Réponse automatisée aux fuites de clés AWS IAM via Slack et Claude AI
Avancé
Ceci est unAIworkflow d'automatisation du domainecontenant 40 nœuds.Utilise principalement des nœuds comme Set, Code, Merge, Slack, AwsIam, combinant la technologie d'intelligence artificielle pour une automatisation intelligente. Réponse automatisée aux fuites de clés AWS IAM, avec Slack et Claude AI
Prérequis
- •Token Bot Slack ou URL Webhook
- •Access Key et Secret AWS
- •Peut nécessiter les informations d'identification d'authentification de l'API cible
- •Clé API Anthropic
Nœuds utilisés (40)
Catégorie
Aperçu du workflow
Visualisation des connexions entre les nœuds, avec support du zoom et du déplacement
Exporter le workflow
Copiez la configuration JSON suivante dans n8n pour importer et utiliser ce workflow
{
"meta": {
"instanceId": "c62c01f3e843893075a10f252ec7d6d69e5ab593af019f50055d506cb3081b99",
"templateCredsSetupCompleted": true
},
"nodes": [
{
"id": "d5fa0dbd-41d5-402c-1234-1234567890",
"name": "🔑 Récupérer les clés d'accès utilisateur",
"type": "n8n-nodes-base.httpRequest",
"position": [
-1480,
380
],
"parameters": {
"url": "https://iam.amazonaws.com",
"method": "POST",
"options": {},
"sendBody": true,
"contentType": "form-urlencoded",
"authentication": "predefinedCredentialType",
"bodyParameters": {
"parameters": [
{
"name": "Action",
"value": "ListAccessKeys"
},
{
"name": "Version",
"value": "2010-05-08"
},
{
"name": "UserName",
"value": "={{ $json.UserName }}"
}
]
},
"nodeCredentialType": "aws"
},
"credentials": {
"aws": {
"id": "ABC123456789",
"name": "AWS account"
}
},
"typeVersion": 4.1
},
{
"id": "02461671-e2a2-4424-bfe8-fd74afc460c5",
"name": "📊 Analyser la réponse des clés d'accès",
"type": "n8n-nodes-base.code",
"position": [
-1260,
380
],
"parameters": {
"jsCode": "const result = {};\nlet counter = 1;\n\nfor (const item of items) {\n try {\n const response = item.json.body || item.json;\n const metadata = response?.ListAccessKeysResponse?.ListAccessKeysResult?.AccessKeyMetadata || [];\n\n for (const key of metadata) {\n const keyLabel = `AccessKey${counter}`;\n result[keyLabel] = {\n [`AccessKeyId${counter}`]: key.AccessKeyId,\n [`UserName${counter}`]: key.UserName,\n Status: key.Status,\n [`CreateDate${counter}`]: new Date(key.CreateDate * 1000).toISOString()\n };\n counter++;\n }\n } catch (error) {\n console.error('Error processing access keys:', error);\n }\n}\n\nreturn [{ json: result }];\n"
},
"typeVersion": 2
},
{
"id": "83640bea-3b16-4173-a486-bcbfe9cffddd",
"name": "🚫 Désactiver la clé compromise",
"type": "n8n-nodes-base.httpRequest",
"onError": "continueRegularOutput",
"position": [
-180,
900
],
"parameters": {
"url": "https://iam.amazonaws.com",
"method": "POST",
"options": {},
"sendBody": true,
"contentType": "form-urlencoded",
"authentication": "predefinedCredentialType",
"bodyParameters": {
"parameters": [
{
"name": "Action",
"value": "UpdateAccessKey"
},
{
"name": "Version",
"value": "2010-05-08"
},
{
"name": "UserName",
"value": "={{ $json.UserName }}"
},
{
"name": "AccessKeyId",
"value": "={{ $json.AccessKeyId }}"
},
{
"name": "Status",
"value": "Inactive"
}
]
},
"nodeCredentialType": "aws"
},
"credentials": {
"aws": {
"id": "ABC123456789",
"name": "AWS account"
}
},
"typeVersion": 4.1
},
{
"id": "d671f4f7-759f-4bd6-abc1-abc1234567",
"name": "📜 Auditer les politiques inline",
"type": "n8n-nodes-base.httpRequest",
"onError": "continueRegularOutput",
"position": [
-160,
1320
],
"parameters": {
"url": "https://iam.amazonaws.com",
"method": "POST",
"options": {},
"sendBody": true,
"contentType": "form-urlencoded",
"authentication": "predefinedCredentialType",
"bodyParameters": {
"parameters": [
{
"name": "Action",
"value": "ListUserPolicies"
},
{
"name": "Version",
"value": "2010-05-08"
