Created
May 23, 2018 01:00
-
-
Save kapilt/58d705c8ee40df3bac34eec493f9e92b to your computer and use it in GitHub Desktop.
custodian run policy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
policies: | |
- name: ec2-run | |
resource: ec2 | |
mode: | |
type: cloudtrail | |
events: | |
- RunInstances | |
role: arn:aws:iam::xyz:role/CloudCustodianRole |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ custodian run -c ec2.yml -s out -v | |
2018-05-22 20:54:03,518: keyring.backend:INFO Loading SecretService | |
2018-05-22 20:54:03,519: keyring.backend:INFO Loading kwallet | |
2018-05-22 20:54:03,520: keyring.backend:INFO Loading macOS | |
2018-05-22 20:54:03,521: keyring.backend:INFO Loading windows | |
2018-05-22 20:54:03,568: custodian.commands:DEBUG Loaded file ec2.yml. Contains 1 policies | |
2018-05-22 20:54:03,571: custodian.aws:DEBUG using default region:us-east-2 from boto | |
2018-05-22 20:54:03,933: custodian.output:DEBUG Storing output with <DirectoryOutput to dir:out/ec2-run> | |
2018-05-22 20:54:03,933: custodian.policy:INFO Provisioning policy lambda ec2-run | |
2018-05-22 20:54:04,031: custodian.lambda:DEBUG Created custodian lambda archive size: 1.72mb | |
2018-05-22 20:54:04,185: custodian.lambda:INFO Publishing custodian policy lambda function custodian-ec2-run | |
2018-05-22 20:54:08,878: custodian.lambda:DEBUG Publishing custodian lambda alias current | |
2018-05-22 20:54:09,090: custodian.lambda:DEBUG Creating cwe rule for <CWEvent Type:cloudtrail Events:RunInstances> | |
2018-05-22 20:54:09,392: custodian.lambda:DEBUG Added lambda invoke cwe rule permission | |
2018-05-22 20:54:09,416: custodian.lambda:DEBUG Creating cwe rule target for <CWEvent Type:cloudtrail Events:RunInstances> on func:arn:aws:lambda:us-east-2:xyz:function:custodian-ec2-run | |
2018-05-22 20:54:09,454: custodian.lambda:DEBUG Added event source: <CWEvent Type:cloudtrail Events:RunInstances> to function: arn:aws:lambda:us-east-2:xyz:function:custodian-ec2-run:current |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| |
00:57:38 | |
START RequestId: 49498afa-5e24-11e8-8f00-83558f3dfa8a Version: $LATEST | |
| |
00:57:38 | |
[INFO] 2018-05-23T00:57:38.566Z 49498afa-5e24-11e8-8f00-83558f3dfa8a Processing event { "account": "xyz", "region": "us-east-2", "detail": { "eventVersion": "1.05", "eventID": "fed83dc0-1f0f-441d-a4a5-4501a02472c6", "eventTime": "2018-05-23T00:57:05Z", "requestParameters": { "userData": "<sensitiveDataRemoved>", "blockDeviceMapping": { "ite | |
| |
00:57:39 | |
[DEBUG] 2018-05-23T00:57:39.97Z 49498afa-5e24-11e8-8f00-83558f3dfa8a Disabling cache | |
| |
00:57:39 | |
[INFO] 2018-05-23T00:57:39.97Z 49498afa-5e24-11e8-8f00-83558f3dfa8a Found resource ids: [u'i-0a18ab5b178fc2901'] | |
| |
00:57:39 | |
[INFO] 2018-05-23T00:57:39.762Z 49498afa-5e24-11e8-8f00-83558f3dfa8a Resources [{u'Monitoring': {u'State': 'disabled'}, u'PublicDnsName': 'ec2-18-217-17-224.us-east-2.compute.amazonaws.com', u'State': {u'Code': 16, u'Name': 'running'}, u'EbsOptimized': False, u'LaunchTime': datetime.datetime(2018, 5, 23, 0, 57, 5, tzinfo=tzlocal()), u'PublicIpAddress': '1.1.1.1', u'PrivateIpAddress': '172.31 | |
| |
00:57:39 | |
[INFO] 2018-05-23T00:57:39.762Z 49498afa-5e24-11e8-8f00-83558f3dfa8a Filtering resources with [] | |
| |
00:57:39 | |
[DEBUG] 2018-05-23T00:57:39.762Z 49498afa-5e24-11e8-8f00-83558f3dfa8a Filtered from 1 to 1 ec2 | |
| |
00:57:39 | |
[INFO] 2018-05-23T00:57:39.762Z 49498afa-5e24-11e8-8f00-83558f3dfa8a Filtered resources 1 | |
| |
00:57:39 | |
[DEBUG] 2018-05-23T00:57:39.762Z 49498afa-5e24-11e8-8f00-83558f3dfa8a Storing output with <DirectoryOutput to dir:/tmp/23d390b5-3857-407c-9d2d-4b59bc3738b4/ec2-run> | |
| |
00:57:39 | |
[DEBUG] 2018-05-23T00:57:39.763Z 49498afa-5e24-11e8-8f00-83558f3dfa8a metric:ResourceCount Count:1 policy:ec2-run restype:ec2 scope:policy | |
| |
00:57:39 | |
[INFO] 2018-05-23T00:57:39.763Z 49498afa-5e24-11e8-8f00-83558f3dfa8a Invoking actions [] | |
| |
00:57:39 | |
END RequestId: 49498afa-5e24-11e8-8f00-83558f3dfa8a | |
| |
00:57:39 | |
REPORT RequestId: 49498afa-5e24-11e8-8f00-83558f3dfa8a Duration: 1210.65 ms Billed Duration: 1300 ms Memory Size: 512 MB Max Memory Used: 76 MB |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment