Looking at the following Cloud Custodian policy:
policies:
- name: ec2-ssm-check
resource: ec2
filters:
- type: ssm
key: PingStatus
value: Online
- type: ssm
key: PlatformName
value: Ubuntu
- type: ssm
key: PlatformVersion
value: 18.04
There are three filteres used together. How are they evaluated? do all of them need to match or just one would be enough?
I read the documentations here but nothing is mentioned about it.
You can check here. https://cloudcustodian.io/docs/quickstart/tagCompliance.html
In short- It will start evaluating the first filter to last and if all the filters match, then the policy will execute.
If any of the filters fail, then it will skip. If you want to execute if any of the filter matches, then use OR for the documentation you linked https://cloudcustodian.io/docs/filters.html