Metadata-Version: 2.1
Name: c7n-trailcreator
Version: 0.1.2
Summary: Cloud Custodian - Retroactive Tag Resource Creators from CloudTrail
Home-page: https://github.com/capitalone/cloud-custodian
License: Apache-2.0
Description: # AWS Retroactive Tagging Resource Creators
        
        This script will process cloudtrail records to create a sqlite db of
        resources and their creators, and then use that sqlitedb to tag
        the resources with their creator's name.
        
        In processing cloudtrail it can use either Athena or S3 Select. A
        config file of the events and resources of interest is required.
        
        ## Install
        
        ```shell
        $ pip install c7n_trailcreator
        
        $ c7n-trailcreator --help
        ```
        
        ## Config File
        
        The config file format here is similiar to what custodian requires
        for lambda policies on cloudtrail api events as an event selector.
        
        First for each resource, the custodian resource-type is required
        to be specified, and then for each event, we need to know the
        name of the service, the event name, and a jmespath expression
        to get the resource ids.
        
        ```json
        {
          "resources": [
            {
              "resource": "iam-role",
              "events": [
                {
                  "event": "CreateRole",
                  "ids": "requestParameters.roleName",
                  "service": "iam.amazonaws.com"
                }
              ]
            },
            {
              "resource": "iam-user",
              "shape": "User",
              "events": [
                {
                  "event": "CreateUser",
                  "ids": "requestParameters.userName",
                  "service": "iam.amazonaws.com"
                }
              ]
            }]
        }
        ```
        
        
        ## Tagging
        
        It supports this across all the resources that custodian supports.
        
        
        ## Multi Account / Multi Region
        
        c7n-trailcreator supports executing across multiple accounts and regions when tagging
        using the same file format that c7n-org uses to denote accounts.
        
        
Platform: UNKNOWN
Classifier: Topic :: System :: Systems Administration
Classifier: Topic :: System :: Distributed Computing
Description-Content-Type: text/markdown
