You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/config-filtering.md
+41Lines changed: 41 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -80,6 +80,7 @@ The following are comparisons that you can use to filter resources. These are u
80
80
- `glob`
81
81
- `regex`
82
82
- `dateOlderThan`
83
+
- `dateOlderThanNow`
83
84
84
85
To use a non-default comparison type, it is required to specify an object with `type` and `value` instead of the
85
86
plain string.
@@ -141,6 +142,10 @@ IAMUser:
141
142
142
143
### DateOlderThan
143
144
145
+
!!! warning
146
+
You likely do not want this filter, instead you likely want [dateOlderThanNow](#dateolderthannow)
147
+
148
+
144
149
This works by parsing the specified property into a timestamp and comparing it to the current time minus the specified
145
150
duration. The duration is specified in the `value` field. The duration syntax is based on golang's duration syntax.
146
151
@@ -167,6 +172,42 @@ EC2Image:
167
172
value: 1h
168
173
```
169
174
175
+
### DateOlderThanNow
176
+
177
+
!!! note
178
+
Typically this filter is used in conjunction with `invert: true` as the primary use case is to find resources
179
+
older than a date and **NOT** filtering them out, and instead filtering anything newer than now minus the duration
180
+
provided in the `value` field of the property.
181
+
182
+
Unlike `dateOlderThan`, this filter uses the property's value, assumed to be a date, compared against the current now
183
+
time modified by the duration provided in the value of the filter.
184
+
185
+
The `value` in the filter must be a [golang time duration value,](https://www.geeksforgeeks.org/time-parseduration-function-in-golang-with-examples/) and it is
186
+
added (if positive) or subtracted (if negative) from the current time and then the value of the property is compared
187
+
to the modified time. **Note:** you almost always want the value to be negative.
188
+
189
+
> ParseDuration parses a duration string. A duration string is a possibly signed sequence of decimal numbers, each with
190
+
> optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"),
191
+
> "ms", "s", "m", "h".
192
+
193
+
#### Example with Invert
194
+
195
+
```yaml
196
+
IAMRole:
197
+
- type: dateOlderThanNow
198
+
property: LastUsedDate
199
+
value: -12h
200
+
invert: true
201
+
```
202
+
203
+
If the current time is `2024-10-15T00:00:00Z`, then the modified now time is `2024-10-14T12:00:00Z`.
204
+
205
+
If the value of `LastUsedDate` is `2024-10-14T14:30:00Z` then the result of the filter will be `true`. It is **NOT**
206
+
older than the modified time, and since the invert is set to true, anything **newer** to the modified time is filtered.
207
+
208
+
If the value of `LastUsedDate` is `2024-10-13T12:30:00Z` then the result of the filter will be `false` and the resource
209
+
will be marked for removal.
210
+
170
211
## Properties
171
212
172
213
By default, when writing a filter if you do not specify a property, it will use the `Name` property. However, resources
0 commit comments