Include link to AWS Guardduty Finding Type docs in Bugzilla alert text

Question

Include link to AWS Guardduty Finding Type docs in Bugzilla alert text

ajvb opened this issue 5 years ago · 1 comments

As an example, have a link to https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_stealth.html within the alert body (https://bugzilla.mozilla.org/show_bug.cgi?id=1626813#c35) since the finding type is Stealth:IAMUser/CloudTrailLoggingDisabled

Answer 1 · 2020-05-20T21:53:59.000Z

worth noting here that a naive implementation would be to just do:

if (f.getType() != null) {
    urlTemplate = "https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_%s.html";
    docsURL = String.format(urlTemplate, f.getType().toLowerCase());
    a.addMetadata(AlertMeta.Key.FINDING_DOCS, docsURL) // note FINDING_DOCS doesnt exist
}

...however the pattern above won't work for CryptoCurrency and ResourceConsumption type findings, whose docs URLs use the finding type "crypto" and "resource" respectively. (instead of "cryptocurrency" and "resourceconsumption").

checking for these two findings specifically would do it, but if they add new finding types in the future, they'll have to be addressed...