Skip to content

Receive notifications in Zoom team Chat

Staying aware of expiring certificates and unhealthy certificate issuers is critical to protect machine identities and reduce the likelihood of certificate-related outages. Venafi Control Plane allows you to configure such notifications to be sent to Zoom Team Chat so that you can stay aware of potential problems.

This article describes how to configure Venafi Control Plane to send notifications to public or private Zoom Team Chat channels for the following issues:

  • Cert-manager unhealthy issuer state - Notifications when the cert-manager issuer enters an unhealthy state.
  • Cert-manager issuer health state restored - Notification when the cert-manager issuer is returned to a healthy state.
  • Cert-manager certificate resource unhealthy - Notification when the cert-issuer certificate resource is unhealthy.
  • Cert-manager certificate resource healthy state restored - Notification when the cert-manager certificate resource is returned to a healthy state.
  • Certificate expiration - Notification when a certificate is approaching configurable expiration thresholds.

This page walks you through the steps to integrate Venafi Control Plane with Zoom Team Chat and set up these notifications.

Configuration overview

To send notifications to Zoom Team Chat, you first need to set up an incoming webhook in Zoom Team Chat. Each Zoom Team Chat channel that will receive notifications requires its own incoming webhook.

After setting up the webhook, create a Zoom Team Chat provider in Venafi Control Plane. This step links Venafi Control Plane to the Zoom webhook. If you're sending notifications to multiple channels, you'll need to create a separate provider for each one.

Example

If you want to send cert-issuer notifications to one channel and certificate expiration notifications to another, set up a separate incoming webhook in Zoom for each channel. Then, create a corresponding provider in Venafi Control Plane for each webhook.

These two steps apply to all notification types. The final step depends on the specific type of notification you're configuring. Step 3 provides detailed instructions and examples for each type.

Before you begin

Add the Zoom Incoming Webhook extension to your organization. This needs to be done only once for your organization.

Step 1:

In this step, you'll set up one or more Zoom Team Chat channels to receive notifications. For more details about Zoom Team Chat webhooks, see Zoom's documentation.

  1. Sign in to the Zoom desktop client and click the Messages tab.
  2. Select a public or private channel where you want to send notifications.

  3. In the selected channel, run the following command:

    /inc connect <connectionName>

Replace <connectionName> with a descriptive name for your connection.

This command creates a connection and generates an Endpoint and a Verification token, which you'll need in the next step.

Note

To send notifications to multiple Zoom Team Chat channels, repeat these steps for each channel, using a unique connectionName for each.

Step 2: Create a Zoom Team Chat integration in Venafi Control Plane

This step integrates Venafi Control Plane with Zoom Team Chat. To set up the integration, use the Endpoint and Verification token generated in the previous step.

Each integration is linked to a single Zoom Team Chat channel. If you need to send notifications to multiple channels, repeat the steps below for each channel, using the unique Endpoint and Verification token created earlier.

Create the provider by submitting the following API request, replacing the variables with the values for your configuration.

Variable descriptions

  • name - The name this channel will use in Venafi Control Plane.
  • verificationToken - The verification token of the Zoom Team Chat channel.
  • webhookURL - The URL of the endpoint of the Zoom Team Chat channel.
POST https://api.venafi.cloud/graphql
tppl-api-key: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Content-Type: application/json

{
  "query": "mutation CreateZoomTeamChatIntegration(  $input: CreateZoomTeamChatIntegrationInput!) {  createZoomTeamChatIntegration(input: $input) {    id    name  }}",
  "variables": {
    "input": {
      "name": "<Channel Name>",
      "zoomTeamChatParams": {
        "verificationToken": "<verification-token>",
        "webhookURL": "<endpoint>"
      }
    }
  }
}

Your response should look similar to the following:

{
    "data": {
        "createZoomTeamChatIntegration": {
            "id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
            "name": "Channel Name"
        }
    }
}

You will use the id value in the response as the notificationRouterIntegrationID value in the following step.

Perform this step for each Zoom Team Chat channel that you want to send notifications to, using the unique endpoint and verification tokens for each channel.

Step 3: Create the routing configuration

In this step, you'll define the rules that must be met for a notification to be sent and specify which integration should receive the notifications.

Routing configuration uses CEL expressions. The sections below outline the available data for building CEL expressions and provide several examples to help you get started.

Best Practice

Use the CEL playground to validate your CEL expressions. Invalid CEL expressions won't trigger notifications.

To use the playground, copy the JSON from the Event details section below into the Input field. Then, copy your CEL expression into the CEL expression field.

Note: On the playground, rename type to _type in both the Input and the CEL expression for the validation to work.

Once you've completed the fields, click Run. Your expression must evaluate to true for notifications to be triggered.

Routing configuration API request

The following API request will be used for each routing configuration, regardless of the notification type. You'll replace the following parameters to specify the type of notification you want to receive and what channel you want the notification sent to:

  • notificationRouterCelExpression - The CEL expression that defines what conditions must be satisfied before a notification is sent. See the Event details and Unhealthy issuer CEL expression examples sections below for help with building your CEL expression.
  • notificationRouterIntegrationID - The id of the integration that the notification should be sent to. The id was generated in the previous step.

API Request

POST https://api.venafi.cloud/graphql
tppl-api-key: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Content-Type: application/json

{
  "query": "mutation CreateNotificationRoutingConfiguration(  $notificationRouterFilterConfig: NotificationRouterFilterConfigInput!  $notificationRouterIntegrationConfig: NotificationRouterIntegrationConfigInput!) {  createNotificationRoutingConfiguration(    notificationRouterFilterConfig: $notificationRouterFilterConfig    notificationRouterIntegrationConfig: $notificationRouterIntegrationConfig  ) {    id    notificationRouterIntegrationConfig {      notificationRouterIntegrationID      notificationRouterTemplateID    }    notificationRouterFilterConfig {      notificationRouterCelExpression    }  }}",
  "variables": {
    "notificationRouterFilterConfig": {
      "notificationRouterCelExpression": "<CEL-expression>"
    },
    "notificationRouterIntegrationConfig": {
      "notificationRouterIntegrationID": "<xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
    }
  }
}

Note

This API request validates that the notificationRouterCelExpression compiles without errors. If it fails it returns an error and the notification router is not created. This validation also happens also when updating the notification router.

Have a look at Event notification types for examples for more information on notification types and sample CEL expressions you can use when creating routing configurations.