Instantly share code, notes, and snippets.

# Copyright 2018 Capital One Services, LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
View custodian-policy.yml
- name: ec2-run
resource: ec2
type: cloudtrail
- RunInstances
role: arn:aws:iam::xyz:role/CloudCustodianRole
View policies.yaml
- name: mark
resource: ec2
- "tag:Action": absent
- type: mark-for-op
tag: Action
op: stop
import re
from datetime import datetime, timedelta
class Date(object):
date_increment = re.compile('\+[0-9]+[md]')
def __init__(self, d=None):
self._d = d

Use Cases

Sometimes you really want to scan all objects, or in the words of gary oldman from the professional, "bring me EVERYONE" :-) There are a couple of different reasons for that from an org perspective, given current feature sets, most of it involves catching up on s3 security from both an acl and encryption perspective after the fact.

Salactus provides for scale out scanning of every s3 object with configurable object visitors. It also supports s3 inventory as a

import boto3
import time
from botocore.session import Session as CoreSession
from botocore.hooks import HierarchicalEmitter
import traceback
import token_bucket
View basic-emacs.el
(require 'package) ;; You might already have this line
(add-to-list 'package-archives
'("melpa" . ""))
(package-initialize) ;;
(global-font-lock-mode t)
(setq inhibit-startup-mesage t)
(setq make-backup-files nil)
(add-hook 'after-init-hook #'global-flycheck-mode)
"""Pypy memory leak issue
this needs to process some large buckets to show the continual memory
accumulation. growth after 100 pages processed shows increase from 240mb rss
to 1221 mb rss.
interestingly playing around with chunk size shows dramatic effects on memory
growth rate.
View gist:d5a53ae4239cecbc4e027d192423117c
- name: sg-fast-revert
resource: security-group
- GroupId: "sg-220123a1"
- type: diff
selector: date
selector_value: "2016/12/14 13:05Z"
- patch
- <<: *notify_action