PyPI - cloud-governance - Versions diffs - 1.1.369__tar.gz → 1.1.371__tar.gz - Mend

cloud-governance 1.1.369tar.gz → 1.1.371tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (279) hide show

{cloud_governance-1.1.369/cloud_governance.egg-info → cloud_governance-1.1.371}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cloud-governance
-Version: 1.1.369
+Version: 1.1.371
 Summary: Cloud Governance Tool
 Home-page: https://github.com/redhat-performance/cloud-governance
 Author: Red Hat
@@ -103,6 +103,7 @@ List of Policies:
 - zombie_snapshots
 - unused_nat_gateway
 - s3_inactive
+- unused_access_key
 - empty_roles
 - tag_resources
 - tag_iam_user

{cloud_governance-1.1.369 → cloud_governance-1.1.371}/README.md RENAMED Viewed

@@ -35,6 +35,7 @@ List of Policies:
 - zombie_snapshots
 - unused_nat_gateway
 - s3_inactive
+- unused_access_key
 - empty_roles
 - tag_resources
 - tag_iam_user

cloud_governance-1.1.371/cloud_governance/common/clouds/aws/iam/iam_operations.py ADDED Viewed

@@ -0,0 +1,317 @@
+import os
+import boto3
+from cloud_governance.common.clouds.aws.utils.common_methods import get_boto3_client
+from cloud_governance.common.clouds.aws.utils.utils import Utils
+from cloud_governance.common.logger.init_logger import logger
+from datetime import datetime, timezone
+class IAMOperations:
+    ACCESS_KEY_LABEL_MAP = {"access key 1": 0, "access key 2": 1}
+    def __init__(self, iam_client=None):
+        self.iam_client = iam_client if iam_client else get_boto3_client('iam')
+        self.utils = Utils()
+        self.__sts_client = boto3.client('sts')
+    @property
+    def get_iam_client(self):
+        return self.iam_client
+    def get_user_tags(self, username: str):
+        """
+        This method return tags from the iam resources
+        @param username:
+        @return:
+        """
+        try:
+            user = self.iam_client.get_user(UserName=username)['User']
+            if user.get('Tags'):
+                return user.get('Tags')
+            else:
+                return []
+        except:
+            return []
+    def get_roles(self):
+        """
+        This method returns all roles
+        @return:
+        """
+        return self.utils.get_details_resource_list(func_name=self.iam_client.list_roles, input_tag='Roles',
+                                                    check_tag='Marker')
+    def get_users(self):
+        """
+        This method returns all users
+        @return:
+        """
+        return self.utils.get_details_resource_list(self.iam_client.list_users, input_tag='Users', check_tag='Marker')
+    def get_account_alias_cloud_name(self):
+        """
+        This method returns the aws account alias and cloud name
+        @return:
+        """
+        try:
+            account_alias = self.iam_client.list_account_aliases()['AccountAliases']
+            if account_alias:
+                return account_alias[0].upper(), 'AwsCloud'.upper()
+        except:
+            return os.environ.get('account', '').upper(), 'AwsCloud'.upper()
+    def get_iam_users_list(self):
+        """
+        This method return the IAM users list
+        :return:
+        """
+        iam_users = []
+        users = self.get_users()
+        for user in users:
+            iam_users.append(user.get('UserName'))
+        return iam_users
+    def get_aws_account_id_name(self):
+        """
+        This method returns the aws account_id
+        :return:
+        """
+        response = self.__sts_client.get_caller_identity()
+        account_id = response['Account']
+        return account_id
+    def get_role(self, role_name: str):
+        """
+        This method returns the iam role data
+        :param role_name:
+        :return:
+        """
+        role_data = {}
+        try:
+            role_data = self.iam_client.get_role(RoleName=role_name).get('Role')
+        except Exception as err:
+            logger.error(err)
+        return role_data
+    def list_inline_role_policies(self, role_name: str):
+        """
+        This method returns the iam role inline policies
+        :param role_name:
+        :return:
+        """
+        role_policies = []
+        try:
