Remediate (internal draft)

Remediate

When you Select resource(s) and the Remediate option becomes available Bridgecrew prepares to remediate the selected resource(s).

19021902

Press Remediate.

Remediation Action Types

Depending on the type of Incident, you may be offered these types of Remediation:

A. Run Playbook
B. Open Fix PR
C. Managing Incidents in Multiple Cloud Accounts

📘

Note

In addition to these methods of Remediation, in some cases, the Guidelines detail steps that can be taken to Remediate an Incident using local access keys from your workstation.

A. Run Playbook

A Playbook is a set of steps that modify the configuration of your cloud environment in order to correct a Policy Violation. Not all incidents have corresponding Playbooks.

When a Playbook exists for the Incident, specific Playbook details are displayed.

17341734
  1. The name of the Playbook (for example, Security Groups Delete) will appear with the number of resources associated with it.
  2. When additional details are available, press Change Action for a pop-up display.
  3. The high-level description of the playbook is shown.

Run Playbook in Bridgecrew

Select the relevant Resources and press Remediate.

16961696

If you'd like to review the Playbook's code before running it, press </> and then Back .

Run Playbook Code from Workstation with Local Access Keys

Alternatively, you may prefer to copy the Playbook's code and run it from your workstation using local access keys.
For this approach:

  1. Press </> .
16961696
  1. Now you can either (a) Copy the Playbook code into your clipboard or (b) Download the Playbook code (it will be saved in a ".js" file).
890890
  1. Copy the CLI command and run it from the same directory where you saved the Playbook code.
890890
  1. Mark the Incident as Remediated.
17991799

📘

Note

If you download or copy the Playbook and Remediate from your workstation using local access keys but forget to Mark as Remediated, the Incident will appear on the next scan, but since it has actually been fixed, the number of Resources will be 0. This is to allow you to then Mark as Remediated.

B. Open Fix PR

Resources are grouped per Open Fix PR. All resources in a group may be selected for remediation. Alternatively, expand the group and select the resources you wish to remediate.

  1. Select Resources(s) to Remediate.
947947
  1. Press Remediate for Bridgecrew to create a Pull Request in Github with the Incident's details. Github will open in a new tab detailing the name of the Pull Request, details of the files changed and links to Details and Guidelines for the related Policy.

See an example in the image below.

947947

Alternatively, press Cancel.

C. Managing Incidents in Multiple Cloud Accounts