...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
| Info |
|---|
This guide explains how to add Jira integration to Cloudaware to leverage auto-discovery of Jira issues in the CMDB and/or automatically create issues in Jira based on specific criteria met in Cloudaware. |
To see how Cloudaware seamlessly integrates with Jira in action, request a demo.
| Table of Contents |
|---|
Introduction
Cloudaware offers several key capabilities of integrating with Atlassian JIRAJira:
Autodiscovery Auto-discovery of issues related to CMDB objects and importing them from JIRA Jira to Cloudaware
Creating a JIRA Jira issue whenever any specific criteria is met in Cloudaware (e.g. new incident, policy violation, vulnerability scan, etc.) and posting a comment to the existing JIRA Jira issue (e.g. new vulnerability has been detected as fixed, etc.)
...
Configuring
...
Auto-discovery and Import of Jira Issues to CMDB
Adding
...
Jira Integration to Cloudaware
Cloudaware can discover JIRA Jira issues and automatically add them to the corresponding CMDB objects.
...
Follow these steps to integrate your JIRA Jira account with Cloudaware:
1. Log in to Cloudaware account → Admin
...
2. Find JIRA Find Jira Accounts & Actions in the list of Issue Management toolsCloud Integrations, click +Add
...
3. Fill in the required information, click Save
...
*URL - insert your Company JIRA Jira URL from the browser address bar, e.g. http(s)://jira.cloudaware.com
**Password - use a token instead of a password if you are using cloud version of JIRAJira
Ensure that the user whose credentials are used in the form has the appropriate level of access. All JIRA Jira projects that are visible for this user will be collected by Cloudaware.
***Trust Certificate - check this box only if your JIRA Jira runs on a private network and TunHub Gateway has been set up by Cloudaware
4. The green light in 'Status' means your JIRA Jira account has been successfully added. If there is a red light, please contact support@cloudaware.com
...
Adding Custom Fields to
...
Jira
For Cloudaware to associate a JIRA Jira issue with a CMDB object, a JIRA Jira issue should have two custom fields:
...
| Tip |
|---|
Object identifier is a cloud provider ARN for that object, for example: Object Type: AWS ELB Load Balancer |
In order to view a list of CMDB objects, navigate to Setup → type Objects in the Quick search bar.
...
| Note |
|---|
The custom JIRA Jira field you create should be a text/string. |
Add these two fields to JIRA Jira issues using instructions provided by Atlassian here. It's possible to set the values for these fields manually or using internal JIRA Jira processes.
Сonfiguring Automatic Creation of
...
Jira Issues from Cloudaware
Cloudaware can send an outbound message to JIRA Jira whenever a specific criteria is met, which will automatically create a JIRA Jira issue in the appropriate JIRA Jira project. Cloudaware can also post a comment to your JIRA Jira issue once the conditions that have triggered the ticket creation change.
Let's review the following use case. Your company's A seсurity team wants a JIRA Jira issue to be created in a specific project every time when a high risk vulnerability is found by Cloudaware. However, in order to avoid lots of manual work with checking and closing JIRA Jira issues, they also need to be notified if a vulnerability has been recognized as fixed. A comment posted to the issue may be a good marker for bulk closing tickets.
Manage Permissions and Create Fields in
...
Jira
1. Grant Cloudaware with user/project: ADD_COMMENTS permission (see JIRA Jira documentation).
2. Log in to Cloudaware account → Setup → Objects.
3. Select an object you want JIRA Jira issues to be created for (in this example, CloudAware Vulnerability Scan).
4. Review the section 'Custom Fields & Relationships' to define fields that should be displayed in an issue's description. In our use case we are using the following fields: Priority, Risk, Severity, CVSS Number, Host, Port, Protocol, Description, Disappearance Time.
| Note |
|---|
Use Cloudaware Field Label names when creating fields in your JIRA Jira as fields names MUST match. |
Setting Up
...
Jira Actions in Cloudaware
| Anchor |
|---|
...
|
...
|
...
|
Note that you should add your Jira Account to Cloudaware before setting up Jira Actions.
1. Log in to Cloudaware account → Admin.
2. Find JIRA Notifications Jira Accounts & Actions in the list of Issue Management tools, click +Add.3Cloud Integrations, click N Configured.
...
3. Select the tab 'Jira Actions'. Click +Add Jira Action.
...
4. Fill in the integration details:
Name - name for your JIRA Jira Notification integration
JIRA Jira Integration - select the pre-configured JIRA Jira integration .
Project - select your JIRA Jira project issues will be created in .
Issue Type - select the issue type (managed in your JIRAJira).
Summary - add summary for your JIRA Jira issues. In this example, we use sObject.Name to display full CloudAware Vulnerability Scan name.
Description - add a description that will be added into JIRA Jira issue body .
Comment - add a text that will be displayed as a Cloudaware comment.
In our use case we are using sObject.CA10disappearanceTime__c where CA10disappearanceTime__c is API Name of the field showing the date and time when the vulnerability was deleted from the scanner.
| Tip |
|---|
Pay attention to using expression fields. The data type of the value returned depends on the elements used in the expression. Here below are sample outputs: |
Expression | Output |
|---|---|
test | test |
sObject.Name | 'the name of this field in your org' |
'sObject.Name' | sObject.Name |
'Hey, ' + sObject.Name | Hey, 'the name of this field in your org' |
Field List - determine the fields you'd like to be displayed in a JIRA Jira issue and Cloudaware comment.
| Note |
|---|
Use API Names of names for fields. The integration must have include all the fields you are planning plan to use in notifications. The sequence order you choose for the fields ' order will be reflected in a JIRA Jira issue. |
...
45. Click Save.
56. Copy and save the URL as it is required for further configuration in Cloudaware.
...
Configuring Cloudaware Workflows to Create Issues and Post Comments in
...
Jira
| Anchor | ||||
|---|---|---|---|---|
|
Once you have configured Jira Action, set up two different workflow rules - for creating a JIRA Jira issue (1) and adding a comment (2).
1. Workflow Rule for JIRA Jira issue creation:
From Cloudaware Admin go to Setup → Create → Workflows & Approvals → Workflow Rules → New Rule:
...
Click Save&Next.
Add Workflow Action → New Outbound Message:
Object: CloudAware Vulnerability Scan
Name: Jira Notification: New Vulnerability Detected
Endpoint URL: paste the URL copied from the integration's details
Select the fields to be displayed as set up in the Integration details:
...
Note that Name is a mandatory field.
Click Done. Click Activate to activate your workflow.
2. Workflow Rule for posting a comment in JIRA Jira issue:
Go back to Workflow Rules → New Rule.
Select the object. In our use case we are using CloudAware Vulnerability Scan. Click Next.
Add Rule Name, set Evaluation Criteria and Rule Criteria as shown below:
...
Click Save&Next.
Add Workflow Action → New Outbound Message:
Object: CloudAware Vulnerability Scan
Name: Jira Notification: Vulnerability Fixed
Endpoint URL: paste the URL copied from the integration's details
Select the fields to be displayed as set up in the Integration details:
...
Click Done. Click Activate to activate your workflow.
Jira issue sample | Cloudaware comment sample |
|---|---|
 |  |
Jira issue sample in Cloudaware CMDB |
|---|
 |
Bulk Closing Issues with Cloudaware Comments
...
in Jira
Based on our use case, we can consider all issues with a comment as not requiring further actions since a vulnerability the JIRA Jira issue informs of has been fixed.
Follow these steps to configure automatic change of issue status to 'Resolved':
In your Service Desk project select Project settings → Automation.
Select Add rule.
Select Custom rule from the list, then select Next.
Give your custom rule a name and a description.
Configure your rule by defining the WHEN, IF, and THEN fields:
5.1. When comment added
5.2. If comment contains This vulnerability is fixed and deleted on
5.3. Then transition issue to status "Resolved"
...
Populating Custom Fields
...
in Jira*
| Anchor | ||||
|---|---|---|---|---|
|
...
This option requires having custom fields Object Type, Object Identifier and fields that were created for the
...
Based on our use case, we can consider having all custom field values populated automatically. This will also provide a great visibility in Cloudaware CMDB as each JIRA Jira issue will be linked to a CMDB record.
Follow these steps to configure automatic update of fields Object Type and Object Identifier.
Object Type
To populate this field, ensure that fields indicating the resource name or ID are created (e.g. AWS EC2 Instance ID, Physical Server, AWS IAM User).
Create a custom text field 'Object Type'.
In your Service Desk project select Project settings → Automation.
Select Add rule.
Select 'Custom rule' from the list, then select Next.
Give your custom rule a name and a description.
Specify:
7.1. WHEN: Issue created
7.2. Choose If/Else block
7.3. Add the condition, e.g.:
IF 'AWS EC2 Instance ID' field is not empty then edit 'Object Type' field with 'AWS EC2 Instance'
IF 'AWS EC2 Instance Name' field is not empty then edit 'Object Type' field with 'AWS EC2 Instance'
7.4. Add the second condition:
ELSE - IF 'AWS IAM User ARN' field is not empty then edit 'Object Type' field with 'AWS IAM User'
The automation summary will look the following:
Object IdentifierTo populate this field, ensure that fields indicating the resource ID are created (e.g. AWS EC2 Instance ID, AWS IAM User ARN).
Create a custom text field 'Object Identifier'.
In your Service Desk project select Project settings → Automation.
Select Add rule.
Select 'Custom rule' from the list, then select Next.
Give your custom rule a name and a description.
Specify:
7.1. WHEN: Issue created
7.2. THEN: Edit issue fields. Paste the following condition as the value of the field 'Object Identifier':Code Block {{Issue.fields.Custom_Field_name}}where Custom_Field_ is the name of the field under question (e.g. AWS EC2 Instance ID, AWS IAM User ARN)
The automation summary will look the following:
Once you set the automation for both Object Type and Object Identifier, make sure to add these fields to the JIRA Jira issue.