+            role_policies = self.iam_client.list_role_policies(RoleName=role_name).get('PolicyNames', [])
+        except Exception as err:
+            logger.error(err)
+        return role_policies
+    def list_attached_role_policies(self, role_name: str):
+        """
+        This method returns the iam role attached policies
+        :param role_name:
+        :return:
+        """
+        attached_policies = []
+        try:
+            attached_policies = self.iam_client.list_attached_role_policies(RoleName=role_name).get('AttachedPolicies',
+                                                                                                    [])
+        except Exception as err:
+            logger.error(err)
+        return attached_policies
+    def delete_role(self, role_name: str):
+        """
+        This method deletes the iam role
+        :param role_name:
+        :return:
+        """
+        try:
+            self.iam_client.delete_role(RoleName=role_name)
+            return True
+        except Exception as err:
+            raise err
+    def tag_role(self, role_name: str, tags: list):
+        """
+        This method tags the iam role
+        :param role_name:
+        :param tags:
+        :return:
+        """
+        try:
+            self.iam_client.tag_role(RoleName=role_name, Tags=tags)
+            return True
+        except Exception as err:
+            raise err
+    def untag_role(self, role_name: str, tags: list):
+        """
+        This method untags the iam role
+        :param role_name:
+        :param tags:
+        :return:
+        """
+        try:
+            self.iam_client.untag_role(RoleName=role_name,
+                                       TagKeys=[key for tag in tags for key, _ in tag.items() if key == 'Key'])
+            return True
+        except Exception as err:
+            raise err
+    def tag_user(self, user_name: str, tags: list):
+        """
+        This method tags the IAM user.
+        :param user_name: The name of the IAM user to tag.
+        :param tags: A list of tags to associate with the user.
+        :return: True if tagging is successful, otherwise raises an exception.
+        """
+        try:
+            self.iam_client.tag_user(UserName=user_name, Tags=tags)
+            return True
+        except Exception as err:
+            raise err
+    def get_iam_users_access_keys(self):
+        """
+        Retrieves IAM users and summarizes:
+            - Access key status (active/inactive)
+            - Access key age in days
+            - Access key last used in days (or "N/A" if never used)
+            - Tags (as a list of dictionaries)
+            - Most recent key usage: last_activity_days
+            - IAM client region (global context, since IAM is non-regional)
+            - IAM user unique ID: ResourceId
+        Returns:
+            dict: {
+                "username": {
+                    "Access key 1": [status, age_days, last_used_days],
+                    "Access key 2": [...],
+                    "last_activity_days": int or "N/A",
+                    "tags": [{"Key": "tag_key", "Value": "tag_value"}, ...],
+                    "region": "us-east-1",
+                    "ResourceId": "AIDAEXAMPLEUSERID"
+                },
+                ...
+            }
+        """
+        result = {}
+        now = datetime.now(timezone.utc)
+        region_name = self.iam_client.meta.region_name or "global"
+        paginator = self.iam_client.get_paginator('list_users')
+        for page in paginator.paginate():
+            for user in page['Users']:
+                username = user['UserName']
+                result[username] = {}
+                # Access keys
+                access_keys = self.iam_client.list_access_keys(UserName=username)['AccessKeyMetadata']
+                for idx, key in enumerate(access_keys, start=1):
+                    label = f"Access key {idx}"
+                    status = key['Status'].lower()
+                    age_days = (now - key['CreateDate']).days
+                    # Get access key last used
+                    try:
+                        response = self.iam_client.get_access_key_last_used(AccessKeyId=key['AccessKeyId'])
