Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
aws.appmesh-mesh
addedaws.appmesh-virtual-gateway
addedaws.bedrock-agent
addedaws.bedrock-customization-job
addedaws.bedrock-knowledge-base
addedaws.s3-storage-lens
addedazure.automation-account
addedaws.account
set-bedrock-model-invocation-logging
bedrock-model-invocation-logging
aws.alarm
is-composite-child
aws.bedrock-custom-model
kms-key
aws.ecs-service
modify-definition
aws.iam-profile
set-policy
aws.lambda
update
aws.rds-proxy
json-diff
aws.rrset
delete
azure.front-door
firewall-policy
azure.redis
firewall
azure.sql-server
auditing-policies
, failover-group
, security-alert-policies
azure.vm
backup-status
Full Changelog: https://github.com/cloud-custodian/cloud-custodian/compare/0.9.34.0...0.9.35.0
aws.org-account
addedaws.org-policy
addedaws.org-unit
addedaws.s3-directory
addedazure.synapse
addedaws.appstream-fleet
json-diff
aws.asg
cost-optimization
aws.batch-compute
auto-tag-user
, copy-related-tag
, mark-for-op
, remove-tag
, rename-tag
, tag
marked-for-op
aws.batch-definition
auto-tag-user
, copy-related-tag
, mark-for-op
, remove-tag
, rename-tag
, tag
marked-for-op
aws.batch-queue
auto-tag-user
, copy-related-tag
, delete
, mark-for-op
, remove-tag
, rename-tag
, tag
, update
marked-for-op
aws.ebs
cost-optimization
aws.ec2
cost-optimization
aws.ecs-service
cost-optimization
aws.elastic-ip
disassociate
aws.eni
detach
aws.kms
json-diff
aws.lambda
cost-optimization
aws.ssm-document
config-compliance
, json-diff
aws.user-pool
json-diff
aws.bedrock-custom-model
addedaws.ec2-capacity-reservation
addedaws.opensearch-serverless
addedaws.workspaces-web
addedazure.app-configuration
addedazure.datalake-analytics
addedazure.defender-assessment
addedazure.defender-contact
addedazure.defender-jit-policy
addedazure.event-grid-domain
addedazure.event-grid-topic
addedazure.host-pool
addedazure.kusto
addedazure.machine-learning-workspace
addedazure.mariadb-server
addedazure.session-host
addedazure.signalr
addedazure.waf
addedopenstack.image
addedopenstack.secret
addedopenstack.security-group
addedopenstack.storage-container
addedaws.ecs-service
network-location
, security-group
aws.ecs-task
network-location
, security-group
aws.iam-oidc-provider
delete
aws.rds-cluster
pending-maintenance
azure.application-gateway
waf
azure.mysql
security-alert-policy
azure.sql-database
data-encryption
gcp.gke-cluster
effective-firewall
openstack.server
security-group
openstack.user
extended-info
-
via ordinal hex (#8808)aws.inspector2-finding
addedgcp.kms-location
addedaws.airflow
delete-environment
, update-environment
aws.glue-catalog
kms-key
aws.vpc
delete-empty
azure.keyvault-key
rotation-policy
gcp.cloud-run-service
iam-policy
gcp.dns-managed-zone
records-sets
gcp.folder
iam-policy
gcp.gke-cluster
server-config
gcp.gke-nodepool
server-config
gcp.organization
iam-policy
, org-policy
gcp.spanner-backup
iam-policy
gcp.sql-instance
set-high-availability
gcp.vpc
firewall
Full Changelog: https://github.com/cloud-custodian/cloud-custodian/compare/0.9.31.0...0.9.32.0
aws.access-analyzer-finding
addedazure.app-insights
addedazure.bastion-host
addedgcp.instance-group-manager
addedgcp.spanner-backup
addedgcp.zone
addedaws.acm-certificate
rename-tag
aws.advisor-check
rename-tag
aws.alarm
rename-tag
aws.apigw-domain-name
rename-tag
aws.apigwv2
rename-tag
aws.apigwv2-stage
rename-tag
aws.appstream-fleet
rename-tag
aws.appstream-stack
rename-tag
aws.backup-plan
rename-tag
aws.backup-vault
rename-tag
aws.cache-cluster
rename-tag
aws.cache-snapshot
