Error using event-rule invalid-targets filter
See original GitHub issueDescribe the bug
Attempting to clean up event rules with invalid targets, c7n throws an error “TypeError: argument of type ‘NoneType’ is not iterable”
What did you expect to happen?
run the policy without crashing
Cloud Provider
Amazon Web Services (AWS)
Cloud Custodian version and dependency information
Custodian: 0.9.17
Python: 3.7.9 (v3.7.9:13c94747c7, Aug 15 2020, 01:31:08)
[Clang 6.0 (clang-600.0.57)]
Platform: posix.uname_result(sysname='Darwin', nodename='38f9d3ae684c', release='20.6.0', version='Darwin Kernel Version 20.6.0: Tue Apr 19 21:04:45 PDT 2022; root:xnu-7195.141.29~1/RELEASE_X86_64', machine='x86_64')
Using venv: False
Docker: False
Installed:
argcomplete==1.12.3
attrs==19.1.0
boto3==1.21.8
botocore==1.24.8
cffi==1.13.2
cryptography==36.0.1
importlib-metadata==4.11.1
jmespath==0.9.4
jsonschema==3.2.0
more-itertools==7.2.0
pycparser==2.19
pyrsistent==0.15.4
python-dateutil==2.8.2
pyyaml==6.0
s3transfer==0.5.2
setuptools==47.1.0
six==1.12.0
tabulate==0.8.7
typing-extensions==4.1.1
urllib3==1.26.8
zipp==0.6.0
Policy
policies:
- name: event-rule-invalid-target
resource: event-rule
filters:
- type: value
key: ManagedBy
op: not-in
value: 'amazonaws.com'
value_type: swap
- type: invalid-targets
all: true
actions:
- type: delete
force: true
Relevant log/traceback output
% custodian run --cache-period=30 --profile myProfile -v -s ~/c7nout -c test.yml -p event-rule-invalid-target -r us-east-1
2022-07-06 17:08:34,722: custodian.commands:DEBUG Loaded file test.yml. Contains 16 policies
2022-07-06 17:08:36,491: custodian.output:DEBUG Storing output with <LogFile file:///Users/john_wick/c7nout/event-rule-invalid-target/custodian-run.log>
2022-07-06 17:08:36,503: custodian.policy:DEBUG Running policy:event-rule-invalid-target resource:event-rule region:us-east-1 c7n:0.9.17
2022-07-06 17:08:36,511: custodian.cache:DEBUG Using cache file /Users/john_wick/.cache/cloud-custodian.cache
2022-07-06 17:08:36,511: custodian.resources.eventrule:DEBUG Using cached c7n.resources.cw.EventRule: 1989
2022-07-06 17:16:55,368: custodian.cache:DEBUG Using cache file /Users/john_wick/.cache/cloud-custodian.cache
...
2022-07-06 17:18:37,849: custodian.cache:DEBUG Using cache file /Users/john_wick/.cache/cloud-custodian.cache
len(identities) != 1. Actual value: 2
identities:
['AccountServiceListenerQueue', 'AccountServiceListenerQueue']
2022-07-06 17:18:39,524: custodian.cache:DEBUG Using cache file /Users/john_wick/.cache/cloud-custodian.cache
...
