This project allows you to deploy a simple Microsoft Teams alerting system for AWS GuardDuty findings. When findings are updated, a CloudWatch rule is used to trigger a lambda function which formats and sends the messages.
Written for my blog post: Integrating AWS GuardDuty with Microsoft Teams.
- Terraform >= 0.14
- AWS CLI
- Clone this repository locally.
- Run
terraform --version
and ensure you have at least version 0.14 installed. - Check that you have a set of credentials configured for the AWS CLI. Note down the name of the relevant profile.
- Copy
terraform/terraform.tfvars.example
toterraform/terraform.tfvars
and modify the parameters to suit your needs (including the profile name from step 3). - Change directory to
terraform
and run the following commands:
terraform init
terraform apply
- After deployment, notifications for updated findings should begin appearing immediately.
The code in this repository is distributed under the terms of the ISC license.