{ "info": { "author": "Kapil Thangavelu", "author_email": "kapil.foss@gmail.com", "bugtrack_url": null, "classifiers": [ "Topic :: System :: Distributed Computing", "Topic :: System :: Systems Administration" ], "description": "# c7n-org: Multi Account Custodian Execution\n\n[//]: # ( !!! IMPORTANT !!! )\n[//]: # (This file is moved during document generation.)\n[//]: # (Only edit the original document at ./tools/c7n_org/README.md)\n\nc7n-org is a tool to run custodian against multiple AWS accounts,\nAzure subscriptions, or GCP projects in parallel.\n\n## Installation\n\n```shell\npip install c7n-org\n```\n\nc7n-org has 3 run modes:\n\n```shell\nUsage: c7n-org [OPTIONS] COMMAND [ARGS]...\n\n custodian organization multi-account runner.\n\nOptions:\n --help Show this message and exit.\n\nCommands:\n report report on an AWS cross account policy execution\n run run a custodian policy across accounts (AWS, Azure, GCP)\n run-script run a script across AWS accounts\n```\n\nIn order to run c7n-org against multiple accounts, a config file must\nfirst be created containing pertinent information about the accounts:\n\n\nExample AWS Config File:\n\n```yaml\naccounts:\n- account_id: '123123123123'\n name: account-1\n regions:\n - us-east-1\n - us-west-2\n role: arn:aws:iam::123123123123:role/CloudCustodian\n vars:\n charge_code: xyz\n tags:\n - type:prod\n - division:some division\n - partition:us\n - scope:pci\n...\n```\n\nExample Azure Config File:\n\n```yaml\nsubscriptions:\n- name: Subscription-1\n subscription_id: a1b2c3d4-e5f6-g7h8i9...\n- name: Subscription-2\n subscription_id: 1z2y3x4w-5v6u-7t8s9r...\n```\n\nExample GCP Config File:\n\n```yaml\nprojects:\n- name: app-dev\n project_id: app-203501\n tags:\n - label:env:dev \n- name: app-prod\n project_id: app-1291\n tags:\n - label:env:dev\n\n```\n\n### Config File Generation\n\nWe also distribute scripts to generate the necessary config file in the `scripts` folder.\n\n**Note** Currently these are distributed only via git, per\nhttps://github.com/cloud-custodian/cloud-custodian/issues/2420 we'll\nbe looking to incorporate them into a new c7n-org subcommand.\n\n- For **AWS**, the script `orgaccounts.py` generates a config file\n from the AWS Organizations API\n\n- For **Azure**, the script `azuresubs.py` generates a config file\n from the Azure Resource Management API\n\n - Please see the [Additional Azure Instructions](#Additional-Azure-Instructions)\n - for initial setup and other important info\n\n- For **GCP**, the script `gcpprojects.py` generates a config file from\n the GCP Resource Management API\n\n\n```shell\npython orgaccounts.py -f accounts.yml\n```\n```shell\npython azuresubs.py -f subscriptions.yml\n```\n```shell\npython gcpprojects.py -f projects.yml\n```\n\n## Running a Policy with c7n-org\n\nTo run a policy, the following arguments must be passed in:\n\n```shell\n-c | accounts|projects|subscriptions config file\n-s | output directory\n-u | policy\n```\n\n\n```shell\nc7n-org run -c accounts.yml -s output -u test.yml --dryrun\n```\n\nAfter running the above command, the following folder structure will be created:\n\n```\noutput\n |_ account-1\n |_ us-east-1\n |_ policy-name\n |_ resources.json\n |_ custodian-run.log\n |_ us-west-2\n |_ policy-name\n |_ resources.json\n |_ custodian-run.log\n |- account-2\n...\n```\n\nUse `c7n-org report` to generate a csv report from the output directory.\n\n## Selecting accounts and policy for execution\n\nYou can filter the accounts to be run against by either passing the\naccount name or id via the `-a` flag, which can be specified multiple\ntimes.