},
{
"name": "UserName",
"value": "={{ $json.UserName }}"
}
]
},
"nodeCredentialType": "aws"
},
"credentials": {
"aws": {
"id": "ABC123456789",
"name": "AWS account"
}
},
"typeVersion": 4.2
},
{
"id": "6e6a912f-d043-44c0-abc1-abc123456789",
"name": "🔍 Auditer les politiques attachées",
"type": "n8n-nodes-base.httpRequest",
"position": [
-160,
1680
],
"parameters": {
"url": "https://iam.amazonaws.com",
"method": "POST",
"options": {},
"sendBody": true,
"contentType": "form-urlencoded",
"authentication": "predefinedCredentialType",
"bodyParameters": {
"parameters": [
{
"name": "Action",
"value": "ListAttachedUserPolicies"
},
{
"name": "Version",
"value": "2010-05-08"
},
{
"name": "UserName",
"value": "={{ $json.UserName }}"
}
]
},
"nodeCredentialType": "aws"
},
"credentials": {
"aws": {
"id": "ABC123456789",
"name": "AWS account"
}
},
"typeVersion": 4.2
},
{
"id": "9fc7c861-a714-4b24-b19d-7d163c8e6a4d",
"name": "🛡️ Générer une politique d'invalidation",
"type": "n8n-nodes-base.httpRequest",
"onError": "continueRegularOutput",
"position": [
-200,
480
],
"parameters": {
"url": "https://iam.amazonaws.com",
"method": "POST",
"options": {},
"sendBody": true,
"contentType": "form-urlencoded",
"authentication": "predefinedCredentialType",
"bodyParameters": {
"parameters": [
{
"name": "Action",
"value": "CreatePolicy"
},
{
"name": "PolicyDocument",
"value": "={\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Sid\": \"DenyExpiredSessions\",\n \"Effect\": \"Deny\",\n \"Action\": \"*\",\n \"Resource\": \"*\",\n \"Condition\": {\n \"DateLessThan\": {\n \"aws:TokenIssueTime\": \"{{ $now.minus({ days: 3 }).toISO() }}\"\n }\n }\n }]\n}\n"
},
{
"name": "PolicyName",
"value": "=Invalidating-Temporary-Security-Credentials-{{ $now.toFormat('yyyy-MM-dd') + '-' + Math.random().toString(36).substring(2, 8).toUpperCase() }}"
},
{
"name": "Version",
"value": "2010-05-08"
}
]
},
"nodeCredentialType": "aws"
},
"credentials": {
"aws": {
"id": "ABC123456789",
"name": "AWS account"
}
},
"typeVersion": 4.2
},
{
"id": "df0f64b3-95cf-48ef-b2a9-fe035d3e14ad",
"name": "🔗 Appliquer la politique de sécurité",
"type": "n8n-nodes-base.httpRequest",
"onError": "continueRegularOutput",
"position": [
340,
60
],
"parameters": {
"url": "https://iam.amazonaws.com",
"method": "POST",
"options": {},
"sendBody": true,
"contentType": "form-urlencoded",
"authentication": "predefinedCredentialType",
"bodyParameters": {
"parameters": [
{
"name": "Action",
"value": "AttachUserPolicy"
},
{
"name": "PolicyArn",
"value": "={{ $json.CreatePolicyResponse.CreatePolicyResult.Policy.Arn }}"
},
{
"name": "Version",
"value": "2010-05-08"
},
{
"name": "UserName",
"value": "={{ $('✅ Approved Compromise Data').item.json.UserName }}"
}
]
},
"nodeCredentialType": "aws"
},
"credentials": {
"aws": {
"id": "ABC123456789",
"name": "AWS account"
}
},
"typeVersion": 4.2
},
{
"id": "c4ec2ef4-7db8-4189-877b-abc1234567890",
"name": "📤 Extraire les noms des politiques inline",
"type": "n8n-nodes-base.splitOut",
"onError": "continueRegularOutput",
"position": [
60,
1320
],
"parameters": {
"options": {},
"fieldToSplitOut": "ListUserPoliciesResponse.ListUserPoliciesResult.PolicyNames"
},
"typeVersion": 1
},
{
"id": "07ab67a9-146d-4576-8afa-a128cf62974f",
"name": "🔄 Traiter par lots les politiques inline",
"type": "n8n-nodes-base.splitInBatches",
"position": [
280,
1320
],
"parameters": {
"options": {}
},
"typeVersion": 3
},
{
"id": "ff91b356-3771-463f-8593-82a0396c6514",
"name": "🔄 Traiter par lots les politiques attachées",
"type": "n8n-nodes-base.splitInBatches",
"position": [
280,
1700
],
"parameters": {
"options": {}
},
"typeVersion": 3
},
{
"id": "e1344921-481a-467b-9240-72b80e8f8ef9",
"name": "📤 Extraire la liste des politiques attachées",
"type": "n8n-nodes-base.splitOut",
"position": [
60,
1680
],
"parameters": {
"options": {},
"fieldToSplitOut": "ListAttachedUserPoliciesResponse.ListAttachedUserPoliciesResult.AttachedPolicies"
},
"typeVersion": 1
},
{
"id": "c884daa9-f96f-40c7-8fd0-3a00612bf431",
"name": "🤖 Analyse de sécurité par IA",
"type": "@n8n/n8n-nodes-langchain.agent",
"onError": "continueRegularOutput",
"position": [
2400,
980
],
"parameters": {
"text": "={{ JSON.stringify($json.data, null, 2) }}",
"options": {
"systemMessage": "# AWS Key Compromise Response Summary Prompt\n\nYou are an AWS security analyst. Your task is to analyze the key compromise response actions and provide a simple, clear summary of what happened and the current security status.\n\n## Instructions\n\nFollow these instructions precisely:\n\n### 1. Analysis Output Format\n\nOutput your analysis wrapped exactly between these tags, inside a fenced code block:\n```\n...your simple analysis here...\n```\n\n### 2. Keep It Simple - Focus Only On:\n\n#### Key Compromise Response Summary\n- **What happened**: Brief description of the compromise\n- **Actions taken**: Key deactivation, policy creation, and attachment status\n- **Current status**: Whether the response was successful\n- **Risk level**: Simple HIGH/MEDIUM/LOW assessment\n\n#### Essential Details Only\n- **User affected**: Username and access key ID\n- **Response actions**: What automated actions were completed\n- **Security status**: Current protection level after response\n- **Next steps**: 1-2 simple recommendations if needed\n\n### 3. Policy Analysis Guidelines\n\n**Ignore all policy version metadata** fields — if you see `versionId`, `isDefault`, `createDate`, or the `\"Version\"` field inside `decodedPolicy`, do **not** mention or interpret these as security findings; focus **only** on the actual policy statements and actions.\n\n### 4. Slack-Compatible Report\n\nAfter the fenced code block, output a Slack-compatible report using **ONLY** the following supported Slack Markdown formats:\n\n#### Supported Slack Markdown Elements:\n- **Bold text:** `*bold text*` (asterisks)\n- **Italic text:** `_italic text_` (underscores)\n- **Strikethrough:** `~strikethrough~` (tildes)\n- **Inline code:** `code` (single backticks)\n- **Code blocks:** ``` (three backticks)\n- **Block quotes:** `> quoted text` (greater than symbol)\n- **Bulleted lists:** `* item` or `• item` (asterisk or bullet)\n- **Ordered lists:** `1. item` (number and period)\n- **Links:** `<https://example.com|Link Text>` (angle brackets with pipe)\n\n#### Slack Report Format:\n\n🚨 *AWS Key Compromise Response Summary*\n\n👤 *Affected User*\n• User: username\n• Access Key: AKIA...\n\n✅ *Response Actions Completed*\n• 🚫 Access key deactivated\n• 🛡️ Security policy applied\n• ⏰ Temporary credentials invalidated\n\n📊 *Current Status*\n• Response: Successful/Failed\n• Risk Level: HIGH/MEDIUM/LOW\n• Account Secured: Yes/No\n\n💡 *Next Steps*\n• [1-2 simple recommendations or \"No further action needed\"]\n\n📅 *Incident Date*\n• YYYY-MM-DD\n\n_Automated security response completed_\n\n### 5. Simple Guidelines\n\n**Keep it simple:**\n• Use clear, non-technical language\n• Focus on what happened and current status\n• Avoid complex security jargon\n• Provide actionable next steps only if needed\n• Keep the summary under 200 words\n\n### 6. What to Look For in the Data\n\n- **User information**: Username and access key ID\n- **Key deactivation**: Whether the access key was successfully disabled\n- **Policy creation**: Whether security policies were created and attached\n- **Response status**: Overall success or failure of the automated response\n\nThis prompt is designed to provide simple, clear summaries of AWS key compromise response actions for business stakeholders."
