-
Notifications
You must be signed in to change notification settings - Fork 77
/
s3-service-limit-audit.yml
34 lines (34 loc) · 1006 Bytes
/
s3-service-limit-audit.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
policies:
- name: s3-service-limit-audit
resource: s3
description: |
Cloud Custodian S3 Service Limit Audit
comment: |
Periodically check S3 service limit
mode:
type: periodic
role: arn:aws:iam::<account_id>:role/CloudCustodian
schedule: "rate(1 day)"
timeout: 300
filters:
- not:
- "tag:Name": "NoOneWillEverUseThisName"
- type: value
value_type: resource_count
op: gt
value: 200
actions:
- type: notify
template: s3-service-limit-audit.html
slack_template: slack-s3-service-limit-audit
template_format: 'html'
priority_header: '5'
subject: 'S3 Service Limit Audit: S3 Service Limit Exceeded'
to:
- <email_address>
- slack://#<channel>
owner_absent_contact:
- <email_address>
transport:
type: sqs
queue: https://sqs.us-east-1.amazonaws.com/<account_id>/cloud-cloudcustodian