rename-tag
aws.catalog-portfolio
rename-tag
aws.catalog-product
rename-tag
aws.cloud-directory
rename-tag
aws.cloudhsm-cluster
rename-tag
aws.cloudtrail
rename-tag
aws.cloudwatch-dashboard
rename-tag
aws.codebuild
rename-tag
aws.codecommit
rename-tag
aws.codedeploy-app
rename-tag
aws.codedeploy-group
rename-tag
aws.codepipeline
rename-tag
aws.composite-alarm
rename-tag
aws.config-rule
rename-tag
aws.datasync-agent
rename-tag
aws.datasync-task
rename-tag
aws.devicefarm-project
rename-tag
aws.directconnect
rename-tag
aws.distribution
rename-tag
aws.dms-endpoint
rename-tag
aws.dms-replication-task
rename-tag
aws.dynamodb-table
rename-tag
aws.efs
rename-tag
aws.elasticache-group
rename-tag
aws.event-bus
rename-tag
aws.event-rule
rename-tag
aws.firehose
rename-tag
aws.firewall
rename-tag
aws.glacier
rename-tag
aws.glue-connection
rename-tag
aws.glue-crawler
rename-tag
aws.glue-dev-endpoint
rename-tag
aws.glue-job
rename-tag
aws.glue-ml-transform
rename-tag
aws.glue-trigger
rename-tag
aws.glue-workflow
rename-tag
aws.graphql-api
rename-tag
aws.healthcheck
rename-tag
aws.hostedzone
rename-tag
aws.iam-policy
rename-tag
aws.identity-pool
rename-tag
aws.insight-rule
rename-tag
aws.kafka
rename-tag
aws.kinesis
rename-tag
aws.kinesis-analytics
rename-tag
aws.kinesis-analyticsv2
rename-tag
aws.kms-key
rename-tag
aws.lambda
rename-tag
aws.lex-bot
rename-tag
aws.log-group
rename-tag
aws.message-config
rename-tag
aws.pinpoint-app
rename-tag
aws.qldb
rename-tag
aws.rds
rename-tag
aws.rds-cluster
rename-tag
aws.rds-cluster-param-group
rename-tag
aws.rds-cluster-snapshot
rename-tag
aws.rds-param-group
rename-tag
aws.rds-proxy
rename-tag
aws.rds-reserved
rename-tag
aws.rds-snapshot
rename-tag
aws.rds-subnet-group
rename-tag
aws.rds-subscription
rename-tag
aws.redshift-snapshot
rename-tag
aws.redshift-subnet-group
rename-tag
aws.rest-api
rename-tag
aws.rest-stage
rename-tag
aws.s3
bucket-replication
aws.ses-configuration-set
rename-tag
aws.ses-email-identity
rename-tag
aws.sns
rename-tag
aws.sqs
rename-tag
aws.ssm-parameter
rename-tag
aws.streaming-distribution
rename-tag
aws.swf-domain
rename-tag
aws.user-pool
rename-tag
aws.waf-regional
rename-tag
aws.wafv2
rename-tag
aws.workspaces
rename-tag
aws.workspaces-directory
rename-tag
aws.workspaces-image
rename-tag
aws.xray-group
rename-tag
aws.xray-rule
rename-tag
azure.monitor-log-profile
monitor-storage
gcp.instance
Full Changelog: https://github.com/cloud-custodian/cloud-custodian/compare/0.9.30.0...0.9.31.0
aws.advisor-check
addedaws.apigwv2-stage
addedaws.appdiscovery-agent
addedaws.appstream-fleet
addedaws.appstream-stack
addedaws.athena-named-query
addedaws.budget
addedaws.cloudwatch-dashboard
addedaws.datasync-agent
addedaws.datasync-task
addedaws.devicefarm-project
addedaws.dms-replication-task
addedaws.flow-log
addedaws.guardduty-finding
addedaws.lex-bot
addedaws.quicksight-group
addedaws.quicksight-user
addedaws.securityhub-finding
addedaws.ssm-patch-group
addedaws.ssm-session-manager
addedaws.xray-group
addedaws.xray-rule
addedazure.front-door-policy
addedgcp.cloud-run-revision
addedaws.ami
cancel-launch-permission
aws.rds
pending-maintenance
aws.rds-proxy
delete
aws.rds-snapshot
instance
aws.transit-attachment
set-flow-log
aws.transit-gateway
set-flow-log
flow-logs
aws.user-pool
wafv2-enabled
aws.vpc
azure.advisor-recommendation
advisor-recommendation
azure.aks
advisor-recommendation
azure.alert-logs
advisor-recommendation
azure.api-management
advisor-recommendation
azure.application-gateway
advisor-recommendation
