이 콘텐츠는 선택한 언어로 제공되지 않습니다.
Chapter 14. Integrating with email
Configure Red Hat Advanced Cluster Security for Kubernetes (RHACS) to send alerts to a standard email provider.
You can use email as a notification method by forwarding alerts from RHACS to a standard email provider. To forward alerts from the RHACS platform to an email address, you can use either the Default Recipients or Deployment Annotations parameter.
You can use default recipients to send email to a standard and centralized team. To send email to a specific team who manages the deployment, use Deployment Annotations. To manage an audience by namespace, use Namespace Annotations.
You can define an audience to notify about policy violations that are associated with a deployment or namespace using annotation keys. If the deployment has an annotation, the annotation’s value overrides the default value. If the namespace has an annotation, the namespace’s value overrides the default value.
- If a deployment has an annotation key and a defined audience, an email is sent to the audience who is defined by the key.
- If a deployment does not have an annotation key, the namespace is checked for an annotation key and an email is sent to the defined audience.
- If no annotation keys exist, an email is sent to the default recipient that is defined in the integration.
14.1. Configuring the email plugin on Red Hat Advanced Cluster Security for Kubernetes platform
You can create a new integration in the Red Hat Advanced Cluster Security for Kubernetes platform by using the email notifier.
To use an annotation to dynamically determine an email recipient:
Add an annotation similar to the following example in your deployment YAML file, where email is the
Annotationkey that you specify in your email integration.annotations: email: <email_address>-
Use the annotation key
emailin the Annotation key for recipient field when you configure RHACS.
An annotation can be on the deployment or the namespace.
If you have configured the deployment or namespace with annotation, the RHACS platform sends the alert to the email specified in the annotation. Otherwise, it sends the alert to the default recipient.
Procedure
-
Navigate to Platform Configuration
Integrations. - Under the Notifier Integrations section, select Email.
- Select the New Integration icon.
- In the Integration Name field, enter a name for your email integration.
-
For Email Server, enter the address of your email server. The email server address is the fully qualified domain name and the port number. An example is
smtp.example.com:465. - Enter a username and password of a service account that is used for authentication.
- Optional: Specify the name of the sender, if it is different from the default value.
- Specify the email address that will receive the notifications in the Default Recipient box, or enter an annotation key for Annotation key for recipient.
Optional: Turn on the Disable TLS certificate validation (insecure) toggle to send email without TLS. You should not disable TLS unless you are using StartTLS.
NoteUse TLS for email notifications. Without TLS, all email is sent unencrypted.
Optional: To use StartTLS, select either Login or Plain for the Use STARTTLS (Requires TLS To Be Disabled) drop-down menu.
ImportantWith StartTLS, credentials are passed in plain text to the email server before the session encryption is established.
-
StartTLS with the login parameter sends authentication credentials in a
base64encoded string. - StartTLS with the plain parameter sends authentication credentials to your mail relay in plain text.
-
StartTLS with the login parameter sends authentication credentials in a
14.2. Configuring policy notifications
Enable alert notifications for system policies.
Procedure
-
On the RHACS portal, navigate to Platform Configuration
Policies. - Select one or more policies for which you want to send alerts.
- Under Bulk actions, select Enable notification.
In the Enable notification window, select the Email notifier.
NoteIf you have not configured any other integrations, the system displays a message that no notifiers are configured.
- Click Enable.
- Red Hat Advanced Cluster Security for Kubernetes sends notifications on an opt-in basis. To receive notifications, you must first assign a notifier to the policy.
- Notifications are only sent once for a given alert. If you have assigned a notifier to a policy, you will not receive a notification unless a violation generates a new alert.
Red Hat Advanced Cluster Security for Kubernetes creates a new alert for the following scenarios:
- A policy violation occurs for the first time in a deployment.
- A runtime-phase policy violation occurs in a deployment after you resolved the previous runtime alert for a policy in that deployment.
