Skip to content

bpauwels/aws-security-bulletin-alert

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

AWS Automatic Security Bulletin E-Mail Alerts

This CDK project deploys an AWS Lambda Function which is scheduled for every full hour. It checks the https://aws.amazon.com/security/security-bulletins for new AWS Security Bulletins and sends out E-Mail notifications via Amazon SES.

Architecture

architecture diagram

Prerequisites

A verified identity in SES is needed. See https://docs.aws.amazon.com/ses/latest/dg/creating-identities.html for detailed instructions

Configuration

In lib/cve-alert-stack you can configure

Security considerations

By default, the Lambda Execution role is granted permissions to all SES identities in the current account. To follow the 'least privilege' best practice, it is recommended to limit it to the identity which is actually used. (In lib/cve-alert-stack line 33)

Deployment

If your AWS account is not yet bootstrapped, run

$ cdk bootstrap

To deploy the project, run

$ cdk deploy

About

No description, website, or topics provided.

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • TypeScript 81.8%
  • JavaScript 18.2%