azure.appserviceplan
advisor-recommendation
azure.armresource
advisor-recommendation
azure.batch
advisor-recommendation
azure.cdn-custom-domain
advisor-recommendation
azure.cdn-endpoint
advisor-recommendation
azure.cdnprofile
advisor-recommendation
azure.cognitiveservice
advisor-recommendation
azure.container-group
advisor-recommendation
azure.container-registry
advisor-recommendation
azure.containerservice
advisor-recommendation
azure.cosmosdb
advisor-recommendation
azure.cosmosdb-collection
advisor-recommendation
azure.cosmosdb-database
advisor-recommendation
azure.cost-management-export
advisor-recommendation
azure.databricks
advisor-recommendation
azure.datafactory
advisor-recommendation
azure.datalake
advisor-recommendation
azure.defender-alert
advisor-recommendation
azure.defender-autoprovisioning
advisor-recommendation
azure.defender-pricing
advisor-recommendation
azure.defender-setting
advisor-recommendation
azure.disk
advisor-recommendation
azure.dnszone
advisor-recommendation
azure.eventhub
advisor-recommendation
azure.eventsubscription
advisor-recommendation
azure.front-door
advisor-recommendation
azure.hdinsight
advisor-recommendation
azure.image
advisor-recommendation
azure.iothub
advisor-recommendation
azure.keyvault
advisor-recommendation
azure.keyvault-certificate
advisor-recommendation
azure.keyvault-key
advisor-recommendation
azure.keyvault-secret
advisor-recommendation
azure.loadbalancer
advisor-recommendation
azure.logic-app-workflow
advisor-recommendation
azure.mariadb
advisor-recommendation
azure.monitor-log-profile
advisor-recommendation
azure.mysql
advisor-recommendation
, server-configuration
azure.mysql-flexibleserver
advisor-recommendation
azure.networkinterface
advisor-recommendation
azure.networksecuritygroup
advisor-recommendation
azure.networkwatcher
advisor-recommendation
azure.open-shift
advisor-recommendation
azure.policyassignments
advisor-recommendation
azure.postgresql-database
advisor-recommendation
azure.postgresql-server
advisor-recommendation
azure.publicip
advisor-recommendation
azure.recordset
advisor-recommendation
azure.recovery-services
advisor-recommendation
azure.redis
advisor-recommendation
azure.resourcegroup
advisor-recommendation
azure.roleassignment
advisor-recommendation
azure.roledefinition
advisor-recommendation
azure.routetable
advisor-recommendation
azure.search
advisor-recommendation
azure.service-fabric-cluster
advisor-recommendation
azure.service-fabric-cluster-managed
advisor-recommendation
azure.servicebus-namespace
advisor-recommendation
azure.servicebus-namespace-authrules
advisor-recommendation
azure.servicebus-namespace-networkrules
advisor-recommendation
azure.spring-app
advisor-recommendation
azure.spring-service-instance
advisor-recommendation
azure.sql-database
advisor-recommendation
azure.sql-server
advisor-recommendation
azure.storage
advisor-recommendation
azure.storage-container
advisor-recommendation
azure.subscription
advisor-recommendation
azure.traffic-manager-profile
advisor-recommendation
azure.vm
advisor-recommendation
azure.vmss
advisor-recommendation
azure.vnet
advisor-recommendation
azure.webapp
advisor-recommendation
gcp.dataproc-clusters
iam-policy
gcp.function
iam-policy
gcp.image
iam-policy
gcp.kms-keyring
iam-policy
gcp.pubsub-topic
iam-policy
gcp.spanner-database-instance
iam-policy
gcp.spanner-instance
iam-policy
gcp.sql-instance
set-deletion-protection
Full Changelog: https://github.com/cloud-custodian/cloud-custodian/compare/0.9.29.0...0.9.30.0
more gcp resources, two others of note.
