Skip to main content
All CollectionsTemplatesIntermediate
Handle AWS S3 Bucket Should Enforce HTTPS Alert from Orca - Workflow Template
Handle AWS S3 Bucket Should Enforce HTTPS Alert from Orca - Workflow Template

Receive an Orca alert on an AWS S3 Bucket not being compliant, apply a default S3 bucket policy to remediate.

Updated over 7 months ago

This Torq workflow template, "Handle AWS S3 Bucket Should Enforce HTTPS Alert from Orca," automates the response to Orca Security alerts regarding non-compliant AWS S3 buckets. It outlines actions for identifying bucket ownership, notifying the responsible parties through Slack, and enforcing standardized S3 bucket policies upon approval. Should the proposed policy be rejected, the workflow facilitates the collection of a rejection reason and the creation of follow-up Jira tickets for further remediation actions. It ensures that all adjustments and communications are logged and updated accordingly in the Orca Security alert, thus promoting CSPM best practices and accountability within the organization.

Trigger

Orca

Use Cases

CSPM

Workflow Breakdown

  1. Retrieve details and tags on the bucket

  2. Reach out to the bucket owner or Slack channel, notify them about the issue

  3. Suggest to remediate by applying a standard configuration and bucket policy

  4. Apply if the user approves and run a verification scan after remediation

  5. If the user rejects, collect a reason and open a follow-up Jira ticket

  6. Update remediation details on the Orca Security alert provded

Vendors

AWS, Slack, Utils, Orca, Jira Cloud

Workflow Output

Success/Failure - Jira Ticket

Tips

The bucket policy should be reviewed for your organization and is defined in the step named \"Set Workflow Variables\

Did this answer your question?