},
"promptType": "define"
},
"typeVersion": 2
},
{
"id": "3eae5e83-a978-44eb-814e-ca97d32bcde0",
"name": "🔀 Fusionner les données de réponse",
"type": "n8n-nodes-base.merge",
"position": [
1940,
920
],
"parameters": {
"numberInputs": 6
},
"typeVersion": 3.2
},
{
"id": "45f1ed8f-e1cd-45ff-a70b-96e4ffa5dbb4",
"name": "📦 Agréger les résultats finaux",
"type": "n8n-nodes-base.aggregate",
"position": [
2180,
980
],
"parameters": {
"options": {},
"aggregate": "aggregateAllItemData"
},
"typeVersion": 1
},
{
"id": "9880aa6e-5475-467f-9281-64c42b3d7898",
"name": "📋 Récupérer les métadonnées de la politique",
"type": "n8n-nodes-base.httpRequest",
"position": [
500,
1760
],
"parameters": {
"url": "https://iam.amazonaws.com",
"method": "POST",
"options": {},
"sendBody": true,
"contentType": "form-urlencoded",
"authentication": "predefinedCredentialType",
"bodyParameters": {
"parameters": [
{
"name": "Action",
"value": "GetPolicy"
},
{
"name": "Version",
"value": "=2010-05-08"
},
{
"name": "PolicyArn",
"value": "={{ $json.PolicyArn }}"
}
]
},
"nodeCredentialType": "aws"
},
"credentials": {
"aws": {
"id": "ABC123456789",
"name": "AWS account"
}
},
"typeVersion": 4.2
},
{
"id": "fa82af49-be87-4579-a6fc-68b14e16b1aa",
"name": "📄 Récupérer le document de la politique",
"type": "n8n-nodes-base.httpRequest",
"position": [
720,
1760
],
"parameters": {
"url": "https://iam.amazonaws.com",
"method": "POST",
"options": {},
"sendBody": true,
"contentType": "form-urlencoded",
"authentication": "predefinedCredentialType",
"bodyParameters": {
"parameters": [
{
"name": "Action",
"value": "GetPolicyVersion"
},
{
"name": "Version",
"value": "2010-05-08"
},
{
"name": "=PolicyArn",
"value": "={{ $json.GetPolicyResponse.GetPolicyResult.Policy.Arn }}"
},
{
"name": "=VersionId",
"value": "={{ $json.GetPolicyResponse.GetPolicyResult.Policy.DefaultVersionId }}"
}
]
},
"nodeCredentialType": "aws"
},
"credentials": {
"aws": {
"id": "ABC123456789",
"name": "AWS account"
}
},
"typeVersion": 4.2
},
{
"id": "b1abafca-5443-4dc5-992e-7210296b27ca",
"name": "📜 Récupérer les détails de la politique inline",
"type": "n8n-nodes-base.httpRequest",
"position": [
520,
1360
],
"parameters": {
"url": "https://iam.amazonaws.com",
"method": "POST",
"options": {},
"sendBody": true,
"contentType": "form-urlencoded",
"authentication": "predefinedCredentialType",
"bodyParameters": {
"parameters": [
{
"name": "Action",
"value": "GetUserPolicy"
},
{
"name": "Version",
"value": "2010-05-08"
},
{
"name": "UserName",
"value": "={{ $('📝 Secure Form: Key Compromise Input').item.json.Username }}"
},
{
"name": "=PolicyName",
"value": "={{ $json[\"ListUserPoliciesResponse.ListUserPoliciesResult.PolicyNames\"] }}"
}
]
},
"nodeCredentialType": "aws"
},
"credentials": {
"aws": {
"id": "ABC123456789",
"name": "AWS account"
}
},
"typeVersion": 4.2
},
{
"id": "68ad6474-1a28-4c1d-9708-911e3475da7d",
"name": "🔓 Analyser la politique inline JSON",
"type": "n8n-nodes-base.code",
"position": [
720,
1360
],
"parameters": {
"jsCode": "// Sample input (you'll usually get this from n8n's input)\nconst inputItems = $input.all();\n\nconst decodedPolicies = inputItems.map(item => {\n const encoded = item.json?.GetUserPolicyResponse?.GetUserPolicyResult?.PolicyDocument;\n let decoded = null;\n let parsed = null;\n\n try {\n decoded = decodeURIComponent(encoded);\n parsed = JSON.parse(decoded);\n } catch (e) {\n // Fallback if decoding or parsing fails\n parsed = { error: 'Invalid or undecodable policy document' };\n }\n\n return {\n json: {\n user: item.json?.GetUserPolicyResponse?.GetUserPolicyResult?.UserName || 'unknown',\n policyName: item.json?.GetUserPolicyResponse?.GetUserPolicyResult?.PolicyName || 'unknown',\n decodedPolicy: parsed\n }\n };\n});\n\nreturn decodedPolicies;\n"
},
"typeVersion": 2
