attribute': {'type': 'string'}, 'ldap_email_key': {'type': 'string'}, 'ldap_manager_attribute': {'type': 'string'}, 'ldap_uid_attribute': {'type': 'string'}, 'ldap_uid_regex': {'type': 'string'}, 'ldap_uid_tags': {'items': {'type': 'string'}, 'type': 'array'}, 'ldap_uri': {'type': 'string'}, 'memory': {'type': 'integer'}, 'org_domain': {'type': 'string'}, 'profile': {'type': 'string'}, 'queue_url': {'type': 'string'}, 'redis_host': {'type': 'string'}, 'redis_port': {'type': 'integer'}, 'region': {'type': 'string'}, 'role': {'type': 'string'}, 'runtime': {'type': 'string'}, 'security_groups': {'items': {'type': 'string'}, 'type': 'array'}, 'sendgrid_api_key': {'oneOf': [{'type': 'string'}, {'type': 'object', 'properties': {'type': {'enum': ['azure.keyvault']}, 'secret': {'type': 'string'}}, 'required': ['type', 'secret'], 'additionalProperties': False}]}, 'ses_region': {'type': 'string'}, 'slack_token': {'type': 'string'}, 'slack_webhook': {'type': 'string'}, 'smtp_password': {'oneOf': [{'type': 'string'}, {'type': 'object', 'properties': {'type': {'enum': ['azure.keyvault']}, 'secret': {'type': 'string'}}, 'required': ['type', 'secret'], 'additionalProperties': False}]}, 'smtp_port': {'type': 'integer'}, 'smtp_server': {'type': 'string'}, 'smtp_ssl': {'type': 'boolean'}, 'smtp_username': {'type': 'string'}, 'splunk_actions_list': {'type': 'boolean'}, 'splunk_hec_max_length': {'type': 'integer'}, 'splunk_hec_sourcetype': {'type': 'string'}, 'splunk_hec_token': {'type': 'string'}, 'splunk_hec_url': {'type': 'string'}, 'splunk_max_attempts': {'type': 'integer'}, 'splunk_remove_paths': {'items': {'type': 'string'}, 'type': 'array'}, 'subnets': {'items': {'type': 'string'}, 'type': 'array'}, 'timeout': {'type': 'integer'}}, 'required': ['queue_url'], 'type': 'object'}, 'mailer_regions': {'items': {'type': 'string'}, 'type': 'array'}, 'output_s3_bucket_name': {'type': 'string'}, 'policy_source_paths': {'items': {'type': 'string'}, 'type': 'array'}, 'regions': {'items': {'type': 'string'}, 'type': 'array'}, 'role_arn': {'type': 'string'}}, 'required': ['account_id', 'account_name', 'regions', 'mailer_config', 'mailer_regions', 'output_s3_bucket_name', 'custodian_log_group', 'dead_letter_queue_arn', 'role_arn'], 'type': 'object'}¶: Schema of the manheim-c7n-tools.yml configuration file. This is a schema designed for use with the jsonschema package. This schema is for ONE ACCOUNT in the config file; the file itself is made up of an array of objects matching this schema.

class manheim_c7n_tools.config.ManheimConfig(**kwargs)[source]¶

Bases: object

Configuration object for manheim-c7n-tools / runner.

config_for_region(region_name)[source]¶

Return a copy of this configuration for the specified region name. This currently uses an inefficient but simple approach - it serializes the current config to a YAML string, replaces all occurrences of %%AWS_REGION%% with the specified region_name and all occurrences of %%POLICYGEN_ENV_name%% replaced with the value of the corresponding environment variable, then deserializes the result and returns a new ManheimConfig object using it.

Parameters: region_name (str) – the region name to build a config for
Returns: new ManheimConfig for the specified region
Return type: ManheimConfig

static from_file(path, account_name)[source]¶

Construct a new ManheimConfig object from the YML configuration file at the specified path.

Parameters

path (str) – path of the yaml config file to load
account_name (str) – top-level account name/alias to load

Returns

new ManheimConfig object for the specified config file

Return type

ManheimConfig

static list_accounts(path)[source]¶

Given the path to a manheim-c7n-tools YML configuration file, return a dict of account name to account ID number for each account defined in the file.

Parameters: path (str) – path of the yaml config file to load
Returns: dict of account name/alias used in the file to Account ID
Return type: dict