aws.connect-campaign
addedgcp.armor-policy
addedgcp.dataproc-clusters
addedgcp.patch-deployment
addedgcp.redis
addedaws.ecs
ebs-storage
aws.launch-template-version
config-compliance
aws.s3
set-intelligent-tiering
intelligent-tiering
azure.cdnprofile
waf
azure.front-door
waf
gcp.gke-cluster
mark-for-op
, set-labels
marked-for-op
gcp.image
mark-for-op
, set-labels
marked-for-op
Full Changelog: https://github.com/cloud-custodian/cloud-custodian/compare/0.9.28.0...0.9.29.0
New oracle cloud infrastructure provider, several additional resources to gcp, regular fixes and updates to extant providers.
aws.ses-email-identity
addedaws.ses-receipt-rule-set
addedazure.monitor-log-profile
addedazure.recovery-services
addedgcp.app-engine-service
addedgcp.app-engine-service-version
addedgcp.bigtable-instance
addedgcp.bigtable-instance-cluster
addedgcp.bigtable-instance-cluster-backup
addedgcp.bigtable-instance-table
addedgcp.datafusion-instance
addedgcp.notebook
addedoci.bucket
addedoci.compartment
addedoci.cross_connect
addedoci.group
addedoci.instance
addedoci.subnet
addedoci.user
addedoci.vcn
addedoci.zone
addedaws.artifact-repo
json-diff
aws.cloud-directory
aws.directory
delete
aws.ec2-spot-fleet-request
json-diff
aws.event-bus
delete
aws.firehose
json-diff
aws.iam-certificate
config-compliance
, json-diff
aws.iam-saml-provider
config-compliance
, json-diff
aws.prefix-list
config-compliance
, json-diff
aws.ses-configuration-set
set-delivery-options
aws.transit-attachment
metrics
aws.vpc-endpoint
metrics
azure.sql-server
transparent-data-encryption
Full Changelog: https://github.com/cloud-custodian/cloud-custodian/compare/0.9.27.0...0.9.28.0
aws.fis-experiment
addedaws.pinpoint-app
addedaws.ses-configuration-set
addedazure.cdn-custom-domain
addedazure.cdn-endpoint
addedazure.mariadb
addedazure.open-shift
addedazure.servicebus-namespace
addedazure.servicebus-namespace-authrules
addedazure.spring-app
addedazure.spring-service-instance
addedgcp.artifact-repository
addedgcp.compute-project
addedgcp.region
addedaws.eks
associate-encryption-config
aws.fsx
consecutive-aws-backups
aws.lambda
has-specific-managed-policy
aws.rds
consecutive-aws-backups
aws.rds-cluster
consecutive-aws-backups
aws.subnet
ip-address-usage
gcp.cloud-run-service
recommend
gcp.disk
recommend
gcp.function
recommend
gcp.gke-cluster
recommend
gcp.image
recommend
gcp.instance
recommend
gcp.log-project-sink
bucket
gcp.project
recommend
gcp.service-account
recommend
gcp.sql-instance
recommend
Fixes a package upload issue caused using poetry to upload our frozen wheels that affected (0.9.25.0), in favor of using twine to. upload, which results in proper frozen metadata.
Full Changelog: https://github.com/cloud-custodian/cloud-custodian/compare/0.9.25.0...0.9.26.0