Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add object lock configuration to augment table #9532

Open
wants to merge 6 commits into
base: main
Choose a base branch
from

Conversation

dmytro-afanasiev
Copy link
Collaborator

@dmytro-afanasiev dmytro-afanasiev commented May 22, 2024

policies:
    - name: example
      resource: aws.s3
      filters:
        - type: lock-configuration
          key: Rule.DefaultRetention.Mode
          value: COMPLIANCE

@kapilt
Copy link
Collaborator

kapilt commented May 22, 2024

this should definitely be a separate filter, we're trying to slim augment table not add to it for s3, re not forcing api calls when they aren't explicitly needed for the policy.

@dmytro-afanasiev
Copy link
Collaborator Author

this should definitely be a separate filter, we're trying to slim augment table not add to it for s3, re not forcing api calls when they aren't explicitly needed for the policy.

changed to value filter

return super().process(resources, event)

def __call__(self, r):
if self.annotate:
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

afaics given the class value for annotate = true, there's no need for the conditional here.

schema = type_schema('lock-configuration', rinherit=ValueFilter.schema)
permissions = ('s3:GetBucketObjectLockConfiguration',)
annotate = True
annotation_key = 'ObjectLockConfiguration'
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

generally want a c7n: prefix on annotation keys to distinguish from native attributes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants