aws.kafka
Filters
json-diff
Compute the diff from the current resource to a previous version.
A resource matches the filter if a diff exists between the current resource and the selected revision.
Utilizes config as a resource revision database.
Revisions can be selected by date, against the previous version, and against a locked version (requires use of is-locked filter).
Permissions - config:GetResourceConfigHistory
kms-key
Filter a kafka cluster’s data-volume encryption by its associcated kms key and optionally the aliasname of the kms key by using ‘c7n:AliasName’
- example:
policies:
- name: kafka-kms-key-filter
resource: kafka
filters:
- type: kms-key
key: c7n:AliasName
value: alias/aws/kafka
Permissions - kms:ListKeys, tag:GetResources, kms:ListResourceTags, kms:DescribeKey
Actions
delete
Parent base class for filters and actions.
Permissions - kafka:DeleteCluster
rename-tag
Rename an existing tag key to a new value.
- example:
rename Application, and Bap to App, if a resource has both of the old keys then we’ll use the value specified by Application, which is based on the order of values of old_keys.
policies: - name: rename-tags-example resource: aws.log-group filters: - or: - "tag:Bap": present - "tag:Application": present actions: - type: rename-tag old_keys: [Application, Bap] new_key: App
Permissions - tag:TagResources, tag:UntagResources
set-monitoring
Parent base class for filters and actions.
Permissions - kafka:UpdateClusterConfiguration