2 minute read

Exercise 04: Notification Setup

In this exercise, you will configure notifications in Cloud Guard to receive alerts about detected security issues. Using the existing detector settings, you’ll set up notifications to be informed of any potential vulnerabilities or policy violations.

Objectives

  • Create a notification topic and subscription.
  • Set up a rule to trigger notifications.
  • Test the notification by creating a public Object Storage bucket and verifying the alert.

Environment

Perform this exercise within the following environment:

  • Compartment: OCI-SEC-WS-LAB-nn
  • Region: Germany Central (Frankfurt)
  • OCI Console URL: OCI Console Frankfurt - Login
  • OCI User: lab-oci-sec-wsNN
  • OCI Password: provided by trainer

Ensure you are in the correct compartment and region. New resources, such as Cloud Shell configurations and ADB access settings, should be created within your designated compartment.

Solution

Login as User XYZ in OCI console. Ensure you have select the proper compartment in from the dropdown list on left side.

Enable Auto Resolve Notification by Topic

Create Topic, Subscription and Confirmation

A topic and a subscription is required to enable the notification service based on events.

Developer Services -> Application Integration -> Notifications -> Create Topic

>> step_1

Add details, Create.

>> step_2

The state of the new created topic is active.

>> step_3

View the details, click on topic name. Create a new Subscription: Create Subscription.

>> step_4

Select:

  • Protocol: Email
  • Email: add your personal mail address, a mail address where you have immediate access for confirmation

Create the subscription and check your inbox.

>> step_5

Confirm the subscription

>> step_6

>> step_7

Create Rule

Create Topic, Subscription and Confirmation

We create a rule based on Cloud Guard changes.

Observability & Management -> Events Service -> Rules -> Create Rule.

Set Display Name and Description, as example rule-oci-sec-ws-lab-00-cloudguard.

>> step_1

Select Rule Condition.

In section Rule Conditions, select Service Name and Event Type. Select these event types:

  • Detected - Problem
  • Dismissed - Problem
  • Remediated - Problem

>> step_2

Select Actions

  • Action-Type: Notifications
  • Notifications-Compartment: OCI-SEC-WS-LAB- (your compartment name)
  • Topic: topic-oci-sec-ws-lab-001 (the topic you created)

>> step_3

Test

Change the visibility of an Object Storage bucket to public

Storage -> Object Storage -> Buckets

Change the visibility and verify if you get a notification by mail.

Summary

In this exercise, you:

  • Created a notification topic and subscription for Cloud Guard alerts.
  • Configured a rule to send notifications based on specific detector findings.
  • Verified the setup by creating a public bucket and receiving the corresponding alert.

You are now ready to continue with the next exercise to deepen your understanding of Data Safe configurations.