+                        last_used_date = response.get('AccessKeyLastUsed', {}).get('LastUsedDate')
+                        if last_used_date:
+                            last_used_days = (now - last_used_date).days
+                        else:
+                            last_used_days = "N/A"
+                    except Exception:
+                        last_used_days = "N/A"
+                    result[username][label] = {'label': label, 'status': status, 'age_days': age_days, 'last_activity_days': last_used_days if last_used_days is not None else "N/A"}
+                # Tags as list of dicts
+                try:
+                    tag_response = self.iam_client.list_user_tags(UserName=username)
+                    tags = tag_response.get('Tags', [])
+                except Exception:
+                    tags = []
+                result[username]["tags"] = tags
+                result[username]["region"] = region_name
+                result[username]["ResourceId"] = user.get('UserId')  # <-- Unique ID
+        return result
+    def has_active_access_keys(self, username: str, access_key_label: str = None) -> bool:
+        """
+        Checks if the given IAM user has any active access keys.
+        Optionally filters by access key label ("Access Key 1" or "Access Key 2").
+        Args:
+            username (str): IAM user name
+            access_key_label (str): Label to filter access keys ("Access Key 1"/"Access Key 2")
+        Returns:
+            bool: True if any access key is active (and matches the label if provided), False otherwise
+        """
+        try:
+            keys = self.iam_client.list_access_keys(UserName=username)['AccessKeyMetadata']
+        except Exception as e:
+            logger.error(f"Failed to list access keys for user '{username}': {e}")
+            return False
+        # Sort keys by CreateDate ascending (oldest first)
+        keys.sort(key=lambda k: k['CreateDate'])
+        if access_key_label:
+            idx = self.ACCESS_KEY_LABEL_MAP.get(access_key_label.lower())
+            if idx is None or idx >= len(keys):
+                return False
+            return keys[idx].get('Status') == 'Active'
+        return any(k.get('Status') == 'Active' for k in keys)
+    def deactivate_user_access_key(self, username: str, **kwargs):
+        """
+        Deactivates the specified access key for the given IAM user.
+        Args:
+            username (str): IAM user name
+            access_key_label (str): Access Key 1 or Access Key 2 (case-insensitive)
+        """
+        access_key_label = kwargs.get('access_key_label', '').lower()
+        if not access_key_label:
+            logger.warning("No access key label provided for deactivation.")
+            return
+        try:
+            access_keys = self.iam_client.list_access_keys(UserName=username)['AccessKeyMetadata']
+        except Exception as e:
+            logger.error(f"Failed to list access keys for user '{username}': {e}")
+            return
+        # Sort keys by CreateDate ascending (oldest first) for consistent indexing
+        access_keys.sort(key=lambda k: k['CreateDate'])
+        idx = self.ACCESS_KEY_LABEL_MAP.get(access_key_label)
+        if idx is None or idx >= len(access_keys):
+            logger.warning(f"Access key label '{access_key_label}' not found for user '{username}'")
+            return
+        key_to_deactivate = access_keys[idx]
+        access_key_id = key_to_deactivate['AccessKeyId']
+        current_status = key_to_deactivate['Status'].lower()
+        if current_status == 'active':
+            try:
+                self.iam_client.update_access_key(
+                    UserName=username,
+                    AccessKeyId=access_key_id,
+                    Status='Inactive'
+                )
+                logger.info(f"Access key '{access_key_id}' deactivated for user '{username}'")
+            except Exception as e:
+                logger.error(f"Failed to deactivate access key '{access_key_id}' for user '{username}': {e}")
+        else:
+            logger.info(f"Access key '{access_key_id}' is already inactive for user '{username}'")
+        logger.info(f"Access key deactivation processed for user '{username}'.")