2022-07-06 17:18:44,685: custodian.cache:DEBUG Using cache file /Users/john_wick/.cache/cloud-custodian.cache
2022-07-06 17:18:46,319: custodian.output:DEBUG metric:PolicyException Count:1 policy:event-rule-invalid-target restype:event-rule
2022-07-06 17:18:46,319: custodian.output:DEBUG metric:ApiCalls Count:1858 policy:event-rule-invalid-target restype:event-rule
2022-07-06 17:18:46,319: custodian.output:ERROR Error while executing policy
Traceback (most recent call last):
File ".../site-packages/c7n/policy.py", line 290, in run
resources = self.policy.resource_manager.resources()
File ".../site-packages/c7n/query.py", line 536, in resources
resources = self.filter_resources(resources)
File ".../site-packages/c7n/manager.py", line 111, in filter_resources
resources = f.process(resources, event)
File ".../site-packages/c7n/resources/cw.py", line 249, in process
resolved = arn_resolver.resolve(r['c7n:ChildArns'])
File ".../site-packages/c7n/resources/aws.py", line 180, in resolve
rmanager = self.manager.get_resource_manager(rtype)
File ".../site-packages/c7n/manager.py", line 82, in get_resource_manager
if '.' in resource_type:
TypeError: argument of type 'NoneType' is not iterable
2022-07-06 17:18:46,325: custodian.commands:ERROR Error while executing policy event-rule-invalid-target, continuing
Traceback (most recent call last):
File ".../site-packages/c7n/commands.py", line 301, in run
policy()
File ".../site-packages/c7n/policy.py", line 1242, in __call__
resources = mode.run()
File ".../site-packages/c7n/policy.py", line 290, in run
resources = self.policy.resource_manager.resources()
File ".../site-packages/c7n/query.py", line 536, in resources
resources = self.filter_resources(resources)
File ".../site-packages/c7n/manager.py", line 111, in filter_resources
resources = f.process(resources, event)
File ".../site-packages/c7n/resources/cw.py", line 249, in process
resolved = arn_resolver.resolve(r['c7n:ChildArns'])
File ".../site-packages/c7n/resources/aws.py", line 180, in resolve
rmanager = self.manager.get_resource_manager(rtype)
File ".../site-packages/c7n/manager.py", line 82, in get_resource_manager
if '.' in resource_type:
TypeError: argument of type 'NoneType' is not iterable
2022-07-06 17:18:46,326: custodian.commands:ERROR The following policies had errors while executing
- event-rule-invalid-target
Extra information or context
I got the policy working by adding “if rtype is not None:” at line 180 in the resolve method of ArnResolver Class in aws.py, like this:
def resolve(self, arns):
arns = map(Arn.parse, arns)
a_service = operator.attrgetter('service')
a_resource = operator.attrgetter('resource_type')
kfunc = lambda a: (a_service(a), a_resource(a)) # noqa
arns = sorted(arns, key=kfunc)
results = {}
for (service, arn_type), arn_set in itertools.groupby(arns, key=kfunc):
arn_set = list(arn_set)
rtype = ArnResolver.resolve_type(arn_set[0])
if rtype is not None:
rmanager = self.manager.get_resource_manager(rtype)
if rtype == 'sns':
resources = rmanager.get_resources(
[rarn.arn for rarn in arn_set])
else:
resources = rmanager.get_resources(
[rarn.resource for rarn in arn_set])
for rarn, r in zip(rmanager.get_arns(resources), resources):
results[rarn] = r
for rarn in arn_set:
if rarn.arn not in results:
results[rarn.arn] = None
return results
Issue Analytics
- State:
- Created a year ago
- Comments:8
Top Results From Across the Web
aws.event-rule — Cloud Custodian documentation
Filter event rules for invalid targets, Use the all option to find any event rules that have all invalid targets, otherwise defaults to...
Read more >Content filtering in Amazon EventBridge event patterns
With content filtering, you can write complex event patterns that only match events under very specific conditions. For example, you can create an...
Read more >C7n Community Meeting Minutes - HackMD
Cloud Custodian has applied for incubation in the CNCF ... #7564: Error using event-rule invalid-targets filter; #7559: Add 'parent' filter ...
Read more >Using resource-based policies for Amazon EventBridge
When a rule runs in EventBridge, all of the targets associated with the rule are invoked. Rules can invoke Amazon Lambda functions, publish...
Read more >Sending and Receiving an event through EventBridge with ...
But we are not able to monitor that failure event in SNS, SQS and CloudWatch log. Step 4: Create Target: For Select targets,...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
sounds good, but fwiw, states we can handle as its a step function resource.
Sure, go for it, thanks