search

manheim / manheim-c7n-tools

Manheim's Cloud Custodian (c7n) wrapper package, policy generator, runner, and supporting tools.
https://manheim-c7n-tools.readthedocs.io/
Apache License 2.0
45 stars 25 forks source link

Policy filenames need to match the name attribute inside #30

Closed robertstettner closed 4 years ago

robertstettner commented 4 years ago

I have noticed this. Is this by design?

The error is:

[2020-04-09 13:51:52,367 INFO] Step policygen in REGION 1 of 4 (us-east-1)
[2020-04-09 13:51:52,367 INFO] Initialized PolicyGen for account: 123456789012 (123456789012)
[2020-04-09 13:51:52,371 INFO] No source paths defined, falling back to single source path
Traceback (most recent call last):
  File "/manheim_c7n_tools/manheim_c7n_tools/config.py", line 197, in __getattr__
    return self._config[k]
KeyError: 'policy_source_paths'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/manheim_c7n_tools/manheim_c7n_tools/policygen.py", line 127, in _load_all_policies
    self._config.policy_source_paths
  File "/manheim_c7n_tools/manheim_c7n_tools/config.py", line 199, in __getattr__
    raise AttributeError(k)
AttributeError: policy_source_paths

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/bin/manheim-c7n-runner", line 11, in <module>
    load_entry_point('manheim-c7n-tools', 'console_scripts', 'manheim-c7n-runner')()
  File "/manheim_c7n_tools/manheim_c7n_tools/runner.py", line 624, in main
    args.ACTION, args.regions, step_names=args.steps, skip_steps=args.skip
  File "/manheim_c7n_tools/manheim_c7n_tools/runner.py", line 486, in run
    self._run_step_in_regions(action, step, regions)
  File "/manheim_c7n_tools/manheim_c7n_tools/runner.py", line 541, in _run_step_in_regions
    step(region_name, region_conf).dryrun()
  File "/manheim_c7n_tools/manheim_c7n_tools/runner.py", line 140, in dryrun
    self._do_policygen()
  File "/manheim_c7n_tools/manheim_c7n_tools/runner.py", line 134, in _do_policygen
    PolicyGen(self.config).run()
  File "/manheim_c7n_tools/manheim_c7n_tools/policygen.py", line 76, in run
    acct_configs = self._load_all_policies()
  File "/manheim_c7n_tools/manheim_c7n_tools/policygen.py", line 141, in _load_all_policies
    acct_configs = self._load_policy()
  File "/manheim_c7n_tools/manheim_c7n_tools/policygen.py", line 169, in _load_policy
    os.path.join(path, 'all_accounts')
  File "/manheim_c7n_tools/manheim_c7n_tools/policygen.py", line 196, in _read_policy_directory
    common = self._read_policies(os.path.join(policy_dir, 'common'))
  File "/manheim_c7n_tools/manheim_c7n_tools/policygen.py", line 714, in _read_policies
    '"%s".' % (f, y.get('name', ''))
RuntimeError: ERROR: Policy file sg-unused.yml contains policy with name "security-groups-unused".
jantman commented 4 years ago

Yes. That's one of the explicit policy sanity checks that policygen enforces.