{cloud_governance-1.1.369 → cloud_governance-1.1.371}/cloud_governance/common/elasticsearch/modals/policy_es_data.py RENAMED Viewed

@@ -37,6 +37,8 @@ class PolicyEsMetaData(dict):
     launch_time: str = ''
     running_days: int = ''
     create_date: str = ''
+    age_days: int = ''
+    last_activity_days: int = ''
     def __post_init__(self):
         """

{cloud_governance-1.1.369 → cloud_governance-1.1.371}/cloud_governance/common/utils/configs.py RENAMED Viewed

@@ -22,6 +22,8 @@ INSTANCE_IDLE_NETWORK_OUT_KILO_BYTES = 5  # In KiB
 EC2_NAMESPACE = 'AWS/EC2'
 CLOUDWATCH_METRICS_AVAILABLE_DAYS = 14
 AWS_DEFAULT_GLOBAL_REGION = 'us-east-1'
+UNUSED_ACCESS_KEY_DAYS = 90
+UNUSED_ACCESS_KEY_MAX_DAY = 1000
 # X86 to Graviton
 GRAVITON_MAPPINGS = {

{cloud_governance-1.1.369 → cloud_governance-1.1.371}/cloud_governance/main/environment_variables.py RENAMED Viewed

@@ -98,7 +98,7 @@ class EnvironmentVariables:
                                                                     'ip_unattached', 'unused_nat_gateway',
                                                                     'instance_idle',
                                                                     'ec2_stop', 'ebs_in_use', 'database_idle',
-                                                                    's3_inactive',
+                                                                    's3_inactive', 'unused_access_key',
                                                                     'empty_roles',
                                                                     'zombie_snapshots', 'skipped_resources',
                                                                     'monthly_report', 'optimize_resources_report']
@@ -283,6 +283,8 @@ class EnvironmentVariables:
         self._environment_variables_dict['POLICIES_TO_ALERT'] = literal_eval(
             EnvironmentVariables.get_env('POLICIES_TO_ALERT', '[]'))
         self._environment_variables_dict['ADMIN_MAIL_LIST'] = EnvironmentVariables.get_env('ADMIN_MAIL_LIST', '')
+        self._environment_variables_dict['SKIP_POLICIES_ALERT'] = literal_eval(
+            EnvironmentVariables.get_env('SKIP_POLICIES_ALERT', "['']"))
         if self._environment_variables_dict.get('policy') in ['send_aggregated_alerts', 'cloudability_cost_reports']:
             self._environment_variables_dict['COMMON_POLICIES'] = True
         # CRO -- Cloud Resource Orch

{cloud_governance-1.1.369 → cloud_governance-1.1.371}/cloud_governance/main/main_oerations/main_operations.py RENAMED Viewed

@@ -42,7 +42,7 @@ class MainOperations:
             # @Todo support for all the aws policies, currently supports ec2_run as urgent requirement
             if self._policy in policies and self._policy in ["instance_run", "unattached_volume", "cluster_run",
                                                              "ip_unattached", "unused_nat_gateway", "instance_idle",
-                                                             "zombie_snapshots", "database_idle", "s3_inactive",
+                                                             "zombie_snapshots", "database_idle", "s3_inactive", "unused_access_key",
                                                              "empty_roles", "tag_resources", "cost_usage_reports"]:
                 source = policy_type
                 if Utils.equal_ignore_case(policy_type, self._public_cloud_name):

{cloud_governance-1.1.369 → cloud_governance-1.1.371}/cloud_governance/policy/aws/monthly_report.py RENAMED Viewed

@@ -37,7 +37,8 @@ class MonthlyReport:
             'ip_unattached': 'Delete all the elastic_ips that are unused',
             'unused_nat_gateway': ' Delete all unused nat gateways',
             'zombie_snapshots': 'Delete all the snapshots which the AMI does not use',
-            's3_inactive': 'Delete the empty buckets which don’t have any content.',
+            's3_inactive': 'Delete the empty buckets which don’t have any content',
+            'unused_access_key': 'Deactivate user access keys that are still active but have not been used',
             'empty_roles': 'Delete the empty role which does\'t have any policies',
             'zombie_cluster_resource': 'Delete up the cluster resources which are not deleted while cleaning the cluster'
         }

cloud_governance-1.1.371/cloud_governance/policy/aws/unused_access_key.py ADDED Viewed

