►
From YouTube: Cloud Custodian Community Meeting 2022-04-26
Description
Our community meeting is public and we encourage users and contributors of Cloud Custodian to attend! You can find the notes for this meeting on our github repo: https://github.com/cloud-custodian/community/discussions
To get an invite to the meeting join the google group and you'll receive one via email: https://groups.google.com/g/cloud-custodian
A
All
right,
everyone
see
the
notes
we
have.
The
agenda
item
welcome
everybody.
The
date
is
april,
26
2022,
and
this
is
the
cloud
custodian
community
meeting
for
today.
As
always
just
a
reminder,
we
do
record
these
meetings
and
put
them
on
youtube
and
the
cncf
code
of
conduct
is
in
effect.
So
as
always,
let's
be
excellent
to
each
other.
A
bunch
of
us
are
in
seattle
right
now.
It's
sprinting
for
stockton,
where
we
work
so
aj
jameson
myself.
A
Liz
are
here
along
with
tori
and
we
wanted
to
keep
the
schedule
of
the
community
meetings
going
and
because
we
have
some
stuff
that
we
want
to
cover
and
yeah.
So
we're
going
to
go
through
the
agenda
and
we're
going
to
go
through
some
of
the
pr's
and
stuff
that
have
been
active
this
week,
as
always
the
open.
A
So
if
you
have
anything
that
you
would
like
for
us
to
discuss
in
the
url
there
for
the
notes
feel
free
to
just
add
it
directly
to
the
to
the
notes
and
then
we
will
get
to
it.
First.
Two
things
on
the
agenda
are
just
some
reminders
of
activities
that
are
coming
up.
So
pycon
is
happening.
That's
this
weekend,
then
right
yeah
this
weekend
and
aj
is
going
to
be
there
and
attending.
A
Next,
if
you're
going
to
go
to
kubecon,
we
we
looked
up
a
quick
survey,
monkey
link-
if
you
could
answer
it,
we
just
want
to
know
who's
going
to
go
a
coupon,
so
we
can
try
to
organize
a
dinner
or
get
together
or
something
like
that.
So
for
that
we
just
need
your
email
address.
So
if
you're
going
to
that-
and
you
want
to
check
us
out
at
kubecon,
then
we
will
do
that
all
right.
A
Okay,
first
things:
first
neil
got
kovic
on
his
way
here
to
the
spring,
so
I
know
that
we've
had
some
issues
that
we
want
to
block
as
unboxed
as
far
as
pr
reviews
and
things
we're
not
going
to
be
able
to
actively
work
with
him
for
a
while
he's
in
his
room.
He's
feeling
he's
feeling
fine
he's
okay,
but
he's
just
having
any
capacity
to
work,
probably
for
the
next
two
weeks.
He
might
be
stuck
here
in
seattle,
so
he's
not
even
gonna
be
able
to
travel
home.
A
So
apologies
for
that.
I
know.
We've
had
a
lot
of
work
items
that
have
been
depending
on
compeel's
review
and
we
just
made
every
everything
just
got
a
little
bit
harder
for
us.
So
apologies
for
that.
If
you've
been
waiting
on
my
work
but
we're
going
to
try
to
work
through
it,
because
I
mean
what
can
we
do
right,
anybody
got
any
concerns
or
comments
or
anything
of
that
nature.
He
sends
his
regards.
A
A
A
You
were
working
on
your
your
team
was
working
on
that
config
poll
rule
mode.
We
did
get
that
one
merged
in
I.
You
may
have
seen
kathie's
comments
on
that
one
I
I
finally
so
I
was
helping
trying
to
add
some
documentation
and
the
documentation
was
was
not
clear
enough.
So
apologies
for
that.
I
took
your
perfectly
fine
pr
and
and
added
some
mud
to
it.
So
we'll
try
to
we'll
try
to
get
a
follow-up
to
clear
that
up
a
little
bit
so
claire.