},
{
"id": "d3cf69d7-15ba-4ec9-b463-6223ed3959eb",
"name": "🔓 Analyser la politique attachée JSON",
"type": "n8n-nodes-base.code",
"position": [
900,
1760
],
"parameters": {
"jsCode": "const inputItems = $input.all();\n\nconst decodedPolicies = inputItems.map(item => {\n const encoded = item.json?.GetPolicyVersionResponse?.GetPolicyVersionResult?.PolicyVersion?.Document;\n let decoded = null;\n let parsed = null;\n\n try {\n decoded = decodeURIComponent(encoded);\n parsed = JSON.parse(decoded);\n } catch (e) {\n parsed = { error: 'Invalid or undecodable policy document' };\n }\n\n return {\n json: {\n versionId: item.json?.GetPolicyVersionResponse?.GetPolicyVersionResult?.PolicyVersion?.VersionId || 'unknown',\n isDefault: item.json?.GetPolicyVersionResponse?.GetPolicyVersionResult?.PolicyVersion?.IsDefaultVersion || false,\n createDate: item.json?.GetPolicyVersionResponse?.GetPolicyVersionResult?.PolicyVersion?.CreateDate || null,\n decodedPolicy: parsed\n }\n };\n});\n\nreturn decodedPolicies;\n"
},
"typeVersion": 2
},
{
"id": "9b3a898c-70be-4fb1-905d-e29a92e89772",
"name": "⚡ Routeur de politiques inline",
"type": "n8n-nodes-base.noOp",
"position": [
920,
1360
],
"parameters": {},
"typeVersion": 1
},
{
"id": "9402330b-7f94-4fbc-ba49-38e668e59abe",
"name": "⚡ Routeur de politiques attachées",
"type": "n8n-nodes-base.noOp",
"position": [
1100,
1760
],
"parameters": {},
"typeVersion": 1
},
{
"id": "0d40fba1-568e-41db-8d58-170df5f0a927",
"name": "💬 Notifier l'équipe de sécurité",
"type": "n8n-nodes-base.slack",
"position": [
2760,
980
],
"webhookId": "981a72f0-c86f-46ba-ba1c-96e05fd35b2e",
"parameters": {
"text": "=🚫 AWS Key Compromise Summary\n\n {{ $json.output }}",
"select": "channel",
"channelId": {
"__rl": true,
"mode": "id",
"value": "ABC1234567890"
},
"otherOptions": {}
},
"credentials": {
"slackApi": {
"id": "ABC123456789",
"name": "Slack account"
}
},
"typeVersion": 2.3
},
{
"id": "89b5bf1b-081c-46e9-b634-eb4e95a6e2a9",
"name": "🧠 Moteur IA Claude",
"type": "@n8n/n8n-nodes-langchain.lmChatAnthropic",
"position": [
2420,
1200
],
"parameters": {
"model": {
"__rl": true,
"mode": "list",
"value": "claude-3-7-sonnet-20250219",
"cachedResultName": "Claude Sonnet 3.7"
},
"options": {}
},
"credentials": {
"anthropicApi": {
"id": "ABC123456789",
"name": "Anthropic account"
}
},
"typeVersion": 1.3
},
{
"id": "bec15d6b-2869-4784-b55d-c1cb8a1644d9",
"name": "Note adhésive",
"type": "n8n-nodes-base.stickyNote",
"position": [
-420,
1600
],
"parameters": {
"width": 1840,
"height": 400,
"content": "## 🔄 Process Each Attached Policy"
},
"typeVersion": 1
},
{
"id": "06904eef-ed07-4b84-a4b9-c5f9defb384d",
"name": "Note adhésive1",
"type": "n8n-nodes-base.stickyNote",
"position": [
-420,
1180
],
"parameters": {
"width": 1840,
"height": 400,
"content": "## 🔄 Process Each Inline Policy"
},
"typeVersion": 1
},
{
"id": "ca8a044a-211a-4548-86e6-f2ae758b97f1",
"name": "Note adhésive2",
"type": "n8n-nodes-base.stickyNote",
"position": [
-420,
760
],
"parameters": {
"width": 1840,
"height": 400,
"content": "## 🚫 Disable Compromised Key"
},
"typeVersion": 1
},
{
"id": "22145ce8-1fcb-4e7d-977a-5e3758a4b635",
"name": "Note adhésive3",
"type": "n8n-nodes-base.stickyNote",
"position": [
-420,
340
],
"parameters": {
"width": 1840,
"height": 400,
"content": "## 🛠 Create Security Policy [Invalidating-Temporary-Security-Credentials]"
},
"typeVersion": 1
},
{
"id": "f4100d07-40db-41da-a60c-3770fc8dbba3",
"name": "Note adhésive4",
"type": "n8n-nodes-base.stickyNote",
"position": [
-420,
-80
],
"parameters": {
"width": 1840,
"height": 400,
"content": "## 🔗 Attach Security Policy [Invalidating-Temporary-Security-Credentials]]"
},
"typeVersion": 1
},
{
"id": "b0bac576-f2ab-4d58-b1f6-1fb70a620649",
"name": "Note adhésive5",
"type": "n8n-nodes-base.stickyNote",
"position": [
1700,
700
],
"parameters": {
"color": 5,
"width": 1320,
"height": 740,
"content": "## 🤖 Generate Security Report"
},
"typeVersion": 1
},
{
"id": "489444dd-c8ab-444e-ac11-aef48061650b",
"name": "Note adhésive6",
"type": "n8n-nodes-base.stickyNote",
"position": [
-2260,
780
],
"parameters": {
"color": 3,
"width": 720,
"height": 400,
"content": "# ✏️ Manual Entry: UserName & AccessKeyId"
},
"typeVersion": 1
},
{
"id": "3f524117-9a16-4e3c-9c9b-b365af4d51c7",
"name": "Note adhésive7",
"type": "n8n-nodes-base.stickyNote",
"position": [
-2080,
240
],
"parameters": {
"width": 1360,
"height": 400,
"content": "## 🔍 Retrieve IAM Key Info"
},
"typeVersion": 1
},
{
"id": "e3bf53dd-84dd-48aa-af4a-0352e30ea4ba",
"name": "🔍 Service IAM AWS",
"type": "n8n-nodes-base.awsIam",
"position": [
-1700,
380
],
"parameters": {
"returnAll": true,
"requestOptions": {},
"additionalFields": {}
},
"credentials": {
"aws": {
"id": "ABC123456789",
"name": "AWS account"
}
},
"typeVersion": 1
},
{
"id": "4be7829d-c736-4125-aaa6-f75118e98c17",
"name": "🔔 Demander une approbation humaine",
"type": "n8n-nodes-base.slack",
"position": [
-1320,
940
],
"webhookId": "93b4ba77-b68e-4393-b4a8-4fac3f7f00ae",
"parameters": {
"user": {
"__rl": true,
"mode": "id",
"value": "ABC1234567890"
},
"message": "=🛡️ Approval Request: AWS IAM Key Compromise Response\n\nUser: {{ $json.UserName }}\nAccess Key ID: {{ $json.AccessKeyId }}\nDate: {{ $json.Date }}\n\nPlease review and approve the remediation action.",
"options": {},
"operation": "sendAndWait"
},
"credentials": {
"slackApi": {
"id": "ABC123456789",
"name": "Slack account"
}
},
"typeVersion": 2.3,
"alwaysOutputData": true
},
{
"id": "1db4a332-df13-494b-87e6-1226f8d89b3f",
"name": "Note adhésive8",
"type": "n8n-nodes-base.stickyNote",
"position": [
-1480,
780
],
"parameters": {
"color": 4,
"width": 420,
"height": 400,
"content": "# ✏️ Human in the loop\n## Wait for approval or human input before continuing"
},
"typeVersion": 1
},
{
"id": "296666c1-c6dd-451e-b9d6-a799634ac9ae",
"name": "✅ Données de compromission approuvées",
"type": "n8n-nodes-base.set",
"position": [
-880,
940
],
"parameters": {
"options": {},
"assignments": {
"assignments": [
{
"id": "ad40b317-c48b-4814-b06b-6aced6ab5174",
"name": "UserName",
"type": "string",
"value": "={{ $('📝 Secure Form: Key Compromise Input').item.json.Username }}"
},
{
"id": "a5b68025-b2cc-42d6-aae8-527bd46dad41",
"name": "AccessKeyId",
"type": "string",
"value": "={{ $('📝 Secure Form: Key Compromise Input').item.json.AccessKeyID }}"
},
{
"id": "23551fee-041c-4822-9957-da228b721bc1",
"name": "Date",
"type": "string",
"value": "={{ new Date().toISOString().split(\"T\")[0] }}"
}
]
}
},
"typeVersion": 3.4
},
{
"id": "95eb48d4-ef3f-410b-b2d8-815e9083e5e4",
"name": "Note adhésive9",
"type": "n8n-nodes-base.stickyNote",
"position": [
-1020,
780
],
"parameters": {
"color": 4,
"width": 420,
"height": 400,
"content": "# ✏️ Selected UserName & AccessKeyId"
},
"typeVersion": 1
},
{
"id": "2b792970-ebae-4e60-86b3-1780c45948e5",
"name": "🔧 Traiter la soumission du formulaire",
"type": "n8n-nodes-base.set",
"position": [
-1820,
940
],
"parameters": {
"options": {},
"assignments": {
"assignments": [
{
"id": "ad40b317-c48b-4814-b06b-6aced6ab5174",
"name": "UserName",
"type": "string",
"value": "={{ $json.Username }}"
},
{
"id": "a5b68025-b2cc-42d6-aae8-527bd46dad41",
"name": "AccessKeyId",
"type": "string",
"value": "={{ $json.AccessKeyID }}"
},
{
"id": "23551fee-041c-4822-9957-da228b721bc1",
"name": "Date",
"type": "string",
"value": "={{ new Date().toISOString().split(\"T\")[0] }}"
}
]
}
},
"typeVersion": 3.4
},
{
"id": "987b3736-c325-4fe5-8d70-f14b9f5955d8",
"name": "🔍 Déclencheur de recherche manuelle de clé",
"type": "n8n-nodes-base.manualTrigger",
