-
Notifications
You must be signed in to change notification settings - Fork 50
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Policies for rds_option_group management #144
Policies for rds_option_group management #144
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @alinabuzachis. The permissions look good and your tests pass (after adding the module names to meta/runtime.yml) but you'll also need to add a terminator class for RdsOptionGroup to aws/terminator/data_services.py. It looks like describe_option_group
doesn't provide a created_at timestamp, so you'll need to subclass DbTerminator
(the way RdsDbParameterGroup
is) instead of Terminator
. That tells the terminator to store a record of the first time it saw a resource in its own database so it knows when to expire something.
I also found that RDS creates a default option group for each DB type the first time you make one, that can not be deleted. https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithOptionGroups.html So you'll need to add an ignore
parameter to the new class for option names that start with default:
, kind of like how these policies are ignored for IAM:
https://github.com/mattclay/aws-terminator/blob/master/aws/terminator/security_services.py#L25
@jillr Thank you very much for explaining. I tried to add the RdsOptionGroup class. |
dd9c123
to
88342a9
Compare
…p_info) Signed-off-by: Alina Buzachis <[email protected]>
88342a9
to
1ffe766
Compare
Signed-off-by: Alina Buzachis <[email protected]>
1ffe766
to
e53bf89
Compare
aws/terminator/data_services.py
Outdated
|
||
@property | ||
def ignore(self): | ||
return not self.name.startswith('default') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
return not self.name.startswith('default') | |
return self.name.startswith('default') |
This one is a little confusing because it's kind of a double negative (I had to experiment with it a bit myself). This function returns a list of things to be ignored, not a list of things that excludes what to ignore. So we want to return only those things which start with default
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, done. Thank you.
Signed-off-by: Alina Buzachis <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
resolved the merge conflict, LGTM
rds_option_group (_info) new modules SUMMARY Attempt to resurrect ansible/ansible#25290 Fixes: #463 ISSUE TYPE New Module Pull Request COMPONENT NAME rds_option_group rds_option_group_info Requires: mattclay/aws-terminator#144 Reviewed-by: Mark Chappell <None> Reviewed-by: Alina Buzachis <None> Reviewed-by: None <None>
rds_option_group (_info) new modules SUMMARY Attempt to resurrect ansible/ansible#25290 Fixes: ansible-collections#463 ISSUE TYPE New Module Pull Request COMPONENT NAME rds_option_group rds_option_group_info Requires: mattclay/aws-terminator#144 Reviewed-by: Mark Chappell <None> Reviewed-by: Alina Buzachis <None> Reviewed-by: None <None> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@142836b
rds_option_group (_info) new modules SUMMARY Attempt to resurrect ansible/ansible#25290 Fixes: ansible-collections#463 ISSUE TYPE New Module Pull Request COMPONENT NAME rds_option_group rds_option_group_info Requires: mattclay/aws-terminator#144 Reviewed-by: Mark Chappell <None> Reviewed-by: Alina Buzachis <None> Reviewed-by: None <None> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@142836b
rds_option_group (_info) new modules SUMMARY Attempt to resurrect ansible/ansible#25290 Fixes: ansible-collections#463 ISSUE TYPE New Module Pull Request COMPONENT NAME rds_option_group rds_option_group_info Requires: mattclay/aws-terminator#144 Reviewed-by: Mark Chappell <None> Reviewed-by: Alina Buzachis <None> Reviewed-by: None <None>
rds_option_group (_info) new modules SUMMARY Attempt to resurrect ansible/ansible#25290 Fixes: ansible-collections#463 ISSUE TYPE New Module Pull Request COMPONENT NAME rds_option_group rds_option_group_info Requires: mattclay/aws-terminator#144 Reviewed-by: Mark Chappell <None> Reviewed-by: Alina Buzachis <None> Reviewed-by: None <None>
Add policies for new modules -
rds_option_group
andrds_option_group_info
ansible-collections/community.aws#517