This workflow template is designed to manage public Azure Storage Containers that are inadvertently exposing sensitive data. On receiving an alert from Wiz, it automatically initiates a process to assess container exposure. The workflow gathers container details, including tags and public access settings, and reaches out via Slack for approval to alter access settings. With approval, public access is revoked; without it, an issue is escalated within Jira to document and address the permission setting, ensuring prompt and controlled response to potential data exposures.
Trigger
Wiz
Use Cases
CSPM
Workflow Breakdown
Receive an alert from Wiz on a publicly exposed Azure Storage Container with sensitive information
Gather details on the container including tags and the current container public policy property
Ask the Slack channel or container owner for approval to limit the public access on the container
If approved, set the public-access property off on the container and update the Wiz alert comments and move to alert to In Progress
If not approved, open an issue in Jira and note the response and add the Jira issue key to the Wiz alert
Vendors
Slack, Microsoft Azure, Utils, Wiz, Jira Cloud