| Info |
|---|
This guide explains how to add a Jira account to Cloudaware and configure actions for Cloudaware to automatically discover Jira issues in the CMDB and/or create issues in Jira based on specified criteria. |
...
Log in to Cloudaware account → Admin.
Find Jira Accounts & Actions in the list of Cloud Integrations. Click +Add.
Fill out the form:
WHERE
*URL - insert the Jira URL from the browser address bar, e.g. in the format https://jira.cloudawarecompanyname.com
**Password - use a token instead of a password if you are using Jira password (for cloud version of Jira, use a token)
Ensure that the user whose credentials are used in the form has the appropriate level of access. All Jira projects that are visible for this user will be collected by Cloudaware.
***Trust Certificate - check this box only if your Jira runs on a private network and TunHub gateway has been set up by Cloudaware (in this case, the URL will be in format https://tunhub.cloudaware.com:12345)
Click Save.
The green light in 'Status' means your Jira account has been successfully added. If there is a red light, please contact support@cloudaware.com
...
Cloudaware can send an outbound message to Jira whenever a specific criteria is met, which will automatically create a Jira issue in the appropriate Jira project. Cloudaware can also post a comment to your Jira issue once the conditions that have triggered the ticket creation change.
Use case: A
...
security team needs a Jira issue
...
created
...
for a specific project
...
whenever Cloudaware detects a high-risk vulnerability
...
. The team also requires notifications when a vulnerability is marked as fixed to minimize manual work in checking and closing Jira issues
...
. Posting a comment on the issue could serve as an effective trigger for bulk-closing tickets.
Manage permissions and create fields in Jira
...
Grant Cloudaware
...
the
user/project: ADD_COMMENTSpermission
...
.
Log to the Cloudaware account and navigate to Setup → Objects.
...
Select
...
the object
...
for which Jira issues
...
should be created for (in this example, CloudAware Vulnerability Scan).
...
Review the section 'Custom Fields & Relationships' to define fields that should be displayed in an issue's description.
...
For our use case
...
, the following fields are used: Priority, Risk, Severity, CVSS Number, Host, Port, Protocol, Description, Disappearance Time.
| Note |
|---|
Use Cloudaware Field Label names when When creating fields in your Jira Jira, use Field Label names from Cloudaware, as fields names MUST must match. |
Set up Jira Actions integration in Cloudaware
| Anchor |
|---|
...
...
Note that you should add your Jira Account to Cloudaware before setting up Jira Actions.
...
|
Log in to Cloudaware account → Admin.
...
Find Jira Accounts & Actions in the list of Cloud Integrations, click N
...
CONFIGURED*.
...
*Note that Jira account must be added to Cloudaware before setting up Jira actions.
Select the tab 'Jira Actions'. Click +
...
ADD JIRA ACTION.
...
...
Fill out the form:
.png?version=1&modificationDate=1700845240635&cacheVersion=1&api=v2&width=614)
WHERE
Name - name for your Jira action
Jira Account - select the pre-configured Jira account
Project - select your Jira project issues will be created in
Issue Type - select the issue type (managed in your Jira)
Summary - add summary for your Jira issues. In this example, we use sObject.Name to display full CloudAware Vulnerability Scan name
Description - add a description that will be added into Jira issue body
Comment - add a text that will be displayed as a Cloudaware comment
...
For our use case, we usesObject.CA10disappearanceTime__c, whereCA10disappearanceTime__cis the API Name of the field showing the date and time when the vulnerability was deleted from the scanner.
| Tip |
|---|
Pay attention to using expression fields. The data type of the value returned depends on the elements used in the expression. Here below are sample outputs: |
Expression | Output |
|---|---|
test | test |
sObject.Name | 'the name of this field in your org' |
'sObject.Name' | sObject.Name |
'Hey, ' + sObject.Name | Hey, 'the name of this field in your org' |
Field List - determine the fields you'd like to be displayed in a Jira issue and Cloudaware comment.
| Note |
|---|
Use API names for fields. The integration must include all the fields you plan to use in notifications. The order you choose for the fields will be reflected in a Jira issue. |
Click Save.5.
Copy and save the URL as it is required for further configuration in Cloudaware.
...
...
Set up Cloudaware workflows to create issues and post comments in Jira
| Anchor | ||||
|---|---|---|---|---|
|
Once you have configured Jira Action, set up two different workflow rules - for creating a Jira issue (1) and adding a comment (2).
1. Workflow Rule for Jira issue creation:
...
Click Save&Next.
Add Workflow Action → New Outbound Message:
Object: CloudAware Vulnerability Scan
Name: Jira Notification: New Vulnerability Detected
Endpoint URL: paste the URL copied from the integration's details
Select the fields to be displayed as set up in the Integration details:
...
Note that Name is a mandatory field.
Click Done. Click Activate to activate your workflow.
2. Workflow Rule for posting a comment in Jira issue:
...
Object: CloudAware Vulnerability Scan
Name: Jira Notification: Vulnerability Fixed
Endpoint URL: paste the URL copied from the integration's details
Select the fields to be displayed as set up in the Integration details:
...
Click Done. Click Activate to activate your workflow.
Jira issue sample | Cloudaware comment sample |
|---|---|
 |  |
...
Bulk close Jira issues with Cloudaware comments
Based on our use case, we can consider all issues with a comment as not requiring further actions since a vulnerability the Jira issue informs of has been fixed.
Follow these steps to configure automatic change of issue status to 'Resolved':
In your Service Desk project select Project settings → Automation.
Select Add rule.
Select Custom rule from the list, then select Next.
Give your custom rule a name and a description.
Configure your rule by defining the WHEN, IF, and THEN fields:
5.1. When comment added
5.2. If comment contains This vulnerability is fixed and deleted on
5.3. Then transition issue to status "Resolved"
...
Populate custom fields in Jira
| Anchor | ||||
|---|---|---|---|---|
|
This option requires having custom fields Object Type, Object Identifier and fields that were created for Jira actions.
Based on our use case, we can consider having all custom field values populated automatically. This will also provide a great visibility in Cloudaware CMDB as each Jira issue will be linked to a CMDB record.
...