\n\nGroups of accounts can also be selected for execution by specifying\nthe `-t` tag filter. Account tags are specified in the config\nfile. ie given the above accounts config file you can specify all prod\naccounts with `-t type:prod`.\n\nYou can specify which policies to use for execution by either\nspecifying `-p` or selecting groups of policies via their tags with\n`-l`.\n\n\nSee `c7n-org run --help` for more information.\n\n## Defining and using variables\n\nEach account/subscription/project configuration in the config file can\nalso define a variables section `vars` that can be used in policies'\ndefinitions and are interpolated at execution time. These are in\naddition to the default runtime variables custodian provides like\n`account_id`, `now`, and `region`.\n\nExample of defining in c7n-org config file:\n\n```yaml\naccounts:\n- account_id: '123123123123'\n name: account-1\n role: arn:aws:iam::123123123123:role/CloudCustodian\n vars:\n charge_code: xyz\n```\n\nExample of using in a policy file:\n\n```yaml\npolicies:\n - name: ec2-check-tag\n resource: aws.ec2\n filters:\n - \"tag:CostCenter\": \"{charge_code}\"\n```\n\n**Note** Variable interpolation is sensitive to proper quoting and spacing,\ni.e., `{ charge_code }` would be invalid due to the extra white space. Additionally,\nyaml parsing can transform a value like `{charge_code}` to null, unless it's quoted\nin strings like the above example. Values that do interpolation into other content\ndon't require quoting, i.e., \"my_{charge_code}\".\n\n## Other commands\n\nc7n-org also supports running arbitrary scripts on AWS against\naccounts via the run-script command, which exports standard AWS SDK\ncredential information into the process environment before executing.\n\nc7n-org also supports generating reports for a given policy execution\nacross accounts via the `c7n-org report` subcommand.\n\n## Additional Azure Instructions\n\nIf you're using an Azure Service Principal for executing c7n-org\nyou'll need to ensure that the principal has access to multiple\nsubscriptions.\n\nFor instructions on creating a service principal and granting access\nacross subscriptions, visit the [Azure authentication docs\npage](https://cloudcustodian.io/docs/azure/authentication.html).", "description_content_type": "text/markdown", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/cloud-custodian/cloud-custodian", "keywords": "", "license": "Apache-2.0", "maintainer": "", "maintainer_email": "", "name": "c7n-org", "package_url": "https://pypi.org/project/c7n-org/", "platform": "", "project_url": "https://pypi.org/project/c7n-org/", "project_urls": { "Homepage": "https://github.com/cloud-custodian/cloud-custodian" }, "release_url": "https://pypi.org/project/c7n-org/0.5.5/", "requires_dist": null, "requires_python": "", "summary": "Cloud Custodian - Multi Account", "version": "0.5.5" }, "last_serial": 5957999, "releases": { "0.0.1": [ { "comment_text": "", "digests": { "md5": "4f8abcd81b030052241db69e1df3addc", "sha256": "a620b427d26003d6d896efc5dccd456b8b4de146b8c67b15d81932a257f347c3" }, "downloads": -1, "filename": "c7n_org-0.0.1.tar.gz", "has_sig": false, "md5_digest": "4f8abcd81b030052241db69e1df3addc", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 5215, "upload_time": "2017-07-20T22:55:01", "url": "https://files.pythonhosted.org/packages/92/73/3dce65674a9396ae43e0b7011254e1ef5bca19f627c4023d208ff1e1a9cd/c7n_org-0.0.1.tar.gz" } ], "0.0.2": [ { "comment_text": "", "digests": { "md5": "41ee93b7a1205797d894c705117ca210", "sha256": "83003592eab60baf04e83f0b93557ec2a6681da91bef91940d46767f94d13d82" }, "downloads": -1, "filename": "c7n_org-0.0.2.tar.gz", "has_sig": false, "md5_digest": "41ee93b7a1205797d894c705117ca210", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 5195, "upload_time": "2017-09-01T12:18:07", "url": "https://files.pythonhosted.org/packages/5c/34/7948c626e6f8b66601d11f1dd7528640888ec64f35c47dbff711ae10cc62/c7n_org-0.0.2.tar.gz" } ], "0.2": [ { "comment_text": "", "digests": { "md5": "988d1bd5fabfa3ef198003f50f645dc6", "sha256": "69de4cd72c51b3910f81269da28c0419da32389e15dd50572c58b8660691c141" }, "downloads": -1, "filename": "c7n_org-0.2.tar.gz", "has_sig": false, "md5_digest": "988d1bd5fabfa3ef198003f50f645dc6", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 5990, "upload_time": "2018-02-14T12:47:41", "url": "https://files.pythonhosted.org/packages/0c/ad/b11362af9e7161df3bb43586860bc0601ea031cdddf88ee8283ec6d98b64/c7n_org-0.2.tar.gz" } ], "0.2.1": [ { "comment_text": "", "digests": { "md5": "a861d2a97d2accabe716a756382d878d", "sha256": "f064b7caa1e1a85780105d684c5a8b7796f51da06c5960e3f99c3e311e61df9c" }, "downloads": -1, "filename": "c7n_org-0.2.1.tar.gz", "has_sig": false, "md5_digest": "a861d2a97d2accabe716a756382d878d", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6079, "upload_time": "2018-02-14T12:50:29", "url": "https://files.pythonhosted.org/packages/0e/0d/d51f26f717dba9b325b48260f7ff4d13f96f7da432075b2f761b0904d8a5/c7n_org-0.2.1.tar.gz" } ], "0.2.2": [ { "comment_text": "", "digests": { "md5": "dc00114f89a12ab3fd96e4d9ca87f19c", "sha256": "f20b0368175111e5566e3b3d96c564b49f50bb5a7e930abe0bb569c6607ea0ad" }, "downloads": -1, "filename": "c7n_org-0.2.2.tar.gz", "has_sig": false, "md5_digest": "dc00114f89a12ab3fd96e4d9ca87f19c", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6235, "upload_time": "2018-02-14T12:51:25", "url": "https://files.pythonhosted.org/packages/42/cb/c6772f5efff803010c1f6fe89bc883f74ebe45922db1d4506a17a724d709/c7n_org-0.2.2.tar.gz" } ], "0.3.1": [ { "comment_text": "", "digests": { "md5": "27b919a2c1535db6ad8db6b70f5f9df4", "sha256": "5bf41dc388a886cd2e628e124cda66f23b033ba52e2bb9ea3886be5401d42c66" }, "downloads": -1, "filename": "c7n_org-0.3.1.tar.gz", "has_sig": false, "md5_digest": "27b919a2c1535db6ad8db6b70f5f9df4", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6333, "upload_time": "2018-03-15T13:02:50", "url": "https://files.pythonhosted.org/packages/e2/48/55531db2ed38f78fbf38bf827514a84eeffde67de9a3e906bf2a0a643c60/c7n_org-0.3.1.tar.gz" } ], "0.4.0": [ { "comment_text": "", "digests": { "md5": "015d7386a680a6e8d12ee4f16179ede5", "sha256": "e53c9bbe8dc6c18520887ba6eccded5ecff8213e07b292f3ccfaff982ae85d2d" }, "downloads": -1, "filename": "c7n_org-0.4.0.tar.gz", "has_sig": false, "md5_digest": "015d7386a680a6e8d12ee4f16179ede5", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 9643, "upload_time": "2018-08-12T18:19:46", "url": "https://files.pythonhosted.org/packages/4f/5a/873ea6750513fee6c328bb39d5fbd7e928a2f4c239cab6104f35658ac986/c7n_org-0.4.0.tar.gz" } ], "0.4.1": [ { "comment_text": "", "digests": { "md5": "413b2f12bc177ad1c21f346df7cc77b2", "sha256": "a45418be9b2b609ba3b6aa81163169d3c40833dfdb724a876841a862f91e0b18" }, "downloads": -1, "filename": "c7n_org-0.4.1.tar.gz", "has_sig": false, "md5_digest": "413b2f12bc177ad1c21f346df7cc77b2", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 8124, "upload_time": "2018-10-02T22:16:00", "url": "https://files.pythonhosted.org/packages/1f/69/627d58474aab316d98c9ae546066c44e006bf058a67dc4d6373ba261b09f/c7n_org-0.4.1.tar.gz" } ], "0.5.0": [ { "comment_text": "", "digests": { "md5": "e6e86220268b93cb00bbf8f68f13e973", "sha256": "e830da27612388dda5397d183ddb2dac88a5100dc2ff1dd33a015cfca0786c0f" }, "downloads": -1, "filename": "c7n_org-0.5.0.tar.gz", "has_sig": false, "md5_digest": "e6e86220268b93cb00bbf8f68f13e973", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 10498, "upload_time": "2018-11-14T09:28:23", "url": "https://files.pythonhosted.org/packages/bc/c6/ad69e772cece722e502a1464cf5fe96faf939e6fca380f0ca8641223446d/c7n_org-0.5.0.tar.gz" } ], "0.5.1": [ { "comment_text": "", "digests": { "md5": "3211ae4f2921e65014eec88c71f2c135", "sha256": "94914a524c1d0670e673d6722786dfd0d1ad48dd16bd8a764335f75ee6bfa947" }, "downloads": -1, "filename": "c7n_org-0.5.1.tar.gz", "has_sig": false, "md5_digest": "3211ae4f2921e65014eec88c71f2c135", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 12050, "upload_time": "2019-04-13T10:08:41", "url": "https://files.pythonhosted.org/packages/ac/14/ae3b8efc1bb19f28d10c9b4f751b4c6ebc65695fc81dcf2ef94239b6bbd4/c7n_org-0.5.1.tar.gz" } ], "0.5.2": [ { "comment_text": "", "digests": { "md5": "6999f73b8380fe838831fcef309dfdc0", "sha256": "7ea2bd504063059fcc6bec9d7a4f9d3a05211b45ed223a96bd96fe5dbaf3415a" }, "downloads": -1, "filename": "c7n_org-0.5.2.tar.gz", "has_sig": false, "md5_digest": "6999f73b8380fe838831fcef309dfdc0", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 12620, "upload_time": "2019-06-18T16:36:39", "url": "https://files.pythonhosted.org/packages/bb/40/52978a750c07139e542fceb6141e763a463f25fbec371ad27630a568bdce/c7n_org-0.5.2.tar.gz" } ], "0.5.3": [ { "comment_text": "", "digests": { "md5": "22f0beaf5a28633eea3c9f16d60ebd20", "sha256": "968e8f53d98948e9b8d3615ac89a27bcf61db3f395ddde239a9f58d641fa2ca9" }, "downloads": -1, "filename": "c7n_org-0.5.3.tar.gz", "has_sig": false, "md5_digest": "22f0beaf5a28633eea3c9f16d60ebd20", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 12613, "upload_time": "2019-06-28T20:33:31", "url": "https://files.pythonhosted.org/packages/36/d8/81270827e878b44b1ef23c3f9c6421a003d48d1d647f791ab5a506f5742b/c7n_org-0.5.3.tar.gz" } ], "0.5.4": [ { "comment_text": "", "digests": { "md5": "324e8c8f6f76f930a8b04b080cb186c0", "sha256": "1e7892a047e5b4ae5a3d9314a4f192b5c0aa61b8705ca1005a273e8134f17ea5" }, "downloads": -1, "filename": "c7n_org-0.5.4.tar.gz", "has_sig": false, "md5_digest": "324e8c8f6f76f930a8b04b080cb186c0", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 12664, "upload_time": "2019-09-23T22:34:52", "url": "https://files.pythonhosted.org/packages/e9/ed/19316b88da46ad86b0c48e183686e1e7c3eff2743791d6244adb373a4b89/c7n_org-0.5.4.tar.gz" } ], "0.5.5": [ { "comment_text": "", "digests": { "md5": "3971181058fb6ad01317857c02b57291", "sha256": "c32fb3420dea2565562d1dff4c5a4a6ac4aedfb4aa7458a59979a6583e85a75f" }, "downloads": -1, "filename": "c7n_org-0.5.5.tar.gz", "has_sig": false, "md5_digest": "3971181058fb6ad01317857c02b57291", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 12720, "upload_time": "2019-10-11T02:11:52", "url": "https://files.pythonhosted.org/packages/3d/59/f727ecce933b5c65d5a81bdf1dc11d86a8ae09a8c6f005934ffd541c3052/c7n_org-0.5.5.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "3971181058fb6ad01317857c02b57291", "sha256": "c32fb3420dea2565562d1dff4c5a4a6ac4aedfb4aa7458a59979a6583e85a75f" }, "downloads": -1, "filename": "c7n_org-0.5.5.tar.gz", "has_sig": false, "md5_digest": "3971181058fb6ad01317857c02b57291", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 12720, "upload_time": "2019-10-11T02:11:52", "url": "https://files.pythonhosted.org/packages/3d/59/f727ecce933b5c65d5a81bdf1dc11d86a8ae09a8c6f005934ffd541c3052/c7n_org-0.5.5.tar.gz" } ] }