Skip to content

Instantly share code, notes, and snippets.

@smford22

smford22/unauthorized_cookbook_upload.md

Created November 5, 2015 16:21
Show Gist options
  • Save smford22/64ddff8bf69533920ebd to your computer and use it in GitHub Desktop.
Save smford22/64ddff8bf69533920ebd to your computer and use it in GitHub Desktop.
Download ZIP
Unauthorized cookbook upload rule
Raw
unauthorized_cookbook_upload.md 
rules 'Unauthorized Cookbook Upload'
  rule on action
  when
    parent_type = 'cookbook' and requestor_name != 'jenkins_user'
  then
    audit:error("An unauthorized user updated the {{message.parent_name}} cookbook at {{message.recorded_at}} UTC! USERNAME: {{message.requestor_name}}!")
   notify('slack', '
{
"username": "Audit Alarm",
"icon_emoji": ":rotating_light:",
"attachments": [ {
"text": "An unauthorized user updated the {{message.parent_name}} cookbook at {{message.recorded_at}} UTC! USERNAME: {{message.requestor_name}}!",
"color": "danger"
}]
}
')
  end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment