-
Notifications
You must be signed in to change notification settings - Fork 15
/
Copy pathscc-config.yaml
89 lines (83 loc) · 3.39 KB
/
scc-config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
# Copyright 2021 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
processors:
- scc
outputs:
- type: mail
transports:
- type: smtp
host: your.email.server.smtp
port: 587
ssl: true
from: [email protected]
# For programmatic creation of recipient, see the budget example.
subject: |
[Security Center - {{ finding.sourceProperties.SeverityLevel }}] {{ finding.category }}: {{ finding.resourceName }}
body:
images: # Images to inline in the email
- img/sample-logo-small.png
html: |
<html><head><title>Cloud Security Center notification</title></head>
<body>
<img src="cid:sample-logo-small.png" alt="Sample logo" />
<h1>Cloud Security Center notification</h1>
<p>The following finding was discovered:</p>
<table>
<tr>
<th>Time</th>
<td>{{ finding.createTime }}</td>
</tr>
<tr>
<th>Finding name</th>
<td>{{ finding.name|split('/')|index(-1) }}</td>
</tr>
<tr>
<th>Resource</th>
<td>{{ finding.resourceName }}</td>
</tr>
<tr>
<th>Category</th>
<td>{{ finding.category }}</td>
</tr>
<tr>
<th>URL</th>
<td><a href="{{ finding.externalUri }}">{{ finding.externalUri }}</a></td>
</tr>
<tr>
<th>Recommendation</th>
<td>{{ finding.sourceProperties.Recommendation|add_links }}</td>
</tr>
<tr>
<th>Explanation</th>
<td>{{ finding.sourceProperties.Explanation|add_links }}</td>
</tr>
</table>
<p>
<a href="https://console.cloud.google.com/security/command-center/findings?organizationId={{ organization }}&orgonly=true&supportedpurview=organizationId&view_type=vt_finding_type&vt_finding_type=All&resourceId={{ finding.name|urlencode }}">View in Security Command Center</a>
</p>
</body>
</html>
text: |
*Cloud Security Center notification*
The following finding was discovered:
Time: {{ finding.createTime }}
Finding name: {{ finding.name|split('/')|index(-1) }}
Resource: {{ finding.resourceName }}
Category: {{ finding.category }}
URL: {{ finding.externalUri }}
Recommendation: {{ finding.sourceProperties.Recommendation }}
Explanation: {{ finding.sourceProperties.Explanation }}
View in Security Command Center:
https://console.cloud.google.com/security/command-center/findings?organizationId={{ organization }}&orgonly=true&supportedpurview=organizationId&view_type=vt_finding_type&vt_finding_type=All&resourceId={{ finding.name|urlencode }}