@@ -0,0 +1,55 @@
+from cloud_governance.common.utils.configs import UNUSED_ACCESS_KEY_DAYS, UNUSED_ACCESS_KEY_MAX_DAY
+from cloud_governance.policy.helpers.aws.aws_policy_operations import AWSPolicyOperations
+class UnusedAccessKey(AWSPolicyOperations):
+    RESOURCE_ACTION = "DeActivate"
+    def __init__(self):
+        super().__init__()
+    def run_policy_operations(self):
+        """
+        This method returns a list of users with at least one active access key whose last used date is greater than UNUSED_ACCESS_KEY_DAYS
+        :return:
+        :rtype:
+        """
+        unused_access_keys = []
+        iam_users_access_keys = self._get_iam_users_access_keys()
+        for username, user_data in iam_users_access_keys.items():
+            for access_key_label, access_key_data in user_data.items():
+                if 'access key' in access_key_label.lower():
+                    last_activity_days = access_key_data['last_activity_days']
+                    age_days = access_key_data['age_days']
+                    # if access key last_activity_days is "N/A", use age_days
+                    if last_activity_days == "N/A":
+                        last_activity_days = age_days
+                    region = user_data['region']
+                    user_name = username
+                    tags = user_data.get('Tags', [])
+                    cleanup_result = False
+                    cleanup_days = 0
+                    if int(last_activity_days) >= UNUSED_ACCESS_KEY_DAYS and self._has_active_access_keys(user_name, access_key_label) and self.get_skip_policy_value(tags=tags) not in ('NOTDELETE', 'SKIP'):
+                        cleanup_days = self.get_clean_up_days_count(tags=tags)
+                        cleanup_result = self.verify_and_delete_resource(resource_id=user_name, tags=tags,
+                                                                         clean_up_days=cleanup_days, access_key_label=access_key_label)
+                        resource_data = self._get_es_schema(resource_id=user_name,
+                                                            user=self.get_tag_name_from_tags(tags=tags, tag_name='User'),
+                                                            skip_policy=self.get_skip_policy_value(tags=tags),
+                                                            cleanup_days=cleanup_days,
+                                                            dry_run=self._dry_run,
+                                                            name=user_name,
+                                                            region=region,
+                                                            cleanup_result=str(cleanup_result),
+                                                            resource_action=self.RESOURCE_ACTION,
+                                                            cloud_name=self._cloud_name,
+                                                            resource_type='UnusedAccessKey',
+                                                            resource_state='Active',
+                                                            age_days=age_days,
+                                                            last_activity_days=last_activity_days,
+                                                            unit_price=0)
+                        unused_access_keys.append(resource_data)
+                    if not cleanup_result:
+                        self.update_resource_day_count_tag(resource_id=user_name, cleanup_days=cleanup_days, tags=tags)
+        return unused_access_keys

{cloud_governance-1.1.369 → cloud_governance-1.1.371}/cloud_governance/policy/common_policies/send_aggregated_alerts.py RENAMED Viewed

@@ -20,6 +20,7 @@ class SendAggregatedAlerts:
         self.__mail_to = self.__environment_variables.get('EMAIL_TO')  # testing purposes
         self.__mail_cc = self.__environment_variables.get('EMAIL_CC', [])
         self.__alert_dry_run = self.__environment_variables.get('ALERT_DRY_RUN')
+        self.__skip_policies_alert = self.__environment_variables.get('SKIP_POLICIES_ALERT')
         self.__mail_message = MailMessage()
         self.__postfix = Postfix()
         self.__es_operations = ElasticSearchOperations()
@@ -55,7 +56,7 @@ class SendAggregatedAlerts:
                                     "ebs_in_use",
                                     "instance_run", "cluster_run", "optimize_resource_report",
                                     "optimize_resources_report", "skipped_resources"
-                                ]
+                                ] + self.__skip_policies_alert
                             }
                         }
                     ],
@@ -162,7 +163,8 @@ class SendAggregatedAlerts:
                     if days >= days_to_take_action:
                         delete_date = datetime.utcnow().date().__str__()
                         alert_user = True
-                if record.get('policy') in ['empty_roles', 's3_inactive']:
+                # Cross region policies
+                if record.get('policy') in ['empty_roles', 's3_inactive', 'unused_access_key']:
                     record['RegionName'] = 'us-east-1'
                 if Utils.equal_ignore_case(dry_run, 'yes'):
                     record['DeleteDate'] = 'dry_run=yes'

{cloud_governance-1.1.369 → cloud_governance-1.1.371}/cloud_governance/policy/helpers/abstract_policy_operations.py RENAMED Viewed

@@ -111,7 +111,7 @@ class AbstractPolicyOperations(ABC):
         return 'NA'
     @abstractmethod
-    def _delete_resource(self, resource_id: str):
+    def _delete_resource(self, resource_id: str, **kwargs):
         """
         This method deletes the resource
         :param resource_id:
@@ -144,7 +144,7 @@ class AbstractPolicyOperations(ABC):
         :rtype:
         """
         if self._resource_id == resource_id and self._force_delete and self._dry_run == 'no':
-            self._delete_resource(resource_id=resource_id)
+            self._delete_resource(resource_id=resource_id, **kwargs)
             return True
         if not days_to_delete_resource:
             days_to_delete_resource = self._days_to_take_action
@@ -157,7 +157,7 @@ class AbstractPolicyOperations(ABC):
                 if clean_up_days >= days_to_delete_resource:
                     if self._dry_run == 'no':
                         if self.get_skip_policy_value(tags=tags) not in ('NOTDELETE', 'SKIP'):
-                            self._delete_resource(resource_id=resource_id)
+                            self._delete_resource(resource_id=resource_id, **kwargs)
                             cleanup_resources = True
         return cleanup_resources

{cloud_governance-1.1.369 → cloud_governance-1.1.371}/cloud_governance/policy/helpers/aws/aws_policy_operations.py RENAMED Viewed

@@ -21,7 +21,7 @@ class AWSPolicyOperations(AbstractPolicyOperations):
         self.policy_name = self._environment_variables_dict.get('policy')
         self._cloud_name = 'AWS'
         self._ec2_client = get_boto3_client(client='ec2', region_name=self._region)
-        self._s3_client = get_boto3_client('s3', region_name=self._region)
+        self._s3_client = get_boto3_client(client='s3', region_name=self._region)
         self._iam_operations = IAMOperations()
         self._rds_operations = RDSOperations(region_name=self._region)
         self._s3operations = S3Operations(region_name=self._region)
@@ -46,7 +46,7 @@ class AWSPolicyOperations(AbstractPolicyOperations):
                     return tag.get('Value').strip()
         return ''
-    def _delete_resource(self, resource_id: str):
+    def _delete_resource(self, resource_id: str, **kwargs):
         """
         This method deletes the resource by verifying the policy
         :param resource_id:
@@ -58,6 +58,8 @@ class AWSPolicyOperations(AbstractPolicyOperations):
         try:
             if self._policy == 's3_inactive':
                 self._s3_client.delete_bucket(Bucket=resource_id)
+            elif self._policy == 'unused_access_key':
+                self._iam_operations.deactivate_user_access_key(username=resource_id, **kwargs)
             elif self._policy == 'empty_roles':
                 response = self._iam_operations.delete_role(role_name=resource_id)
             elif self._policy == 'unattached_volume':
@@ -147,6 +149,8 @@ class AWSPolicyOperations(AbstractPolicyOperations):
         try:
             if self._policy == 's3_inactive':
                 self._s3_client.put_bucket_tagging(Bucket=resource_id, Tagging={'TagSet': tags})
+            elif self._policy == 'unused_access_key':
+                self._iam_operations.tag_user(user_name=resource_id, tags=tags)
             elif self._policy == 'empty_roles':
                 self._iam_operations.tag_role(role_name=resource_id, tags=tags)
             elif self._policy in ('ip_unattached', 'unused_nat_gateway', 'zombie_snapshots', 'unattached_volume',
@@ -196,6 +200,29 @@ class AWSPolicyOperations(AbstractPolicyOperations):
         volumes = self._ec2_operations.get_volumes(**kwargs)
         return volumes
+    def _get_iam_users_access_keys(self) -> dict:
+        """
+        This method returns a list of user access keys with their age in days, last used time in days, user tags, and more.
+        :return: list of user access keys
+        """
+        return self._iam_operations.get_iam_users_access_keys()
+    def _has_active_access_keys(self, user_name: str, access_key_label: str) -> bool:
+        """
+        This method checks if the given IAM user has any active access keys.
+        :return:
+        :rtype:
+        """
+        return self._iam_operations.has_active_access_keys(username=user_name, access_key_label=access_key_label)
+    def _deactivate_access_key(self, user_name: str, access_key_label: str) -> bool:
+        """
+        This method checks if the given IAM user has any active access keys.
+        :return:
+        :rtype:
+        """
+        return self._iam_operations.deactivate_user_access_key(username=user_name, access_key_label=access_key_label)
     def _get_active_cluster_ids(self):
         """
         This method returns the active cluster id's

