Initial implementation
This commit is contained in:
Jasmine Schladen
@ -1441,7 +1441,7 @@ Slack
|
||||
Adds support for slack notifications.
|
||||
|
||||
|
||||
AWS
|
||||
AWS (Source)
|
||||
----
|
||||
|
||||
:Authors:
|
||||
@ -1454,7 +1454,7 @@ AWS
|
||||
Uses AWS IAM as a source of certificates to manage. Supports a multi-account deployment.
|
||||
|
||||
|
||||
AWS
|
||||
AWS (Destination)
|
||||
----
|
||||
|
||||
:Authors:
|
||||
@ -1467,6 +1467,19 @@ AWS
|
||||
Uses AWS IAM as a destination for Lemur generated certificates. Support a multi-account deployment.
|
||||
|
||||
|
||||
AWS (Notification)
|
||||
-----
|
||||
|
||||
:Authors:
|
||||
Jasmine Schladen <jschladen@netflix.com>
|
||||
:Type:
|
||||
Notification
|
||||
:Description:
|
||||
Adds support for SNS notifications. SNS notifications (like other notification plugins) are currently only supported
|
||||
for certificate expiration. Configuration requires a region, account number, and SNS topic name; these elements
|
||||
are then combined to build the topic ARN. Lemur must have access to publish messages to the specified SNS topic.
|
||||
|
||||
|
||||
Kubernetes
|
||||
----------
|
||||
|
||||
|
||||
@ -215,18 +215,21 @@ Notification
|
||||
------------
|
||||
|
||||
Lemur includes the ability to create Email notifications by **default**. These notifications
|
||||
currently come in the form of expiration notices. Lemur periodically checks certifications expiration dates and
|
||||
currently come in the form of expiration and rotation notices. Lemur periodically checks certifications expiration dates and
|
||||
determines if a given certificate is eligible for notification. There are currently only two parameters used to
|
||||
determine if a certificate is eligible; validity expiration (date the certificate is no longer valid) and the number
|
||||
of days the current date (UTC) is from that expiration date.
|
||||
|
||||
There are currently two objects that available for notification plugins the first is `NotficationPlugin`. This is the base object for
|
||||
any notification within Lemur. Currently the only support notification type is an certificate expiration notification. If you
|
||||
Expiration notifications can also be configured for Slack or AWS SNS. Rotation notifications are not configurable.
|
||||
Notifications sent to a certificate owner and security team (`LEMUR_SECURITY_TEAM_EMAIL`) can currently only be sent via email.
|
||||
|
||||
There are currently two objects that available for notification plugins. The first is `NotificationPlugin`, which is the base object for
|
||||
any notification within Lemur. Currently the only supported notification type is an certificate expiration notification. If you
|
||||
are trying to create a new notification type (audit, failed logins, etc.) this would be the object to base your plugin on.
|
||||
You would also then need to build additional code to trigger the new notification type.
|
||||
|
||||
The second is `ExpirationNotificationPlugin`, this object inherits from `NotificationPlugin` object.
|
||||
You will most likely want to base your plugin on, if you want to add new channels for expiration notices (Slack, HipChat, Jira, etc.). It adds default options that are required by
|
||||
The second is `ExpirationNotificationPlugin`, which inherits from `NotificationPlugin` object.
|
||||
You will most likely want to base your plugin on this object if you want to add new channels for expiration notices (HipChat, Jira, etc.). It adds default options that are required by
|
||||
all expiration notifications (interval, unit). This interface expects for the child to define the following function::
|
||||
|
||||
def send(self, notification_type, message, targets, options, **kwargs):
|
||||
|
||||
Reference in New Issue
Block a user