Why You Won't Be Running c7n-org in an AWS Lambda Function

I recently had the good fortune to take on a really fun project at work. First off, the client was incredibly easy to work with, which makes any project (even something I might consider tedious and boring, like migration work) a win in my book. In any case, this wasn’t a boring project – the client asked us to roll out Cloud Custodian across their entire AWS footprint – which at this point consists of an AWS Organization with a decent number of accounts (and more to follow).

AWS Batch Cloud Custodian Docker Starter Pack

I recently implemented a series of AWS Batch jobs for a client. While most of these were for implementing, well, batch jobs, in the form of reporting functions, I decided to give a go to deploying Cloud Custodian using the same framework, as it basically involved creating an additional CloudFormation nested stack, building Custodian policies and baking them into a container to deploy through Batch. Getting everything up and going was a fair bit of work, so I wanted to encapsulate my learnings into something else others could use.