aws.launch-config

Filters

age

Filter ASG launch configuration by age (in days)

example:

policies:
  - name: asg-launch-config-old
    resource: launch-config
    filters:
      - type: age
        days: 90
        op: ge
properties:
  days:
    type: number
  op:
    enum:
    - eq
    - equal
    - ne
    - not-equal
    - gt
    - greater-than
    - ge
    - gte
    - le
    - lte
    - lt
    - less-than
    - glob
    - regex
    - regex-case
    - in
    - ni
    - not-in
    - contains
    - difference
    - intersect
    - mod
  type:
    enum:
    - age
required:
- type

json-diff

Compute the diff from the current resource to a previous version.

A resource matches the filter if a diff exists between the current resource and the selected revision.

Utilizes config as a resource revision database.

Revisions can be selected by date, against the previous version, and against a locked version (requires use of is-locked filter).

properties:
  selector:
    enum:
    - previous
    - date
    - locked
  selector_value:
    type: string
  type:
    enum:
    - json-diff
required:
- type

Permissions - config:GetResourceConfigHistory

unused

Filters all launch configurations that are not in use but exist

example:

policies:
  - name: asg-unused-launch-config
    resource: launch-config
    filters:
      - unused
properties:
  type:
    enum:
    - unused
required:
- type

Permissions - autoscaling:DescribeAutoScalingGroups, autoscaling:DescribeTags

Actions

delete

Filters all unused launch configurations

example:

policies:
  - name: asg-unused-launch-config-delete
    resource: launch-config
    filters:
      - unused
    actions:
      - delete
properties:
  type:
    enum:
    - delete
required:
- type

Permissions - autoscaling:DeleteLaunchConfiguration