manheim_c7n_tools.runner module¶
- class manheim_c7n_tools.runner.BaseStep(region_name, config)[source]¶
Bases:
object
Base class representing one step in the deployment process. Subclass this for each step. It should have a name and two public methods,
run
anddryrun
.- name = None¶
The name of the step, as used on the CLI
- static run_in_region(region_name, config)[source]¶
Return True if this step should run in the specified region, False if it should not.
- Parameters
region_name (str) – region name to test
config (ManheimConfig) – The manheim-c7n-tools config to use for this step, already made region-specific (
config_for_region()
is called where this class is intialized in_run_step_in_regions()
).
- Returns
whether this step should run in the specified region
- Return type
- class manheim_c7n_tools.runner.CustodianRunner(account_name, config_path='manheim-c7n-tools.yml')[source]¶
Bases:
object
Main class to run all steps required for manheim c7n deployment.
- _run_step_in_regions(action, step, regions)[source]¶
Called from
run()
; run a given step in all applicable / specified regions.
- _steps_to_run(step_names, skip_steps)[source]¶
Given the
step_names
andskip_steps
passed torun()
, return the list of step classes to run (in order).
- _validate_account()[source]¶
Validate that we are connected to the configured account.
- Raises
RuntimeError
- ordered_step_classes = [<class 'manheim_c7n_tools.runner.PolicygenStep'>, <class 'manheim_c7n_tools.runner.ValidateStep'>, <class 'manheim_c7n_tools.runner.MugcStep'>, <class 'manheim_c7n_tools.runner.CustodianStep'>, <class 'manheim_c7n_tools.runner.MailerStep'>, <class 'manheim_c7n_tools.runner.DryRunDiffStep'>, <class 'manheim_c7n_tools.runner.S3ArchiverStep'>, <class 'manheim_c7n_tools.runner.DocsBuildStep'>]¶
List of the
BaseStep
subclasses to run for deployment, in the order they should be run.
- run(action, regions=[], step_names=[], skip_steps=[])[source]¶
Main method to run all steps. This calls
_steps_to_run()
to determine which step classes to run and the order to run them in, and then loops through that list calling therun()
ordryrun()
method on each of them, according to theaction
specified.- Parameters
action (str) – Name of the action to do, “run” or “dryrun”
regions (list) – list of string region names to run in; if left empty, run in all regions listed in config file
step_names (list) – list of string step names to run; if not specified, will run all defined steps. Steps are always run in the order defined in
ordered_step_classes
.skip_steps (list) – list of string step names to skip running
- class manheim_c7n_tools.runner.CustodianStep(region_name, config)[source]¶
Bases:
manheim_c7n_tools.runner.BaseStep
Step for actual custodian run
- dryrun()[source]¶
Perform a dry-run of custodian.
This replicates the command:
custodian run –region ‘${region}’ –dryrun -v -s dryrun/${region} -c custodian_${region}.yml –cache ‘/tmp/.cache/cloud-custodian.cache’
- name = 'custodian'¶
The name of the step, as used on the CLI
- run()[source]¶
Perform an actual run of cloud-custodian.
This replicates the command: custodian run –region ‘${region}’ –metrics -v -s cloud-custodian-${account_id}-${region}/logs –log-group=/cloud-custodian/${account_id}/${region} -c custodian_${region}.yml –cache ‘/tmp/.cache/cloud-custodian.cache’
- class manheim_c7n_tools.runner.DocsBuildStep(region_name, config)[source]¶
Bases:
manheim_c7n_tools.runner.BaseStep
Builds generated documentation.
- name = 'docs'¶
The name of the step, as used on the CLI
- static run_in_region(region_name, conf)[source]¶
Return True if this step should run in the specified region, False if it should not.
- Parameters
region_name (str) – region name to test
config (ManheimConfig) – The manheim-c7n-tools config to use for this step, already made region-specific (
config_for_region()
is called where this class is intialized in_run_step_in_regions()
).
- Returns
whether this step should run in the specified region
- Return type
- class manheim_c7n_tools.runner.DryRunDiffStep(region_name, config)[source]¶
Bases:
manheim_c7n_tools.runner.BaseStep
Generates the dryrun diff during dry runs.
- name = 'dryrun-diff'¶
The name of the step, as used on the CLI
- static run_in_region(region_name, conf)[source]¶
Return True if this step should run in the specified region, False if it should not.
- Parameters
region_name (str) – region name to test
config (ManheimConfig) – The manheim-c7n-tools config to use for this step, already made region-specific (
config_for_region()
is called where this class is intialized in_run_step_in_regions()
).
- Returns
whether this step should run in the specified region
- Return type
- class manheim_c7n_tools.runner.MailerStep(region_name, config)[source]¶
Bases:
manheim_c7n_tools.runner.BaseStep
Step for running c7n-mailer dryrun or Lambda provision
This replicates the parts of c7n_mailer.cli that we need for our use case.
- property mailer_config¶
Return the validated c7n-mailer config.
- Returns
c7n-mailer config
- name = 'mailer'¶
The name of the step, as used on the CLI
- static run_in_region(region_name, config)[source]¶
Return True if this step should run in the specified region, False if it should not.
- Parameters
region_name (str) – region name to test
config (ManheimConfig) – The manheim-c7n-tools config to use for this step, already made region-specific (
config_for_region()
is called where this class is intialized in_run_step_in_regions()
).
- Returns
whether this step should run in the specified region
- Return type
- class manheim_c7n_tools.runner.MugcStep(region_name, config)[source]¶
Bases:
manheim_c7n_tools.runner.BaseStep
Step to run custodian mugc.py (lambda garbage collection), based on main() in that module.
- name = 'mugc'¶
The name of the step, as used on the CLI
- class manheim_c7n_tools.runner.PolicygenStep(region_name, config)[source]¶
Bases:
manheim_c7n_tools.runner.BaseStep
Step to run policygen to generate custodian-ready policies on disk.
- name = 'policygen'¶
The name of the step, as used on the CLI
- static run_in_region(region_name, conf)[source]¶
Return True if this step should run in the specified region, False if it should not.
- Parameters
region_name (str) – region name to test
config (ManheimConfig) – The manheim-c7n-tools config to use for this step, already made region-specific (
config_for_region()
is called where this class is intialized in_run_step_in_regions()
).
- Returns
whether this step should run in the specified region
- Return type
- class manheim_c7n_tools.runner.S3ArchiverStep(region_name, config)[source]¶
Bases:
manheim_c7n_tools.runner.BaseStep
Runs s3archiver to archive logs of deleted policies.
- name = 's3archiver'¶
The name of the step, as used on the CLI
- class manheim_c7n_tools.runner.ValidateStep(region_name, config)[source]¶
Bases:
manheim_c7n_tools.runner.BaseStep
Step to run custodian validate on generated policies.
- name = 'validate'¶
The name of the step, as used on the CLI