search

cloud-custodian / cloud-custodian

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
https://cloudcustodian.io
Apache License 2.0
5.46k stars 1.49k forks source link

Azure: policy failing if Resource Group does not exist #4857

Open tomarv2 opened 5 years ago

tomarv2 commented 5 years ago

Trying this policy: https://cloudcustodian.io/docs/azure/examples/resourcegroupsremoveempty-general.html

Running a policy to remove empty resource group. I except it to continue and ignore what does not exist. 

  File "/usr/local/lib/python3.7/site-packages/azure/mgmt/resource/resources/v2018_05_01/operations/resources_operations.py", line 127, in internal_paging
    raise exp
msrestazure.azure_exceptions.CloudError: Azure Error: ResourceGroupNotFound
Message: Resource group 'test' could not be found.
2019-09-24 22:22:05,100: custodian.commands:ERROR Error while executing policy rg-remove-empty, continuing
Traceback (most recent call last):
  File "/usr/local/lib/python3.7/site-packages/c7n/commands.py", line 269, in run
    policy()
  File "/usr/local/lib/python3.7/site-packages/c7n/policy.py", line 970, in __call__
    resources = mode.run()
  File "/usr/local/lib/python3.7/site-packages/c7n/policy.py", line 229, in run
    resources = self.policy.resource_manager.resources()
  File "/usr/local/lib/python3.7/site-packages/c7n_azure/query.py", line 243, in resources
    resources = self.filter_resources(resources)
  File "/usr/local/lib/python3.7/site-packages/c7n/manager.py", line 108, in filter_resources
    resources = f.process(resources, event)
  File "/usr/local/lib/python3.7/site-packages/c7n/filters/core.py", line 300, in process
    return self.process_set(resources, event)
  File "/usr/local/lib/python3.7/site-packages/c7n/filters/core.py", line 319, in process_set
    resources = f.process(resources, event)
  File "/usr/local/lib/python3.7/site-packages/c7n/filters/core.py", line 197, in process
    return list(filter(self, resources))
  File "/usr/local/lib/python3.7/site-packages/c7n_azure/resources/resourcegroup.py", line 107, in __call__
    return not any(True for _ in resources_iterator)
  File "/usr/local/lib/python3.7/site-packages/c7n_azure/resources/resourcegroup.py", line 107, in <genexpr>
    return not any(True for _ in resources_iterator)
  File "/usr/local/lib/python3.7/site-packages/msrest/paging.py", line 143, in __next__
    self.advance_page()
  File "/usr/local/lib/python3.7/site-packages/msrest/paging.py", line 129, in advance_page
    self._response = self._get_next(self.next_link)
  File "/usr/local/lib/python3.7/site-packages/azure/mgmt/resource/resources/v2018_05_01/operations/resources_operations.py", line 127, in internal_paging
    raise exp
msrestazure.azure_exceptions.CloudError: Azure Error: ResourceGroupNotFound
Message: Resource group 'test' could not be found.
tomarv2 commented 5 years ago

I think in resourcepolicy.py there should be a try and catch somewhere herein:

    def _process_resource(self, group):
        self.manager.log.info('Removing resource group ' + group['name'])
        self.manager.get_client().resource_groups.delete(group['name'])