DivvyCloud

Welcome to the DivvyCloud Docs!

DivvyCloud is a Cloud Security Posture Management (CSPM) platform that provides real-time analysis and automated remediation across leading cloud and container technologies.

For questions about documentation reach out to us [email protected]

Take Me to the Docs!    Release Notes

Creating Bots

Overview

There are a number of workflow options within DivvyCloud for creating Bots. You can create and launch a new Bot from the BotFactory landing page by selecting the configuration through a creation wizard (as demonstrated in the example that follows), or by importing an existing template. You also have the ability to create a Bot directly from an existing Insight through the "Create Bot" button. In any of these workflows we recommend reviewing the Prerequisites for Creating Bots to ensure you have the details you need to get started.

Prerequisites for Creating Bots

Before you create a new Bot you will want to have a few details in order:

  • First, ensure that you have a good understanding of Resources, Filters, and Insights before creating your first Bot.

  • Second, assemble any details about what actions you want your Bot to perform. For example if you want to create an automated notification to generate an email, or Slack notification, you will want to ensure you have all of that information available before you configure the Bot.

    • You can read more here about Integrations
    • Check out this page if you're interested in learning more about using Jinja2

Creating a Bot in BotFactory

These steps will walk you through the process of creating a new Bot from the BotFactory landing page.

  1. Locate "Automation --> BotFactory" under the main navigation and click on BotFactory to open the page. Next, click on "Create Bot".

BotFactory Landing Page - Create Bot

  1. Complete the "1.About Bot" details:
  • Give your Bot a useful "Name" and "Description"
  • Select the appropriate "Category" for the type of Bot you want to create

Create Bot - About Bot Details

  1. Define the scope of your Bot (2. Resource Type & Groups) by selecting the appropriate "resource types", "Badges", and "Cloud/Resource Group Scope".
  • Resource Types - Use the search to locate and select one or more resource types. Selecting multiple resource types will modify the available conditions/actions.

  • Badges - Use the search to locate and select one or more Badges. Unless the "Must have all badges" checkbox is set, any cloud with one or more badges specified will be included in the scope. If "Must have all badges" is checked, only clouds with all specified badges will be included in the scope.

  • Cloud/Groups - Use the search locate and select one or more clouds or Resource Groups.

πŸ“˜

Scoping Multiple Resource Types

You may select multiple resource types for the scope of your Bot, however some filters and actions are only applicable to certain types of resources. Available Bot actions will be scoped based on the specified resource types.

Create Bot - Define Your Scope

  1. Define the "Conditions" of your Bot by selecting the appropriate filter or filters. You can add multiple filters/conditions. (3. Conditions - Match Resources with your Conditions)
  • Use "Add Condition" to add your filters and select "Next" when you have finished.
  • Note: If a Bot has more than one filter, resources are matched only if they match all of the filters specified.

Create Bot - Select Conditions

  1. Define the "Actions" your Bot should take. (4. Actions)

Create Bot - Defining Actions for Your Bot

Notes on Actions

  • Certain actions have the ability to use Jinja2 templating in the message body. This enables Bot authors to insert useful data about resources into the message. To learn more visit this page on using Jinja2.
  • For more information on actions that apply to "Notifications" check out the Integrations Overview for details on various integration options including: Slack, PagerDuty, and ServiceNow.

πŸ“˜

Bot Actions - Order of Action

Bots may have more than one action. If a Bot has more than one action, those actions are executed in series, i.e., the topmost action executes first and when it is finished, the following action is executed, and so on until the list of actions has been completed.

Bots may also have specific actions for resources that match all of their filters as well as actions for those that do not.

  1. Choose "Run Options" for when to run your Bot.
  • The basic options for running your Bot are Reactive and Scheduled. You may choose one or more of these options.

Create Bot - Choosing When Your Bot Will Run

Reactive
The Bot will take action as a reaction to changes detected by harvesting. These changes are:

  • Resource Created - a new resource appears in a cloud account already connected to DivvyCloud, or any resource is discovered within a cloud account newly connected to DivvyCloud.
  • Resource Modified - a resource in an already-connected cloud account changes, e.g., you up-size or down-size an instance.
  • Resource Tags Modified - a resource tags is modified.
  • Resource Destroyed - an existing resource is destroyed.

Scheduled
The Bot will take action according to a recurring schedule, as specified.
(No Schedule, Hourly, Daily, Weekly, Monthly)

  • For example, you can specify that the Bot should run at nightly shutdown by selecting Daily and then specifying the time of nightly shutdown.

πŸ“˜

To Run Your Bot Immediately

Bots are created in a paused state. This is the default to allow you to review your Bot first--a DivvyCloud best practice--before running your Bot.

You can review your Bot using the Bot Overview window (see Overview of Your Bot below).

When you are ready to run your Bot, go to the Bot Listing tab, and select 'Resume' from the action submenu next to the name of your Bot. Then return to the action submenu and select 'On demand Scan'.

