Documentation ¶
Overview ¶
Package cloudfunctions provides the implementation of automated actions.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CreateSnapshot ¶
func CreateSnapshot(ctx context.Context, m pubsub.Message, r *entities.Resource, h *entities.Host) error
CreateSnapshot creates a snapshot of an instance's disk.
For a given supported finding pull each disk associated with the affected instance.
- Check to make sure we haven't created a snapshot for this finding recently.
- Create a new snapshot for each disk labeled with the finding and current time.
In order for the snapshot to be create the service account must be granted the correct role on the affected project. At this time this grant is defined per project but should be changed to support folder and organization level grants.
func RevokeExternalGrantsFolders ¶
func RevokeExternalGrantsFolders(ctx context.Context, m pubsub.Message, r *entities.Resource, folderIDs []string, disallowed []string) error
RevokeExternalGrantsFolders is the entry point of the Cloud Function.
This Cloud Function will read the incoming finding, if it's an ETD anomalous IAM grant identicating an external member was invited to policy check to see if the external member is in a list of disallowed domains.
Additionally check to see if the affected project is in the specified folder. If the grant was to a domain explicitly disallowed and within the folder then remove the member from the entire IAM policy for the resource.
Types ¶
This section is empty.