Closed ghost closed 3 years ago
All (the pull request submitter and all commit authors) CLAs are signed, but one or more commits were authored or co-authored by someone other than the pull request submitter.
We need to confirm that all authors are ok with their commits being contributed to this project. Please have them confirm that by leaving a comment that contains only @googlebot I consent.
in this pull request.
Note to project maintainer: There may be cases where the author cannot leave a comment, or the comment is not properly detected as consent. In those cases, you can manually confirm consent of the commit author(s), and set the cla
label to yes
(if enabled on your project).
ℹ️ Googlers: Go here for more info.
@googlebot I consent.
Current representation of
cloudfunctions/output/config.yaml
:apiVersion: security-response-automation.cloud.google.com/v1alpha1 kind: Notification metadata: name: output spec: outputs: turbinia: project_id: "turbina-tests-03012020" topic: "turbinia-ea4f80ef66a38477" zone: "us-central1-f"
The config yaml for outputs was discarded. The outputs configurations will be in the remediations config file represented by:
apiVersion: security-response-automation.cloud.google.com/v1alpha1
kind: Remediation
metadata:
name: router
spec:
parameters:
etd:
bad_ip:
- action: gce_create_disk_snapshot
target:
- organizations/__ORGANIZATION_ID__/*
properties:
dry_run: false
target_snapshot_project_id: test-audit-log-260414
target_snapshot_zone: "__TURBINIA_SNAPSHOOT_ZONE__"
outputs: ['turbinia']
turbinia:
project_id: "__TURBINIA_PROJECT_ID__"
topic: "__TURBINIA_TOPIC_NAME__"
zone: "__TURBINIA_SNAPSHOOT_ZONE__"
anomalous_iam:
- action: iam_revoke
target:
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
properties:
dry_run: false
allow_domains:
- google.com
ssh_brute_force:
- action: remediate_firewall
target:
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
properties:
dry_run: false
sha:
audit_logging_disabled:
- action: enable_audit_logs
target:
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
exclude:
- projects/345
properties:
dry_run: false
non_org_members:
- action: remove_non_org_members
target:
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__
exclude:
- projects/345
properties:
dry_run: false
allow_domains: ["__DOMAIN_ALLOWED__"]
sql_no_root_password:
- action: cloud_sql_update_password
target:
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
properties:
dry_run: false
ssl_not_enforced:
- action: cloud_sql_require_ssl
target:
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
properties:
dry_run: false
public_sql_instance:
- action: close_cloud_sql
target:
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
properties:
dry_run: false
open_firewall:
- action: remediate_firewall
target:
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
properties:
dry_run: false
open_firewall:
# values for remediation_action: disable, delete, update_source_range
remediation_action: disable
source_ranges:
- "10.128.0.0/9"
open_rdp_port:
- action: remediate_firewall
target:
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
properties:
dry_run: false
open_firewall:
# values for remediation_action: disable, delete, update_source_range
remediation_action: disable
open_ssh_port:
- action: remediate_firewall
target:
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
properties:
dry_run: false
open_firewall:
# values for remediation_action: disable, delete, update_source_range
remediation_action: disable
public_ip_address:
- action: remove_public_ip
target:
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
properties:
dry_run: false
public_bucket_acl:
- action: close_bucket
target:
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
- organizations/__ORGANIZATION_ID__/folders/__FOLDER_ID__/*
properties:
dry_run: false
outputs:
turbinia:
project_id: "__TURBINIA_PROJECT_ID__"
topic: "__TURBINIA_TOPIC_NAME__"
zone: "__TURBINIA_SNAPSHOOT_ZONE__"
All (the pull request submitter and all commit authors) CLAs are signed, but one or more commits were authored or co-authored by someone other than the pull request submitter.
We need to confirm that all authors are ok with their commits being contributed to this project. Please have them confirm that by leaving a comment that contains only @googlebot I consent.
in this pull request.
Note to project maintainer: There may be cases where the author cannot leave a comment, or the comment is not properly detected as consent. In those cases, you can manually confirm consent of the commit author(s), and set the cla
label to yes
(if enabled on your project).
ℹ️ Googlers: Go here for more info.
@googlebot I consent.
The corrections that you suggested are done, just waiting for your review @tomscript
unfortunately i'll need to pause on this review for the time being
Current representation of
cloudfunctions/output/config.yaml
: