Run a Cloud Custodian policy file from a Python script. Most useful perhaps to be able to run Cloud Custodian from AWS Lambda.

c7n_run.py

import os
import logging
from c7n.commands import run
from c7n.config import Config

logger = logging.getLogger()
logger.setLevel(logging.INFO)

# Capture our current directory
THIS_DIR = os.path.dirname(os.path.abspath(__file__))
OUT_DIR = '/tmp'

assumed_role = 'arn:aws:iam::{{ account_id }}:{{ target_role }}'
filename = 'my-policy.yml'

default_c7n_config = {
    'skip-validation': True,
    'vars': None,
    'debug': True,
    'assume': assumed_role,
    'output_dir': os.path.join(OUT_DIR, 'out'),
    'region': 'us-east-1',
    'configs': [filename]
}
run_config = Config.empty(**default_c7n_config)

logger.info('Running policy: ' + filename)
run(run_config)