A
A
The
the
reason
that
we
would
want
this
mode
was
when
we
want
a
related
resource
to
trigger
a
new
rule
evaluation,
and
I
tried
to
add
the
the
logic-
was
all
fine
in
the
pr
so
trying
to
help
for
when
people
are
browsing,
why
they
would
need
this
thing
in
the
first
place.
I
think
when
I
added
the
dots
it
suggested
that
you
wouldn't
need
it.
A
B
A
That
is
funny
that
you
mentioned
that
one,
because
I
do
have
a
pr,
so
I
wanted
to
keep
it
separate
from
the
new
release.
Okay,
because
I
know
sunny
thanks
to
sunny,
he's,
got
a
lot
of
work
on
some
dependency
updates
for
the
next
release,
gotcha,
but
we'll
get
to
those.
We
should
talk
about
yeah,
we'll
definitely.
E
A
About
that,
but
I
do
have
a
draft
piece.
I
will
pop
that
here,
and
this
is
a
pretty
big.
It
ends
up
being
a
pretty
big
change
only
because
of
a
lot
of
ripple
effects
and
that's
including,
and
it
ties
into
what
you're
talking
about
during
the
talks,
because
we're
going
to
specify
all
of
the
ideas
of
the
proposal
yeah,
it
is
to
specify
all
of
our
subprojects
like
the
tools
mailer.
A
7216,
just
click
on
one
and
then
change
the
number
yeah
yeah,
yeah
cool,
so
yeah.
The
idea
is
to
have
all
of
those
projects
as
dev
dependencies.
So
when
we
run
a
poetry,
install
it's
going
to
do
editable,
installs
of
all
those
sub
projects
and
that
way
we're
looking
at
the
whole
resolving
dependency
tree
once
all
at
the
top
level
heading
out
into
all
those
sub
projects.
We
have
our
base.
We
end
up
with
a
pretty
gigantic
poetry,
lock
file,
but
what
was
happening
before
and
suddenly.
I
know
you
ran
into
this.
A
So
we've
got
like
multiple
dependency
resolution,
the
trees,
dependency
trees
at
per
sub
project
and
we're
kind
of
having
them
compete
at
install
time,
and
it's
just
kind
of
a
pain
for
people
who
want
to
contribute-
and
it's
scary
enough
that
I
now
left
the
meeting.
But
but
I
don't
like
this
yeah
yeah,
I'm
gonna
help
you
but
yeah.
So
the
idea
here
is
to
pull
everything
back
but
making
that
change
so
that
everything
is
part
of
our
root
dependency
tree
that
just
that
affects
a
lot
of
things.
A
One
of
those
is
updating
the
depth
of
the
install
yeah
to
say
that
we're
not
going
to
use
talks
anymore
because
we're
pulling
away
from
that
and
we're
just
doing
this
we're
getting
into
I
mean
making
soul
poetry
ends
up
being.
It
was
a
convenient
single
command
to
wrap
multiple
poetry
and
stalls
right
with
this
change.
It
just
becomes
like
an
alias
for
poetry
and
soul.
Basically,
we
just
keep
it
around
for
compatibility,
but
there's
yeah.
A
A
Right
and
we're
trying
to
get
off
of
that,
but
having
a
more
consistent,
predictable
developer,
install
gives
us
a
a
a
single
main
virtual
environment
that
we
can
also
use
to
reliably
build
docs.
We
were
having
some
issues
before
where,
depending
on
the
order
that
that
your
package
is
installed,
your
your
your
environment,
you
might
not
be
able
to
build
the
docks
properly
right.
I
knew
you
ran
into
some
weird
issues,
right,
yeah,
yeah,
and
then
I
wasn't
able
to
vote
so
will.
A
Yeah,
but
so
this
one,
if
anyone's
interested
in
this
sort
of
thing
or
wants
to
try,
it
feel
free
to
check
out
this.
Is
I'm
keeping
this
as
a
draft
right
now,
because
it
is
like
at
one
level
it
looks
like
a
really
minor
change
and
then
it's
like
you
pull
the
thread
and
the
whole
sweater
falls
apart,
yeah,
so
just
to
give
people
a
quick
summary
of
the
background
here.
