This workflow template guides the automated response to a Wiz alert indicating that a Google Cloud Platform (GCP) storage bucket's versioning is disabled. Once alerted, the workflow retrieves the relevant Slack channel, if labeled, and requests consent to enable versioning on the bucket. Approval triggers the versioning process, and if successful, the workflow updates Wiz and notifies the channel. Should the Slack channel reject the request, or if the action fails, the workflow proceeds to open a Jira ticket, linking it to the Wiz issue for further tracking and remediation.

Trigger

Wiz

Use Cases

CSPM

Workflow Breakdown

Retrieve details from the labels on the bucket
Reach out to the Slack Channel, notify them about the issue
Suggest to remediate by enabling versioning on the bucket
Apply the changes if the channel approves
If the channel rejects the change or times out, open a Jira ticket
In all cases, add a note in the Wiz issue and link to a Jira ticket if one is opened.

Vendors

Slack, Utils, Wiz, GCS, Jira Cloud

Workflow Output

Success/Failure - Jira Ticket

Tips

Setup the Jira, Slack, and Wiz variables in the first variables step of the workflow","Match the workflow trigger from the Wiz integration to the GCP bucket versioning policy created in Wiz

Enable AWS S3 Bucket Versioning on Orca Alert - Workflow Template

Enable AWS S3 Bucket Encryption on Alert from Wiz - Workflow Template

Enable AWS S3 Bucket Versioning on Alert from Wiz - Workflow Template

Handle AWS S3 Bucket Allows HTTP Requests on Wiz Alert - Workflow Template

Enable AWS S3 Bucket Versioning on Lacework Alert - Workflow Template