Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
There's been quite a few changes in this release, highlights
This is our first release to drop python 2.7 compatibility.
lazy loading by default, greatly reduces cli and serverless cold start latency.
docker images have been significantly trimmed using multi-stage builds with the distroless container.
poetry is now being used for package management, existing workflows using pip/setuptools will work without any changes.
pypi release artifacts are being published with fully frozen dependency graphs, to ensure repeatable installation over time.
Custodian strives for backwards compatibility, however in this release some planned deprecations and removals have been enacted.
python 2.7 compatibility has been removed
metrics and logs cli have been removed
.git
directory from docker build context (#4991)A bug fix (#4277) around custodian schema validation of boolean filter blocks (or
, and
, and not
) may now cause some validation errors on invalid policies. Previously these policies would have passed validation as it was not performed recursively on boolean blocks. Please check your policies with the latest release.
Authors: 42 Pull Requests: 136