A
Custodian's
pretty
old
in
a
lot
of
the
stuff
building
processes
were
set
up
a
long
time
ago,
using
instances
and
stuff,
and
it's
like
why.
Why
aren't
we
just
using
github
actions
to
build
stuff
and
what
I
do
dealie
would
like
to
get
to
is
when
you
do
a
pr
we'll
do
like
a
nice
netlify
preview
and
all
that
kind
of
good
stuff.
That's
where
I
envision
us
going
so
that
we
can
start
to
write
on
the
docs
and
make
them
pretty
and
do
all
that
good
stuff.
Well,.
C
A
C
A
C
A
A
F
F
I
know
that
was
a
discussion.
We
had
last
time
their
stance
on
it
was
they
don't
use
semver
and
don't
recommend
anyone
december.
I'm
like
okay.
Well,
that's
not
what
like
the
rest
of
the
industry
does
so
that's
kind
of
annoying
but
worked
through
that
issue,
and
then
the
other
issue
was
exactly
what
aj
was
talking
about,
how
we
install
everything
through
poetry,
kind
of
stepwise
and
the
installation
uninstallation
of
dependencies
causes
issues.
F
F
A
F
F
I
mean,
I
think,
certainly
like
a
lot
of
it
can
be
cleaned
up
by,
like
basically
a
shell
script
that
you
run
locally,
but
the
whole
like
release
engineering,
pr
that
has
to
go
up
and
then
some
of
the
weirdness
that
could
come
out
of
there.
I'm
just
a
little
has
on
like
fully
automating
that,
before
having
a
more
clear
picture
on
what
we
should
do.
A
F
A
A
F
F
F
However,
some
of
these
resources
are
supported
in
the
resource
groups.
Tagging
api,
where
all
you
have
to
do
is
pass
them
in
on
and
you
get
the
tags
back
so
liz.
If
you
scroll
down
a
little
bit
the
policy
here
rather
than
having
the
resource
type,
be
like
ec2
or
ebs,
it
would
be
resource
group
tagging
api
and
then
the
key
would
be
a
reference
to
an
arn
that
we
would
look
up.
B
Well,
no,
that
was
that's,
that's
the
basic
premise
behind
all
of
this.
I
think
a
previous
community
meeting
we
talked
about
this
kind
of
briefly.
I
think
I
asked
the
question
and
there
was
discussion
on
whether
or
not
research
groups,
tagging
api
would
itself
be
a
first
class
citizen,
because
there
had
been
discussion.
I
guess
around
being
able
to
do
something
as
that
I
I'm
not
sure
the
the
use
case
around
that
I
did
take
a
glance
at
your
pr.
B
It
seems
like
it
would
do
what
I'm
asking,
although
I
wonder
if
it
felt
like
there,
was
a
lot
of
duplication
of
code
potentially
and
like
right,
because
all
of
this
is
basically
being
implemented
strictly
for
the
copy
related
resources
action
as
opposed
to
a
more
generic
methodology
around
it.
So
I'm
not.
B
F
B
B
F
That's
all
I
had
on
it.
I
think
the
definitely
the
repeated
code.
It
is
still
in
the
draft.
It's
still
missing
tests
and
stuff,
but
it
works
locally
for
what
it's
worth,
but
it
works
on
my
machine.
It's
not
the
greatest
metric
todd.
Let
me
know
if
you
try.
It
out
feel
free
to
comment
on
the
pr
stuff.
A
Yeah
I
did
have
one,
and
this
is
for
the
the
value
type,
the
cider
value
type.
This
is
kind
of
reviving
apr.
This
is
what
we
talked
about
in
the
previous
meeting
kind
of
trying
to
surgically
piece
together
a
couple
pr's
that
were
open
into
one.
I
see
people
nodding,
one
glorious
hole,
so
hopefully
I
I
think-
and
there
was
one
what
looked
like
an
unresolved
comment
there
from
from
palbasa
about
the
test
coverage,
but
I
think
with
kaden's
documentation
and
test
pulling
those
in.
