-
Notifications
You must be signed in to change notification settings - Fork 39
/
tagging.yml
43 lines (39 loc) · 1.41 KB
/
tagging.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
# these policies should be run in the region containing your resources
policies:
#==================
# EC2
#==================
# Remind instance creators to tag their instances with a CostCenter tag
- name: ec2-notify-on-no-cost-center-tag
resource: ec2
mode:
type: periodic
role: arn:aws:iam::842337631775:role/custodian-tagging
schedule: "rate(1 day)"
filters:
- "tag:CostCenter": absent
actions:
- type: notify
template: default
subject: 'Instance missing CostCenter tag'
to:
- resource-owner # this will send an email to the one found in the OwnerContact tag
transport:
type: sqs
queue: https://sqs.us-west-2.amazonaws.com/842337631775/cloud-custodian-mailer
# tag Cloud Custodian-managed instances with Custodian tag
- name: ec2-tag-instances-with-custodian-tag
resource: ec2
# use cloudtrail event, not ec2-instance-state, when you need to filter on an instance's tags (this will let any tagging Lambdas that are triggered by instance creation events take effect first)
mode:
type: cloudtrail
role: arn:aws:iam::842337631775:role/custodian-tagging
events:
- RunInstances
comment: |
# Tag all instances with a Custodian tag, so they'll be subject to the auto-termination policy
filters:
- "tag:Custodian": absent
actions:
- type: tag
key: Custodian