Configure the AWS Lambda script
You can configure the example code provided in multiple ways to get the information you want into Slack.
The key areas are the payload (where the Slack message is configured) and the filtering (where the Snyk information is processed).
Apart from these areas, you also configure the encryption and secret verification. Configuring these is beyond the scope of these instructions.
Filter the Snyk payload
The following code filters the Snyk payload.
Add as code:
The code does the following:
Checks for a valid project and issue
Iterates through the issues, checking if the severity is high or critical
Passes all the information you specify to the Slack message. Specify the information that you want.
You can modify the filter to cover only a specific CWE for example, or to allow all vulnerabilities.
Slack message format
The Slack payload is formatted in the messageSlack function as follows.
Snyk used Slack’s built-in block builder to design the payload in the desired format. With the block builder you can configure the JSON of the payload to display more information like the CWE, add more interactions, and even use the ignore API from Snyk to create an ignore button.
Last updated