"position": [
-1920,
380
],
"parameters": {},
"typeVersion": 1
},
{
"id": "97bb3007-1143-4a13-9adf-811e1268db4f",
"name": "📝 Formulaire sécurisé : Saisie de compromission de clé",
"type": "n8n-nodes-base.formTrigger",
"position": [
-2100,
940
],
"webhookId": "f3d8ce11-9e3f-46c3-ba17-221674b9dd6e",
"parameters": {
"options": {},
"formTitle": "🚨 Automated AWS IAM Key Compromise Response Input",
"formFields": {
"values": [
{
"fieldLabel": "Username",
"requiredField": true
},
{
"fieldLabel": "AccessKeyID",
"requiredField": true
}
]
},
"authentication": "basicAuth"
},
"credentials": {
"httpBasicAuth": {
"id": "pmJaCcMGEkPDYowB",
"name": "Basic Auth Webhook credential"
}
},
"typeVersion": 2.2
},
{
"id": "33cd00aa-6027-4b3b-b373-c802ac6bf17d",
"name": "⚡ Aucune opération, ne rien faire",
"type": "n8n-nodes-base.noOp",
"position": [
-1040,
380
],
"parameters": {},
"typeVersion": 1
}
],
"pinData": {},
"connections": {
"e3bf53dd-84dd-48aa-af4a-0352e30ea4ba": {
"main": [
[
{
"node": "d5fa0dbd-41d5-402c-1234-1234567890",
"type": "main",
"index": 0
}
]
]
},
"89b5bf1b-081c-46e9-b634-eb4e95a6e2a9": {
"ai_languageModel": [
[
{
"node": "c884daa9-f96f-40c7-8fd0-3a00612bf431",
"type": "ai_languageModel",
"index": 0
}
]
]
},
"9b3a898c-70be-4fb1-905d-e29a92e89772": {
"main": [
[
{
"node": "07ab67a9-146d-4576-8afa-a128cf62974f",
"type": "main",
"index": 0
}
]
]
},
"3eae5e83-a978-44eb-814e-ca97d32bcde0": {
"main": [
[
{
"node": "45f1ed8f-e1cd-45ff-a70b-96e4ffa5dbb4",
"type": "main",
"index": 0
}
]
]
},
"c884daa9-f96f-40c7-8fd0-3a00612bf431": {
"main": [
[
{
"node": "0d40fba1-568e-41db-8d58-170df5f0a927",
"type": "main",
"index": 0
}
]
]
},
"9402330b-7f94-4fbc-ba49-38e668e59abe": {
"main": [
[
{
"node": "ff91b356-3771-463f-8593-82a0396c6514",
"type": "main",
"index": 0
}
]
]
},
"9880aa6e-5475-467f-9281-64c42b3d7898": {
"main": [
[
{
"node": "fa82af49-be87-4579-a6fc-68b14e16b1aa",
"type": "main",
"index": 0
}
]
]
},
"d671f4f7-759f-4bd6-abc1-abc1234567": {
"main": [
[
{
"node": "c4ec2ef4-7db8-4189-877b-abc1234567890",
"type": "main",
"index": 0
}
]
]
},
"df0f64b3-95cf-48ef-b2a9-fe035d3e14ad": {
"main": [
[
{
"node": "3eae5e83-a978-44eb-814e-ca97d32bcde0",
"type": "main",
"index": 0
}
]
]
},
"d5fa0dbd-41d5-402c-1234-1234567890": {
"main": [
[
{
"node": "02461671-e2a2-4424-bfe8-fd74afc460c5",
"type": "main",
"index": 0
}
]
]
},
"4be7829d-c736-4125-aaa6-f75118e98c17": {
"main": [
[
{
"node": "296666c1-c6dd-451e-b9d6-a799634ac9ae",
"type": "main",
"index": 0
}
]
]
},
"296666c1-c6dd-451e-b9d6-a799634ac9ae": {
"main": [
[
{
"node": "9fc7c861-a714-4b24-b19d-7d163c8e6a4d",
"type": "main",
"index": 0
},
{
"node": "83640bea-3b16-4173-a486-bcbfe9cffddd",
"type": "main",
"index": 0
},
{
"node": "3eae5e83-a978-44eb-814e-ca97d32bcde0",
"type": "main",
"index": 3
},
{
"node": "d671f4f7-759f-4bd6-abc1-abc1234567",
"type": "main",
"index": 0
},
{
"node": "6e6a912f-d043-44c0-abc1-abc123456789",
"type": "main",
"index": 0
}
]
]
},
"45f1ed8f-e1cd-45ff-a70b-96e4ffa5dbb4": {
"main": [
[
{
"node": "c884daa9-f96f-40c7-8fd0-3a00612bf431",
"type": "main",
"index": 0
}
]
]
},
"6e6a912f-d043-44c0-abc1-abc123456789": {
"main": [
[
{
"node": "e1344921-481a-467b-9240-72b80e8f8ef9",
"type": "main",
"index": 0
}
]
]
},
"2b792970-ebae-4e60-86b3-1780c45948e5": {
"main": [
[
{
"node": "4be7829d-c736-4125-aaa6-f75118e98c17",
"type": "main",
"index": 0
}
]
]
},
"fa82af49-be87-4579-a6fc-68b14e16b1aa": {
"main": [
[
{
"node": "d3cf69d7-15ba-4ec9-b463-6223ed3959eb",
"type": "main",
"index": 0
}
]
]
},
"68ad6474-1a28-4c1d-9708-911e3475da7d": {
"main": [
[
{
"node": "9b3a898c-70be-4fb1-905d-e29a92e89772",
"type": "main",
"index": 0
}
]
]
},
"02461671-e2a2-4424-bfe8-fd74afc460c5": {
"main": [
[
{
"node": "33cd00aa-6027-4b3b-b373-c802ac6bf17d",
"type": "main",
"index": 0
}
]
