We'd like to make a suggestion regarding the dryrun-diff component of Manheim; currently the dryrun generates a markdown sytle comment which you can place on a PR in order to view the overall effect a policy change will have on it's respective resources.
In addition to this, it would be great to also generate a detailed report regarding the identity of the resources affected in the dryrun, for instance, which resources have been removed, added, left unchanged and so on. This way, it instills more confidence to a reviewer around changes made to a policy as they know exactly what is going to be affected.
Hi,
We'd like to make a suggestion regarding the
dryrun-diffcomponent of Manheim; currently the dryrun generates a markdown sytle comment which you can place on a PR in order to view the overall effect a policy change will have on it's respective resources.In addition to this, it would be great to also generate a detailed report regarding the identity of the resources affected in the dryrun, for instance, which resources have been removed, added, left unchanged and so on. This way, it instills more confidence to a reviewer around changes made to a policy as they know exactly what is going to be affected.
We have already been working on this and have opened https://github.com/manheim/manheim-c7n-tools/pull/34 that introduces this feature, and would welcome your feedback.