AliCloud Function action
AliCloud functions can be called when an automation stitch is triggered.
To configure an AliCloud function automation stitch in the GUI:
- Go to Security Fabric > Automation.
- Click Create New.
- Enter a name for the stitch, and select the FortiGate devices that it will be applied to.
- Select a trigger, such as Security Rating Summary.
- Select AliCloud Function and configure its settings.
Name
The action name.
Delay
The amount of time after the previous action before this action executes, in seconds (0 - 3600, default = 0).
HTTP URL
The HTTP URL, in the format:
{account id}.{region}.{domain}/{version}/proxy/{service}/{function}
The CLI must be used to manually enter the individual parameters.
Authorization
The authorization level: Anonymous, or Function.
AccessKey ID
The access key ID
This options is only available when Authorization is Function.
AccessKey Secret
The access key secret.
This options is only available when Authorization is Function.
HTTP header
The HTTP request header name and value. Multiple headers can be added.
+
Click to add another action.
Actions can be reorganized as needed by dragging and dropping.
- Click OK.
To configure an AliCloud function automation stitch in the CLI:
- Create an automation action:
config system automation-action edit "Ali-Action-1" set action-type alicloud-function set alicloud-account-id "0000000000000000" set alicloud-region "us-east-1" set alicloud-version "2099-99-99" set alicloud-service "test-function" set alicloud-function "echoBodyAuth" set alicloud-function-authorization function set alicloud-access-key-id "XXXXXxXXXXxxxxxx" set alicloud-access-key-secret xxxxxx next end
- Create an automation trigger:
config system automation-trigger edit "auto-ali" set event-type security-rating-summary next end
- Create the automation stitch:
config system automation-stitch edit "auto-ali" set trigger "auto-ali" set action "Ali-Action-1" next end
When the automation stitch is triggered, the FortiGate shows the stitch trigger time:
In AliCloud, the function log shows that the function was called, executed, and finished: