Skip to main content
All CollectionsTemplatesIntermediate
Remediate AWS VPC Created without Flow Logs with Orca - Workflow Template
Remediate AWS VPC Created without Flow Logs with Orca - Workflow Template

Receive an alert on an AWS VPC created without Flow Logs. Reach out to the owner, suggest remediation and define Flow Logs in AWS.

Updated over a week ago

This Torq workflow template addresses the critical business need of ensuring AWS Virtual Private Cloud (VPC) security by automating the remediation process for VPCs created without Flow Logs. The workflow initiates upon identifying such a VPC, proceeds to locate the VPC owner via Slack, and suggests enabling Flow Logs. If approved by the owner, the workflow automatically configures the necessary Flow Logs within AWS and re-scans the VPC. Rejection by the owner leads to the collection of a reason and the initiation of follow-up actions within Jira for further investigation and remediation planning.

Trigger

Orca

Use Cases

CSPM

Workflow Breakdown

  1. Retrieve VPC details and tags, including owner

  2. Search for the owner in Slack

  3. Reach out to the owner, notify about the issue, suggest remediation

  4. If the owner approves, define VPC Flow Logs in AWS, rescan the VPC

  5. If the owner rejects, collect a reason and open follow-up Jira tickets

Vendors

AWS, Slack, Utils, Orca, Jira Cloud

Workflow Output

Success / Failure, Jira Tickets

Tips

Ensure proper permissions within AWS to communicate with create-flow-logs CLI endpoint

Did this answer your question?