A
I
think
that
addresses
any
open,
open
questions
there.
So
I
think
the
there
are
two
things
that
we
need
here.
One
is
just
anyone
involved.
Anyone
who
cares
just
have
a
look
see
if
there's
if
this
surgery
was
botched
or
if
that,
actually
it
does
things
the
way
you
would
expect,
and
the
other
thing
is
that
I
think
we
need
to
get
in
touch
with
austin
to
find
out
because
his
he
has
started
this
work
under
a
capital
one
address
and
his
normal
grad
capital,
one.
A
C
A
Yeah
I
didn't
want
to
like
I
I
saw
he's,
got
another
address
on
github,
but
I
want
to
go
like
rebase
his
commits
yeah
and
we're
going
to
sit
down
with
the
easy
cla
folks
in
general
that
you've
to
make
that
process,
not
so
awful
yeah.
So
all
right,
I
would
take
the
one
other
question
I
need
to
review.
I
just
want
to
shout
out
to
sunny
for
this
guy
7222
and
the
rds
engine
filter,
big
thanks
sonny
for
taking
a
request.
A
That
was
a
little
bit
weird
and
doing
the
what
looks
like
in
retrospect,
the
obvious
smartphone
that
looks
that
looks
really
nice
to
be
able
to
filter
by
rds
engine,
because
we
can
look
for
applications
and
things
like
that.
That
came
out
of
jameson's
work,
taking
in
rds
vulnerability
report
and
turning
it
into
an
example
policy.
And
then
we
had
some
discussion
and
getting
like
hey.
Could
we
make
this
a
smarter
look
up
and
then
with
some
discussion
and
then
the
pr
from
sunny,
I
think,
it'll
be
a
good
way.
A
C
E
A
E
E
Yeah
so
kapil
actually
started
on
this
high
level.
What
this
does
is
when
we
deploy
policies.
This
will
tag
the
associated
resources
with
the
appropriate
tags.
Right
now.
I
believe
they
only
tag
lambda
functions,
but
things
like
config
rules
or
cloud
watch
event
rules.
Those
are
not
tags
and
we
want
those
to
be
tagged
as
well.
So
this
pi
really
helps
us.
E
I
believe
the
last
comment
from
kapil
was:
you
know
this
looks
good,
but
it's
not
tested,
especially
especially
on
user.
That
has
a
large
number
of
policies.
Yeah.
Let's
hear
we
have
200
policies.
I
think
that
that's
a
good
numbers
of
policy,
if,
if
you
guys
want
us
to
be
the
one
to
test
this
we'll
be
more
than
happy
to
you,
know,
carry
out
the
testing
to
make
sure
that
this
is
good.
E
F
Yeah,
I
noticed
this
as
well
actually,
like
I
think
a
few
weeks
ago
as
well,
that
we
weren't
we
weren't
tagging
that
so
that
is.
That
would
definitely
be
useful.
I
don't
know
like
whether
are
you
just
not
tagging
the
associated
resources
at
all,
or
do
you
have
like
a
separate
role
that
goes
and
then.
E
A
All
right
and
with
that
that
pretty
much
concludes
the
agenda.
Anyone
else
want
to
use
going
once
twice
if
you're
going
to
pyton,
we'll
see
you
there
if
you're
going
to
coupon,
please
let
us
know
kapila
and
I
will
be
there
for
sure.
Cathy
is
still
slated
to
go
to
kubecon,
but
we'll
see
I
for
sure,
I'm
going
so
I'm
looking
forward
to
meeting
people
there
and
have
everyone
asked
about
kubernetes
support.
That
should
be
a
lot
of
fun.
A
So
with
that,
thank
you,
everyone,
the
notes
and
everything
will
be
published
to
the
usual
places.
There
might
be
a
24-hour
delay
since
I
am
at
a
sprint.
So
can
I
do
the
best
I
can
to
get
it
out
for
you
with
that,
we'll
give
everyone
some
time
back.
Thank
you
very
much
and
thanks
for
your
patience,
everyone
appreciate
it
thanks.
Everybody
thanks.