This Torq workflow template, "Handle AWS S3 Bucket Should Enforce HTTPS Alert from Orca," automates the response to Orca Security alerts regarding non-compliant AWS S3 buckets. It outlines actions for identifying bucket ownership, notifying the responsible parties through Slack, and enforcing standardized S3 bucket policies upon approval. Should the proposed policy be rejected, the workflow facilitates the collection of a rejection reason and the creation of follow-up Jira tickets for further remediation actions. It ensures that all adjustments and communications are logged and updated accordingly in the Orca Security alert, thus promoting CSPM best practices and accountability within the organization.
Trigger
Orca
Use Cases
CSPM
Workflow Breakdown
Retrieve details and tags on the bucket
Reach out to the bucket owner or Slack channel, notify them about the issue
Suggest to remediate by applying a standard configuration and bucket policy
Apply if the user approves and run a verification scan after remediation
If the user rejects, collect a reason and open a follow-up Jira ticket
Update remediation details on the Orca Security alert provded
Vendors
AWS, Slack, Utils, Orca, Jira Cloud
Workflow Output
Success/Failure - Jira Ticket
Tips
The bucket policy should be reviewed for your organization and is defined in the step named \"Set Workflow Variables\