Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow policies ability to trigger off of failed events #9537

Closed
khapp opened this issue May 24, 2024 · 1 comment
Closed

Allow policies ability to trigger off of failed events #9537

khapp opened this issue May 24, 2024 · 1 comment
Labels
kind/question

Comments

@khapp
Copy link

khapp commented May 24, 2024

Describe the feature

I would like to be able to write policies that trigger when certain failed events occur.

Use Case:

I would like to craft an SCP that restricts the creation of S3 buckets that don't have encryption enabled. I would like to write a policy that detects calls that do not enable encryption and send notifications based on that failed event. The notification would enable us to point our engineers towards documentation and resources for best practices.

Extra information or context

No response
@kapilt
Copy link
Collaborator

kapilt commented Jun 5, 2024

custodian does allow for this, you'll need to set an environment variable for the lambda mode policy C7N_SKIP_EVTERR=no

@kapilt kapilt closed this as completed Jun 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kapilt @khapp