Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
api-governance / spectral-lint (push) Has been cancelled
oas-ci / oas-validate (push) Has been cancelled
Policy Simulation / policy-simulate (push) Has been cancelled
sdk-generator-smoke / sdk-smoke (push) Has been cancelled
SDK Publish & Sign / sdk-publish (push) Has been cancelled
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
api-governance / spectral-lint (push) Has been cancelled
oas-ci / oas-validate (push) Has been cancelled
Policy Simulation / policy-simulate (push) Has been cancelled
sdk-generator-smoke / sdk-smoke (push) Has been cancelled
SDK Publish & Sign / sdk-publish (push) Has been cancelled
This commit is contained in:
StellaOps Bot
@@ -1,86 +1,86 @@
|
||||
{
|
||||
"rules": [
|
||||
{
|
||||
"ruleId": "attest-key-rotation",
|
||||
"name": "Attestation key rotation/revocation",
|
||||
"enabled": true,
|
||||
"tenantId": "<tenant-id>",
|
||||
"match": {
|
||||
"eventKinds": [
|
||||
"authority.keys.rotated",
|
||||
"authority.keys.revoked"
|
||||
]
|
||||
},
|
||||
"actions": [
|
||||
{
|
||||
"actionId": "email-kms",
|
||||
"enabled": true,
|
||||
"channel": "email-kms",
|
||||
"template": "tmpl-attest-key-rotation"
|
||||
},
|
||||
{
|
||||
"actionId": "webhook-kms",
|
||||
"enabled": true,
|
||||
"channel": "webhook-kms",
|
||||
"template": "tmpl-attest-key-rotation"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"ruleId": "attest-transparency-anomaly",
|
||||
"name": "Transparency witness anomaly",
|
||||
"enabled": true,
|
||||
"tenantId": "<tenant-id>",
|
||||
"match": {
|
||||
"eventKinds": [
|
||||
"attestor.transparency.anomaly",
|
||||
"attestor.transparency.witness.failed"
|
||||
]
|
||||
},
|
||||
"actions": [
|
||||
{
|
||||
"actionId": "slack-soc",
|
||||
"enabled": true,
|
||||
"channel": "slack-soc",
|
||||
"template": "tmpl-attest-transparency-anomaly"
|
||||
},
|
||||
{
|
||||
"actionId": "webhook-siem",
|
||||
"enabled": true,
|
||||
"channel": "webhook-siem",
|
||||
"template": "tmpl-attest-transparency-anomaly"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"channels": [
|
||||
{
|
||||
"channelId": "email-kms",
|
||||
"type": "email",
|
||||
"name": "KMS security",
|
||||
"target": "kms-security@example.com",
|
||||
"secretRef": "ref://notify/channels/email/kms-security"
|
||||
},
|
||||
{
|
||||
"channelId": "webhook-kms",
|
||||
"type": "webhook",
|
||||
"name": "KMS webhook",
|
||||
"endpoint": "https://hooks.internal/kms",
|
||||
"secretRef": "ref://notify/channels/webhook/kms"
|
||||
},
|
||||
{
|
||||
"channelId": "slack-soc",
|
||||
"type": "slack",
|
||||
"name": "SOC high-priority",
|
||||
"endpoint": "https://hooks.slack.com/services/T000/B000/XYZ",
|
||||
"secretRef": "ref://notify/channels/slack/soc"
|
||||
},
|
||||
{
|
||||
"channelId": "webhook-siem",
|
||||
"type": "webhook",
|
||||
"name": "SIEM ingest",
|
||||
"endpoint": "https://siem.example.internal/hooks/notifier",
|
||||
"secretRef": "ref://notify/channels/webhook/siem"
|
||||
}
|
||||
]
|
||||
}
|
||||
{
|
||||
"rules": [
|
||||
{
|
||||
"ruleId": "attest-key-rotation",
|
||||
"name": "Attestation key rotation/revocation",
|
||||
"enabled": true,
|
||||
"tenantId": "<tenant-id>",
|
||||
"match": {
|
||||
"eventKinds": [
|
||||
"authority.keys.rotated",
|
||||
"authority.keys.revoked"
|
||||
]
|
||||
},
|
||||
"actions": [
|
||||
{
|
||||
"actionId": "email-kms",
|
||||
"enabled": true,
|
||||
"channel": "email-kms",
|
||||
"template": "tmpl-attest-key-rotation"
|
||||
},
|
||||
{
|
||||
"actionId": "webhook-kms",
|
||||
"enabled": true,
|
||||
"channel": "webhook-kms",
|
||||
"template": "tmpl-attest-key-rotation"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"ruleId": "attest-transparency-anomaly",
|
||||
"name": "Transparency witness anomaly",
|
||||
"enabled": true,
|
||||
"tenantId": "<tenant-id>",
|
||||
"match": {
|
||||
"eventKinds": [
|
||||
"attestor.transparency.anomaly",
|
||||
"attestor.transparency.witness.failed"
|
||||
]
|
||||
},
|
||||
"actions": [
|
||||
{
|
||||
"actionId": "slack-soc",
|
||||
"enabled": true,
|
||||
"channel": "slack-soc",
|
||||
"template": "tmpl-attest-transparency-anomaly"
|
||||
},
|
||||
{
|
||||
"actionId": "webhook-siem",
|
||||
"enabled": true,
|
||||
"channel": "webhook-siem",
|
||||
"template": "tmpl-attest-transparency-anomaly"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"channels": [
|
||||
{
|
||||
"channelId": "email-kms",
|
||||
"type": "email",
|
||||
"name": "KMS security",
|
||||
"target": "kms-security@example.com",
|
||||
"secretRef": "ref://notify/channels/email/kms-security"
|
||||
},
|
||||
{
|
||||
"channelId": "webhook-kms",
|
||||
"type": "webhook",
|
||||
"name": "KMS webhook",
|
||||
"endpoint": "https://hooks.internal/kms",
|
||||
"secretRef": "ref://notify/channels/webhook/kms"
|
||||
},
|
||||
{
|
||||
"channelId": "slack-soc",
|
||||
"type": "slack",
|
||||
"name": "SOC high-priority",
|
||||
"endpoint": "https://hooks.slack.com/services/T000/B000/XYZ",
|
||||
"secretRef": "ref://notify/channels/slack/soc"
|
||||
},
|
||||
{
|
||||
"channelId": "webhook-siem",
|
||||
"type": "webhook",
|
||||
"name": "SIEM ingest",
|
||||
"endpoint": "https://siem.example.internal/hooks/notifier",
|
||||
"secretRef": "ref://notify/channels/webhook/siem"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user