Sample configuration page shows invalid value for the "open_firewall" property

GoogleCloudPlatform / security-response-automation

Take automated actions against threats and vulnerabilities.

Apache License 2.0

208 stars 52 forks source link

Sample configuration page shows invalid value for the "open_firewall" property #194

Closed DanielCMiranda closed 3 years ago

DanielCMiranda commented 3 years ago

Hello!

The sample configuration yaml file in the Wiki page of the project currently shows an invalid value for the open_firewall property.

I.e:

properties:
  dry_run: true
  open_firewall:
    - disable

Since the open_firewall property doesn't expect a list of items, this configuration causes a parsing error. Based on the automations.md file, I believe a valid configuration would be something like the code below:

properties:
  dry_run: true
  open_firewall:
    remediation_action: disable

tomscript commented 3 years ago

thanks Daniel! this has been fixed, nice catch.

https://github.com/GoogleCloudPlatform/security-response-automation/wiki/Sample-configuration

DanielCMiranda commented 3 years ago

thanks Daniel! this has been fixed, nice catch.

https://github.com/GoogleCloudPlatform/security-response-automation/wiki/Sample-configuration

Hi @tomscript, thanks for the quick reply!

I just checked the Wiki and apparently it is still invalid.

Currently it is as shown below:

properties:
  dry_run: true
  remediation_action:
    - disable

I tested the following configuration and it works:

properties:
  dry_run: true
  open_firewall:
    remediation_action: disable

tomscript commented 3 years ago

ah right its nested. i hadnt had a chance to test it. updated, lmk if this works

https://github.com/GoogleCloudPlatform/security-response-automation/wiki/Sample-configuration