{cloud_governance-1.1.369 → cloud_governance-1.1.371}/cloud_governance/policy/policy_operations/aws/zombie_non_cluster/zombie_non_cluster_polices.py RENAMED Viewed

@@ -45,7 +45,7 @@ class ZombieNonClusterPolicies(NonClusterZombiePolicy):
                         logger.error('ElasticSearch host is not pingable, Please check ')
                     if self._policy_output:
-                        # if self._policy not in ('ec2_idle', 'ebs_in_use', 'ec2_run', 's3_inactive', 'zombie_snapshots', 'nat_gateway_unused'):
+                        # if self._policy not in ('ec2_idle', 'ebs_in_use', 'ec2_run', 's3_inactive', 'unused_access_key', 'zombie_snapshots', 'nat_gateway_unused'):
                         #     beautify_data = self._beautify_upload_data(upload_resource_data=response)
                         #     policy_result = {'count': len(beautify_data), self._policy: beautify_data}
                         logger.info(policy_result)

{cloud_governance-1.1.369 → cloud_governance-1.1.371/cloud_governance.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cloud-governance
-Version: 1.1.369
+Version: 1.1.371
 Summary: Cloud Governance Tool
 Home-page: https://github.com/redhat-performance/cloud-governance
 Author: Red Hat
@@ -103,6 +103,7 @@ List of Policies:
 - zombie_snapshots
 - unused_nat_gateway
 - s3_inactive
+- unused_access_key
 - empty_roles
 - tag_resources
 - tag_iam_user

{cloud_governance-1.1.369 → cloud_governance-1.1.371}/cloud_governance.egg-info/SOURCES.txt RENAMED Viewed

@@ -177,6 +177,7 @@ cloud_governance/policy/aws/optimize_resources_report.py
 cloud_governance/policy/aws/s3_inactive.py
 cloud_governance/policy/aws/skipped_resources.py
 cloud_governance/policy/aws/spot_savings_analysis.py
+cloud_governance/policy/aws/unused_access_key.py
 cloud_governance/policy/aws/zombie_cluster_resource.py
 cloud_governance/policy/aws/zombie_snapshots.py
 cloud_governance/policy/aws/cleanup/__init__.py

{cloud_governance-1.1.369 → cloud_governance-1.1.371}/setup.py RENAMED Viewed

@@ -2,7 +2,7 @@ from codecs import open
 from os import path
 from setuptools import setup, find_packages
-__version__ = '1.1.369'
+__version__ = '1.1.371'
 here = path.abspath(path.dirname(__file__))

cloud-governance 1.1.369__tar.gz → 1.1.371__tar.gz

cloud-governance 1.1.369tar.gz → 1.1.371tar.gz