]
},
"987b3736-c325-4fe5-8d70-f14b9f5955d8": {
"main": [
[
{
"node": "e3bf53dd-84dd-48aa-af4a-0352e30ea4ba",
"type": "main",
"index": 0
}
]
]
},
"d3cf69d7-15ba-4ec9-b463-6223ed3959eb": {
"main": [
[
{
"node": "9402330b-7f94-4fbc-ba49-38e668e59abe",
"type": "main",
"index": 0
}
]
]
},
"83640bea-3b16-4173-a486-bcbfe9cffddd": {
"main": [
[
{
"node": "3eae5e83-a978-44eb-814e-ca97d32bcde0",
"type": "main",
"index": 2
}
]
]
},
"c4ec2ef4-7db8-4189-877b-abc1234567890": {
"main": [
[
{
"node": "07ab67a9-146d-4576-8afa-a128cf62974f",
"type": "main",
"index": 0
}
]
]
},
"e1344921-481a-467b-9240-72b80e8f8ef9": {
"main": [
[
{
"node": "ff91b356-3771-463f-8593-82a0396c6514",
"type": "main",
"index": 0
}
]
]
},
"07ab67a9-146d-4576-8afa-a128cf62974f": {
"main": [
[
{
"node": "3eae5e83-a978-44eb-814e-ca97d32bcde0",
"type": "main",
"index": 4
}
],
[
{
"node": "b1abafca-5443-4dc5-992e-7210296b27ca",
"type": "main",
"index": 0
}
]
]
},
"b1abafca-5443-4dc5-992e-7210296b27ca": {
"main": [
[
{
"node": "68ad6474-1a28-4c1d-9708-911e3475da7d",
"type": "main",
"index": 0
}
]
]
},
"ff91b356-3771-463f-8593-82a0396c6514": {
"main": [
[
{
"node": "3eae5e83-a978-44eb-814e-ca97d32bcde0",
"type": "main",
"index": 5
}
],
[
{
"node": "9880aa6e-5475-467f-9281-64c42b3d7898",
"type": "main",
"index": 0
}
]
]
},
"9fc7c861-a714-4b24-b19d-7d163c8e6a4d": {
"main": [
[
{
"node": "df0f64b3-95cf-48ef-b2a9-fe035d3e14ad",
"type": "main",
"index": 0
},
{
"node": "3eae5e83-a978-44eb-814e-ca97d32bcde0",
"type": "main",
"index": 1
}
]
]
},
"97bb3007-1143-4a13-9adf-811e1268db4f": {
"main": [
[
{
"node": "2b792970-ebae-4e60-86b3-1780c45948e5",
"type": "main",
"index": 0
}
]
]
}
}
}Foire aux questions
Comment utiliser ce workflow ?
Copiez le code de configuration JSON ci-dessus, créez un nouveau workflow dans votre instance n8n et sélectionnez "Importer depuis le JSON", collez la configuration et modifiez les paramètres d'authentification selon vos besoins.
Dans quelles scénarios ce workflow est-il adapté ?
Avancé - Intelligence Artificielle
Est-ce payant ?
Ce workflow est entièrement gratuit et peut être utilisé directement. Veuillez noter que les services tiers utilisés dans le workflow (comme l'API OpenAI) peuvent nécessiter un paiement de votre part.
Workflows recommandés
Générateur de contenu WordPress v3
Générateur de contenu WordPress v3
If
Set
Code
+
If
Set
Code
102 NœudsAlex Kim
Intelligence Artificielle
Explorer les nœuds n8n dans la bibliothèque de références visuelles
Explorer les nœuds n8n dans la base de références visuelles
If
Ftp
Set
+
If
Ftp
Set
113 NœudsI versus AI
Autres
Automatisation de la planification des sprints d'équipes agiles
Automatiser la planification des sprints pour les équipes agiles avec OpenAI, Google Agenda et Gmail
If
Set
Code
+
If
Set
Code
52 NœudsWillemijn
Produit
Extraction et enrichissement de commentaires LinkedIn en prospects via Apify vers Google Sheets/CSV
Extraire et enrichir les commentaires LinkedIn en leads via Apify→Google Sheets/CSV
If
Set
Code
+
If
Set
Code
39 NœudsSaverflow AI
Ventes
Agent de recherche de blog
Générer des rapports de recherche approfondie au format Markdown avec GPT, Tavily Search et Google Sheets
Set
Code
Merge
+
Set
Code
Merge
36 NœudsArchit Jain
Blocs de construction
Agent de recherche en profondeur AI auto-hébergé avec n8n, Apify et OpenAI o3
Agent d'analyse IA auto-hébergé, profond et auto-hébergé, utilisant n8n, Apify et OpenAI o3
If
Set
Code
+
If
Set
Code
87 NœudsJimleuk
Intelligence Artificielle
Informations sur le workflow
Niveau de difficulté
Avancé
Nombre de nœuds40
Catégorie1
Types de nœuds15
Description de la difficulté
Auteur
Niranjan G
@niranjanCybersecurity leader turning complex workflows into seamless, AI-driven automations.
Liens externes
Voir sur n8n.io →
Partager ce workflow