Metadata-Version: 1.1
Name: c7n
Version: 0.8.13.2
Summary: Cloud Custodian - Policy Rules Engine
Home-page: https://github.com/capitalone/cloud-custodian
Author: UNKNOWN
Author-email: UNKNOWN
License: Apache-2.0
Description: |Join the chat at https://gitter.im/capitalone/cloud-custodian| |Build
        Status| |License| |Requires.io|
        
        .. raw:: html
        
           <!-- markdown-toc start - Don't edit this section. Run M-x markdown-toc-generate-toc again -->
        
        **Table of Contents** - `Cloud Custodian <#cloud-custodian>`__ -
        `Links <#links>`__ - `Usage <#usage>`__ - `Get
        Involved <#get-involved>`__
        
        .. raw:: html
        
           <!-- markdown-toc end -->
        
        Cloud Custodian
        ===============
        
        Cloud Custodian is a rules engine for AWS resource management. It allows
        users to define policies to be enforced to enable a well managed cloud,
        with metrics and structured outputs. It consolidates many of the adhoc
        scripts organizations have into a lightweight and flexible tool.
        
        Organizations can use Custodian to manage their AWS environments by
        ensuring compliance to security policies, tag policies, garbage
        collection of unused resources, and cost management via off-hours
        resource management.
        
        Custodian policies are written in simple YAML configuration files that
        specify given a resource type (ec2, asg, redshift, etc) and are
        constructed from a vocabulary of filters and actions. Custodian was
        created to unify the dozens of tools and scripts most organizations use
        for managing their AWS accounts into one open source tool and provide
        unified operations and reporting.
        
        It integrates with lambda and cloudwatch events to provide for realtime
        enforcement of policies with builtin provisioning on new resources or it
        can be used to query and operate against all of account's extant
        resources.
        
        Links
        -----
        
        -  `Docs <http://www.capitalone.io/cloud-custodian/>`__
        -  `Developer
           Install <http://www.capitalone.io/cloud-custodian/quickstart/developer.html>`__
        
        Quick Install
        -------------
        
        .. code:: shell
        
            $ virtualenv custodian
            $ source custodian/bin/activate
            $ pip install c7n
        
        Usage
        -----
        
        First a policy file needs to be created in yaml format, as an example:
        
        .. code:: yaml
        
        
            policies:
             - name: remediate-extant-keys
               description: |
                 Scan through all s3 buckets in an account and ensure all objects
                 are encrypted (default to AES256).  
               resource: s3
               actions:
                 - encrypt-keys
        
             - name: ec2-require-non-public-and-encrypted-volumes
               resource: ec2 
               description: |
                 Provision a lambda and cloud watch event target
                 that looks at all new instances not in an autoscale group
                 and terminates those with unencrypted volumes.
               mode:
                 type: cloudtrail   
                 events:
                 - RunInstances
               filters:
                 - "tag:aws:autoscaling:groupName": absent
                 - type: ebs
                   key: Encrypted
                   value: false
               actions:
                 - terminate
        
             - name: tag-compliance
               resource: ec2
               description:
                 Schedule a resource that does not meet tag compliance policies
                 to be stopped in four days.
               filters:
                 - State.Name: running
                 - "tag:Environment": absent
                 - "tag:AppId": absent
                 - or:
                   - "tag:OwnerContact": absent
                   - "tag:DeptID": absent
               actions:
                 - type: mark-for-op
                   op: stop
                   days: 4
        
        Given that, you can run cloud-custodian
        
        .. code:: shell
        
              # Directory for outputs
              $ mkdir out
        
              # Validate the configuration
              $ custodian validate -c policy.yml
        
              # Dryrun on the policies (no actions executed)
              $ custodian run --dryrun -c policy.yml -s out
        
              # Run the policy 
              $ custodian run -c policy.yml -s out
        
        Custodian supports a few other useful subcommands and options, including
        outputs to s3, cloud watch metrics, sts role assumption.
        
        Consult the documentation for additional information.
        
        Get Involved
        ------------
        
        Mailing List - https://groups.google.com/forum/#!forum/cloud-custodian
        
        Gitter - https://gitter.im/capitalone/cloud-custodian
        
        Contributors
        ~~~~~~~~~~~~
        
        We welcome Your interest in Capital One’s Open Source Projects (the
        “Project”). Any Contributor to the Project must accept and sign an
        Agreement indicating agreement to the license terms below. Except for
        the license granted in this Agreement to Capital One and to recipients
        of software distributed by Capital One, You reserve all right, title,
        and interest in and to Your Contributions; this Agreement does not
        impact Your rights to use Your own Contributions for any other purpose
        
        [Link to Agreement] (https://docs.google.com/forms/d/19LpBBjykHPox18vrZvBbZUcK6gQTj7qv1O5hCduAZFU/viewform)
        '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
        
        This project adheres to the `Open Code of
        Conduct <http://www.capitalone.io/codeofconduct/>`__. By participating,
        you are expected to honor this code.
        
        .. |Join the chat at https://gitter.im/capitalone/cloud-custodian| image:: https://badges.gitter.im/capitalone/cloud-custodian.svg
           :target: https://gitter.im/capitalone/cloud-custodian?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge
        .. |Build Status| image:: https://travis-ci.org/capitalone/cloud-custodian.svg?branch=master
           :target: https://travis-ci.org/capitalone/cloud-custodian
        .. |License| image:: https://img.shields.io/badge/license-Apache%202-blue.svg
           :target: https://www.apache.org/licenses/LICENSE-2.0
        .. |Requires.io| image:: https://img.shields.io/requires/github/capitalone/cloud-custodian.svg?maxAge=86400
           :target: https://requires.io/github/capitalone/cloud-custodian/requirements/?branch=master
        
Platform: UNKNOWN
Classifier: Topic :: System :: Systems Administration
Classifier: Topic :: System :: Distributed Computing
