![[cfn-lint logo]](https://www.seclytics.com/images/integrations/aws-guard-duty-logo-17dc4958.png){kind=logo}
Create a stack
Create an incoming webhook in slack
- Go to your slack application and select your team on the top left corner as shown:
- You will find a popup Menu and you’ll want to click on Manage Apps.
- You will then want to select custom integrations on the left and Incoming Webhooks.
- Select the slack channel that you’d like to post messages to with this new incoming web hook. An example would be #general.
- Press the button to add the incoming web hook at the bottom of the page.
- Copy the new Webhook URL so we can use it as input in our CloudFormation template.
Use the CloudFormation service to execute the gd2slack.template in this repository
- You will add your incoming web hook as the first parameter cloudformation/_cim.yml
- Add the slack channel as a parameter - example #general
- Add the minimum severity - example HIGH would only send high severity findings, LOW sends all findings
- Run make apply
In order to pass parameter to cloudformation do not edit the template, but instead modify the _cim.yml configuration file located in the cloudformation/ directory.
version: 0.1
stack:
name: guardDutyToSlackNotifier
template:
file: g2s.yaml
bucket: cim-stacks-upload
parameters:
IncomingWebHookURL: 'https://hooks.slack.com/services/XXXXXX/YYYYY/REPLACE_WITH_YOURS'
SlackChannel: '#general'
MinSeverityLevel: 'LOW'
capabilities:
- 'CAPABILITY_IAM'
tags:
app: guardDutyToSlackNotifier
owner: DevSecOps
env: prodTo get started...
-
Option 1
- 🍴 Fork this repo!
-
Option 2
- 👯 Clone this repo to your local machine using
https://github.com/einyx/guarduty.git
- 👯 Clone this repo to your local machine using
- HACK AWAY! 🔨🔨🔨
- 🔃 Create a new pull request using
https://github.com/einyx/guarduty/compare/.
- MIT license
- Copyright 2019 © devsecnull.
GitHub @einyx ·