Mangage retry from AWS in realtime remediations and concurrent remediation (S3)

31 views

Skip to first unread message

jnma...@beamap.fr

unread,

Nov 30, 2018, 4:06:23 AM11/30/18

to cloud-custodian

Hello,

We have implemented event based remediation on S3 services with cloudcustodian to forbid public access and have regularly technical issue form AWS :
A conflicting conditional operation is currently in progress against. Please try again

We use following configuration

policies:
    - name: s3-delete-global-grants
        resource: s3
        filters:
            - type: global-grants
        mode:
            type: cloudtrail
            events:
                - source: s3.amazonaws.com
                event: PutBucketAcl
                ids:requestParameters.bucketName
        actions:
             - delete-global-grants
             grantes:
                 - "http://acs.amazonaws.com/groups/global/AllUsers"
                 - "http://acs.amazonaws.com/groups/global/AuthenticatedUsers"
Is there a way to make a retry in action block ?
How to manage this issue.
Thanks in advance

Kapil Thangavelu

unread,

Dec 7, 2018, 8:57:57 AM12/7/18

to cloud-custodian

we can add a retry here, but it would be useful to understand what else is modifying the bucket. a GitHub issue would be good.

Reply all

Reply to author

Forward

0 new messages