Required Tags auditor
Project description
Please open issues in the Cloud-Inquisitor repository
Description
This auditor reviews, alerts and potentially takes action on AWS objects that are found not to be compliant with the tagging requirements.
Configuration Options
Option name |
Default Value |
Type |
Description |
|---|---|---|---|
alert_settings |
See notes below |
JSON |
Alert and enforcement settings for supported resources |
always_send_email |
True |
bool |
Send emails even in collect mode |
audit_ignore_tag |
cinq_ignore |
string |
Cinq will ignore alerting/enforcement if resources are tagged with this |
audit_scope |
aws_ec2_instance |
string |
Select resources (aws_ec2_instance, aws_s3_bucket) |
collect_only |
True |
bool |
Do not shutdown resources, only update caches |
confirm_shutdown |
True |
bool |
Require manual confirmation before shutting down instances |
email_subject |
Resources missing required tags |
string |
Subject of the new issues email notifications |
enabled |
False |
bool |
Enable the Required Tags auditor |
interval |
30 |
int |
How often the auditor executes, in minutes |
partial_owner_match |
False |
bool |
Allow partial matches of the Owner tag |
permanent_recipient |
[] |
array |
List of email addresses to receive all alerts |
required_tags |
[‘owner’, ‘accounting’, ‘name’] |
array |
List of required tags |
Example - alert_settings:
{
"*": {
"alert": [
"0 seconds",
"15 days"
],
"stop": None,
"remove": "20 weeks",
"scope": []
},
"aws_s3_bucket": {
"alert": [
"0 seconds",
"30 days"
],
"stop": None,
"remove": "10 weeks",
"scope": ["*"]
},
"aws_ec2_instance": {
"alert": [
"0 seconds",
"14 days",
"4 weeks"
],
"stop": "8 weeks",
"remove": "12 weeks",
"scope": ["enabled-account-1", "enabled-account-2"]
}
}Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
