This repository contains workflows for Relay. Feel free to use these workflows to get started.
| Category | Workflow | Integrations | Description | Try it! |
|---|---|---|---|---|
| Cost Optimization | Terminate EC2 instances without valid lifetime tag | aws-ec2 | Terminates EC2 instances not in compliance with a tagging policy: specifying a lifetime or termination_date tag. |
 |
| Cost Optimization | Delete unattached EBS volumes | aws-ebs | Deletes EBS volumes that are unattached | |
| Cost Optimization | Delete empty ELBv2 load balancers | aws-elbv2 | Deletes empty ELBv2 load balancers | |
| Cost Optimization | Delete unattached Azure Disks | azure-disks | Deletes Azure Disks that are unattached | |
| Cost Optimization | Delete untagged Azure Virtual Machines | azure-virtual-machines | Deletes Azure Virtual Machines that don't have any tags | |
| Cost Optimization | Delete empty Azure Load Balancers | azure-network | Deletes empty Azure Load Balancers | |
| Cost Optimization | Delete unused Azure Network Interfaces | azure-network | Deletes unused Azure Network Interfaces | |
| Cost Optimization | Delete GCP instances without valid lifetime tag | gcp | Deletes GCP instances not in compliance with a tagging policy: specifying a lifetime or termination_date tag. |
|
| Cost Optimization | Delete unattached GCP disks | gcp | Deletes GCP disks that are unattached | |
| Incident Response | When a Datadog event is received, send a message to Slack | datadog, slack | Sends a message to Slack when a Datadog event is received | |
| Incident Response | When a Datadog event is received, create a Jira issue | datadog, jira-server | Creates a Jira Server issue when a Datadog event is received | |
| Incident Response | When a PagerDuty incident is triggered, send a message to Slack | pagerduty, slack | Sends a message to Slack when a PagerDuty incident is triggered based on incident severity | |
| Incident Response | When a PagerDuty incident is triggered, create a Jira ticket | pagerduty, jira-server | Creates a Jira Server issue when a PagerDuty incident is triggered | |
| Incident Response | When a PagerDuty incident is triggered, send an SMS via Twilio | pagerduty, twilio | Deliver a custom notification via SMS when a PagerDuty incident is triggered | |
| Security | Stop untagged EC2 instances | aws-ec2 | Stops untagged EC2 instances | |
| Security | Restrict public WRITE S3 buckets | aws-s3 | Finds all buckets with public 'WRITE' permissions and marks them private |
|
| Security | Restrict public READ S3 buckets | aws-s3 | Finds all buckets with public 'READ' permissions and marks them private |
|
| Security | Restrict public WRITE_ACP S3 buckets | aws-s3 | Finds all buckets with public 'WRITE_ACP' permissions and marks them private |
|
| Security | Restrict public READ_ACP S3 buckets | aws-s3 | Finds all buckets with public 'READ_ACP' permissions and marks them private |
|
| Security | Restrict S3 buckets with READ access to all Authenticated Users | aws-s3 | Finds all buckets with 'READ' permissions to all Authenticated Users and marks them private |
|
| Security | Restrict S3 buckets with WRITE access to all Authenticated Users | aws-s3 | Finds all buckets with 'WRITE' permissions to all Authenticated Users and marks them private |
|
| Security | Restrict S3 buckets with READ_ACP access to all Authenticated Users | aws-s3 | Finds all buckets with 'READ_ACP' permissions to all Authenticated Users and marks them private |
|
| Security | Restrict S3 buckets with WRITE_ACP access to all Authenticated Users | aws-s3 | Finds all buckets with 'WRITE_ACP' permissions to all Authenticated Users and marks them private |
|
| Security | Remediate unencrypted S3 buckets | aws-s3 | Finds all unencrypted S3 buckets and encrypts them with default encryption | |
| Security | Remove unused EC2 key pairs | aws-ec2 | Finds all unused EC2 key pairs and deletes them | |
| Continuous Delivery | Run Terraform when Pull Request merged in GitHub | terraform, github | Run Terraform command {plan, apply, etc} when a Pull Request is merged to a repository in GitHub. | |
| Continuous Delivery | Update Kubernetes deployment image tag on Docker Hub push | Kubernetes | Updates a deployment image using a Docker Hub webhook to inform relay when a new Docker image is available | |
| Provisioning | Provision an EC2 instance and configure with a Bolt plan | aws-ec2 | Uses terraform to create and provision a new EC2 instance, then uses a remote Bolt plan to configure it |