  1. Click "Save" to finish creating your Bot. After save you will be returned to the BotFactory main page. From here, click on your newly created Bot to review the settings.

❗️

Editor's Note

The callout below is useful but I wonder if we wouldn't benefit from having an entire section of best practices where we can add more "tips & tricks" type info?

πŸ“˜

Bot Example: Resource Group Curation

A best practices action is resource group curation. Resource groups simplify cloud automation, management, and permissions at scale. End-users can leverage DivvyCloud curation capabilities to automatically add/remove resources to these groups. Learn more about resource group curation.

Creating a Bot from an Insight

In addition to creating Bots directly from the BotFactory landing page. You can also create Bots from existing Insights. You can pre-populate the Conditions and the Resource Type for your new Bot by using an existing Bot with those same attributes.

Refer to the steps below to create a new Bot from an Insight.

Creating a Bot From an Insight

  1. Navigate to "Security --> Insights" from the main menu.

  2. Select the Insight you want to use to create your new Bot and click on the to the left of the Insight name.

❗️

Creating Multiple Bots From the Same Insight

Warning! Use caution when creating multiple Bots from the same Insight so as not to have them perform the same actions on the same resources.

Configuration Required! Bots created from Insights require scope and actions be set. By pressing "SUBMIT", a Bot will be created with defaults based on the Insight you selected; you will be prompted to edit it.

❗️

EDITOR NOTE

Is there a way for a user to review existing Bots before they create a new Bot? We're telling users to be careful but do we have a recommended audit path?

  1. Complete the "About Bot" details as follows:
  • Give your Bot a useful name and description.
  • Select the appropriate category (security, compliance, best practices, curation, or miscellaneous).

Create Bot - About Bot Details

  1. Define the scope of your Bot by selecting the appropriate resource types, badges, and clouds/resource groups.
  • Resource Types - Use the search box to select one or more resource types. Selecting multiple resource types will modify the available conditions/actions.

  • Badges - Use the search box to select one or more badges. Unless the "Must have all badges" checkbox is set, any cloud with one or more badges specified will be included in the scope. If "Must have all badges" is checked, only clouds with all specified badges will be included in the scope.

  • Cloud/Groups - Use the search box to select one or more clouds or resource groups.

πŸ“˜

Scoping Multiple Resource Types

You may select multiple resource types for the scope of your Bot, however some filters and actions are only applicable to certain types of resources. Available Bot actions will be scoped based on the specified resource types.

Create Bot - Define Your Scope

  1. Define the Conditions of your Bot by selecting the appropriate filter or filters. You can add multiple filters/conditions.
  • Note: Bots may have more than one filter/condition. If a Bot has more than one filter, resources are matched only if they match all of the filters specified.

Create Bot - Select Conditions

6 Define the Actions your Bot should take.

Create Bot - Defining Actions for Your Bot

Notes on Actions

  • Certain actions have the ability to use Jinja2 templating in the message body. This enables Bot authors to insert a variety of useful data about resources into the message. To learn more visit this page on using Jinja2.
  • For more information on actions that apply to "Notifications" check out the Integrations Overview for details.

πŸ“˜

Bot Actions - Order of Action

Bots may have more than one action. If a Bot has more than one action, those actions are executed in series, i.e., the topmost action executes first and when it is finished, the following action is executed, and so on until the list of actions has been completed.

Bots may also have specific actions for resources that match all of their filters as well as actions for those that do not.

  1. Choose *Run Options for when to your Bot.
  • The basic options for running your Bot are Reactive and Scheduled. You may choose one or more of these options.

Create Bot - Choosing When Your Bot Will Run

Reactive
The Bot will take action as a reaction to changes detected by harvesting. These changes are:

  • Resource Created - a new resource appears in a cloud account already connected to DivvyCloud, or any resource is discovered within a cloud account newly connected to DivvyCloud.
  • Resource Modified - a resource in an already-connected cloud account changes, e.g., you up-size or down-size an instance.
  • Resource Tags Modified - a resource tags is modified.
  • Resource Destroyed - an existing resource is destroyed.

Scheduled
The Bot will take action according to a recurring schedule, as specified.
(No Schedule, Hourly, Daily, Weekly, Monthly)

  • For example, you can specify that the Bot should run at nightly shutdown by selecting Daily and then specifying the time of nightly shutdown.

πŸ“˜

To Run Your Bot Immediately

Bots are created in a paused state. This is the default to allow you to review your Bot first--a DivvyCloud best practice--before running your Bot.

You can review your Bot using the Bot Overview window (see Overview of Your Bot below).

When you are ready to run your Bot, go to the Bot Listing tab, and select 'Resume' from the action submenu next to the name of your Bot. Then return to the action submenu and select 'On demand Scan'.

  1. Click Save to finish creating your Bot. After save you will be returned to the BotFactory main page. From here, click on your newly created Bot to review the settings.

Creating a Bot from a Template

Not sure how to use this?

Updated 4 days ago

Creating Bots


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.