Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def main():
parser = setup_parser()
options = parser.parse_args()
logging.basicConfig(level=logging.DEBUG)
logging.getLogger('botocore').setLevel(logging.ERROR)
if not options.group and not options.prefix:
print("Error: Either group or prefix must be specified")
sys.exit(1)
session_factory = SessionFactory(
options.region, options.profile, options.assume)
groups = get_groups(session_factory, options)
func = logsub.get_function(
session_factory,
"cloud-custodian-error-notify",
role=options.role,
sns_topic=options.topic,
subject=options.subject,
log_groups=groups,
pattern=options.pattern)
manager = LambdaManager(session_factory)
try:
manager.publish(func)
except Exception:
def get_session(role, session_name, profile, region):
if role:
return assumed_session(role, session_name, region=region)
else:
return SessionFactory(region, profile)()
lambda: SessionFactory(
region, profile=account.get('profile'),
assume_role=account.get('role'))(),
bucket,
def get_session(role, session_name, profile):
region = os.environ.get('AWS_DEFAULT_REGION', 'eu-west-1')
if role:
return assumed_session(role, session_name, region=region)
else:
return SessionFactory(region, profile)()
def region_gc(options, region, policy_config, policies):
session_factory = SessionFactory(
region=region,
assume_role=policy_config.assume_role,
profile=policy_config.profile,
external_id=policy_config.external_id)
manager = mu.LambdaManager(session_factory)
funcs = list(manager.list_functions(options.prefix))
client = session_factory().client('lambda')
remove = []
current_policies = [p.name for p in policies]
pattern = re.compile(options.policy_regex)
for f in funcs:
if not pattern.match(f['FunctionName']):
continue
match = False
def get_session_factory(self, options):
return SessionFactory(
options.region,
options.profile,
options.assume_role,
options.external_id)
def process_bucket(
bucket_name, prefix,
output=None, uid_filter=None, event_filter=None,
service_filter=None, not_service_filter=None, data_dir=None):
session_factory = SessionFactory(
options.region, options.profile, options.assume_role)
s3 = session_factory().client(
's3', config=Config(signature_version='s3v4'))
paginator = s3.get_paginator('list_objects')
# PyPy has some memory leaks.... :-(
pool = Pool(maxtasksperchild=10)
t = time.time()
object_count = object_size = 0
log.info("Processing:%d cloud-trail %s" % (
cpu_count(),
prefix))
record_processor = partial(
def load(bucket, prefix, account, region, resource_map, db, day, month, year,
assume, profile):
"""Ingest cloudtrail events from s3 into resource owner db.
"""
load_resource_map(resource_map)
prefix = get_bucket_path(prefix, account, region, day, month, year)
session_factory = SessionFactory(region=region, profile=profile, assume_role=assume)
process_bucket(session_factory, bucket, prefix, db)