[英]Filter for all resources inside specified resource groups
I'm trying to use cloud custodian to create a cleanup script for a playground environment.我正在尝试使用云管理员为游乐场环境创建清理脚本。 Each developer gets their own resource group (where they have contributor permissions), and can create any resources inside that resource group.每个开发人员都有自己的资源组(他们拥有贡献者权限),并且可以在该资源组内创建任何资源。 I want to delete all resources inside each resource group weekly.我想每周删除每个资源组中的所有资源。
I noticed there is a parent filter available.我注意到有一个可用的父过滤器。 So I tried to do something like this:所以我试着做这样的事情:
policies:
- name: delete-playground-resources
resource: azure.armresource
filters:
- type: parent
filter:
- type: value
key: name
op: regex
value: '^myprefix*$'
But that produced a validation error:但这产生了一个验证错误:
2022-06-28 15:53:31,641: custodian.commands:ERROR invalid policy file: custodian.yml error: Failed to validate policy [{'type': 'value', 'key': 'name', 'op': 'regex', 'value': '^myprefix*$'}] is not of type 'number' 2022-06-28 15:53:31,641: custodian.commands:ERROR 无效的策略文件: custodian.yml 错误: 无法验证策略 [{'type': 'value', 'key': 'name', 'op' : 'regex', 'value': '^myprefix*$'}] 不是 'number' 类型
Failed validating 'type' in schema[0]: {'type': 'number'}在架构 [0] 中验证“类型”失败:{“类型”:“数字”}
On instance: [{'key': 'name', 'op': 'regex', 'type': 'value', 'value': '^myprefix*$'}] {'name': 'delete-playground-resources', 'resource': 'azure.armresource', 'filters': [{'type': 'parent', 'filter': [{'type': 'value', 'key': 'name', 'op': 'regex', 'value': '^myprefix*$'}]}]} is not valid under any of the given schemas实例: [{'key': 'name', 'op': 'regex', 'type': 'value', 'value': '^myprefix*$'}] {'name': 'delete-playground -resources','resource':'azure.armresource','filters':[{'type':'parent','filter':[{'type':'value','key':'name', 'op': 'regex', 'value': '^myprefix*$'}]}]} 在任何给定模式下均无效
I'm guessing the parent
filter isn't supported on the type azure.armresource
(especially since it's not listed here ).我猜想azure.armresource
类型不支持parent
过滤器(特别是因为它没有在此处列出)。
If it is supported, what am I doing wrong?如果支持,我做错了什么?
If it's not supported, how else can I get ALL resources inside specific resource groups?如果不支持,我还能如何获取特定资源组中的所有资源?
As mentioned in the documentation , Adding parent filter in the azure.armresource
is not applicable.如文档中所述,在azure.armresource
中添加父过滤器不适用。 You can find the llist of supported filters below:您可以在下面找到支持的过滤器列表:
Instead of using parent filter , you can make use of any one of above mentioned filters.您可以使用上述任何一种过滤器,而不是使用父过滤器。
To delete the resource based on value filter, you can use the below policy by giving name as resource in value.要根据值过滤器删除资源,您可以通过将名称作为值中的资源来使用以下策略。
policies:
- name: delete-resources
resource: azure.armresource
description: |
Deletes any ARM resource based on the name in value
filters:
- type: value
key: name
value: resource name
op: contains
actions:
- type: delete
Reference: Azure Common Actions — Cloud Custodian documentation参考: Azure 常用操作 — Cloud Custodian 文档
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.