Skip to main content
All CollectionsTemplatesIntermediate
Enable AWS S3 Bucket Versioning on Orca Alert - Workflow Template
Enable AWS S3 Bucket Versioning on Orca Alert - Workflow Template

Receive an Orca alert on an AWS S3 bucket with versioning disabled, lookup owner tag, ask owner or channel to enable versioning.

Updated over 6 months ago

This workflow template guides users through addressing Orca Security alerts for AWS S3 buckets with versioning disabled. It begins by retrieving tag details to identify the bucket owner, then reaches out via Slack for consent to enable bucket versioning. Upon approval, versioning is enabled and a verification scan initiated. If consent is denied or unresponsive, it captures a reason and generates a follow-up Jira ticket, updating the alert details accordingly. The process enhances Cloud Security Posture Management (CSPM) by ensuring S3 data protection compliance.

Take Me to the Template

Trigger

Orca

Use Cases

CSPM

Workflow Breakdown

  1. Retrieve details on tags on the bucket

  2. Reach out to the bucket owner or Slack channel, notify them about the issue

  3. Suggest to remediate by enabling versioning on the bucket

  4. Apply the changes if the user approves and kick off a verification scan

  5. If user or channel rejects, collect a reason and open a follow-up Jira ticket

  6. Update remediation details on the Orca Security alert provided

Vendors

AWS, Slack, Utils, Orca, Jira Cloud

Workflow Output

Success/Failure - Jira Ticket

Tips

Setup Jira and Slack channel variables in the first variables step

Related Articles
Enable AWS S3 Bucket Versioning on Alert from Wiz - Workflow Template
Enable AWS S3 Bucket Encryption on Alert (PrismaCloud) - Workflow Template
Enable Encryption on AWS S3 Bucket on Alert from Orca - Workflow Template
Enable AWS S3 Bucket Versioning on Lacework Alert - Workflow Template
Handle AWS S3 Bucket Should Enforce HTTPS Alert from Orca - Workflow Template
Did this answer your question?