Versions Compared

Version Old Version 51 New Version Current
Changes made by

Daria Lebedeva

Daria Lebedeva

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

Info

This guide explains how to add a Jira account to Cloudaware and configure actions for Cloudaware to automatically discover Jira issues in the CMDB and/or create issues in Jira based on specified criteria.

Jira integration - CA_logo_black.pngImage Added To see how Cloudaware seamlessly integrates with Jira in action, request a demo.

Table of Contents

Introduction

Cloudaware offers several key capabilities of for integrating with Atlassian JIRAJira:

  • Autodiscovery Auto-discovery of Jira issues related to specific CMDB objects and importing them from JIRA to CloudawareCreating a JIRA issue whenever any specific criteria is met in Cloudaware CIs

  • Creation and updating of Jira issues when specific criteria are met (e.g., new incident, policy violation, vulnerability scan, etc.) and posting a comment to the existing JIRA issue (e.g. new vulnerability has been detected as fixedvulnerability scan, etc. is found)

Table of Contents

Configuring Autodiscovery of JIRA Issues and Importing to CMDB

Adding JIRA Integration to Cloudaware

Cloudaware can discover JIRA issues and automatically add them to the corresponding CMDB objects.

...

Follow these steps to integrate your JIRA account with Cloudaware:

...

Configure auto-discovery of Jira issues in Cloudaware CMDB

Add Jira account to Cloudaware

  1. Log in to Cloudaware account → Admin.

...

  1. Image Added

...

  2. Find Jira Accounts & Actions in the list of

...

  1. Cloud Integrations. Click +Add.

...

  1. Image Added

...

  1. Fill

...

  1. out the form:

    Image Added

    WHERE
    Name - a meaningful name for Jira integration, e.g.

...

  1. Prod Jira
    URL - Jira URL in the format https://jira.

...

  1. companyname.com

...

  1. Password -

...

  1. Jira password (for cloud version of

...

  1. Jira, use a token)

Ensure that the user whose credentials are used in the form has the appropriate level of access. All JIRA Jira projects that are visible for this user will be collected by Cloudaware.

...

Retrieve issues for the last - select a time period from the drop-down list
Trust Certificate - check this check box only if your JIRA Jira runs on a private network and TunHub Gatewaygateway has been set up by Cloudaware 4. (in this case, the URL will be in the format https://tunhub.cloudaware.com:12345)

Click Save.

  1. The green light in 'Status' means

...

  1. that Jira account has been successfully added. If there is a red light, please contact support@cloudaware.com.

...

...

  1. Image Added

Create custom fields in Jira

For Cloudaware to associate a JIRA issue with a CMDB object, a JIRA issue should have two custom fieldsautomatically associate discovered Jira issues with CMDB CIs, add the following custom fields* in Jira:

  • Object Type

  • Object Identifier

Tip

Object identifier is a cloud provider ARN for that object, for example:

Object Type: AWS ELB Load Balancer
Object Identifier (example): arn:aws:elasticloadbalancing:us-east-1:231469678781111111111111:loadbalancer/admin-s1-Elb-122VUH2MDDWYO

In order to view a list of CMDB objects, navigate to Setup → type Objects in the Quick search bar.

...

Note

The custom JIRA field you create should be a text/string.

...

111XXX1XXXXXX

Note

*The custom Jira field should be a text/string.

Set the values for custom fields manually or using internal JIRA Jira processes.

...

Configure auto-creation of Jira issues from Cloudaware

Cloudaware can send sends an outbound message to JIRA Jira whenever a specific criteria is are met, which will automatically create a JIRA Jira issue in the appropriate JIRA Jira project. Cloudaware can also post a comment to your JIRA Jira issue once the conditions that have triggered the ticket creation change. Let's review the following use case. Your company's seсurity team wants a JIRA issue to be created in a specific project every time when a high risk vulnerability is found by Cloudaware. However, in order to avoid lots of manual work with checking and closing JIRA issues, they also need to be notified if a vulnerability has been recognized as fixed. A comment posted to the issue may be a good marker for bulk

Use case: A security team needs a Jira issue created for a specific project whenever Cloudaware detects a high-risk vulnerability. The team also requires notifications when a vulnerability is marked as fixed to minimize manual work in checking and closing Jira issues. Posting a comment on the issue could serve as an effective trigger for bulk-closing tickets.

Manage

...

permissions and

...

create fields in

...

Jira

...

  1. Grant Cloudaware

...

  1. the user/project: ADD_COMMENTS permission

...

  1. .

...

  1. Log

...

  1. to the Cloudaware account

...

  1. and navigate to Setup Objects.

...

  1. Select

...

  1. the object for which Jira issues should be created for (

...

  1. for example, CloudAware Vulnerability Scan).

...

  1. Review the section 'Custom Fields & Relationships' to define fields that should be displayed in an issue's description.

...

  1. For our use case

...

  1. , the following fields are used: Priority, Risk, Severity, CVSS Number, Host, Port, Protocol, Description, Disappearance Time.

Note

Use Cloudaware When creating fields in Jira, use Field Label names when creating fields in your JIRA from Cloudaware, as fields names MUST must match.

...

Set up Jira Actions integration in Cloudaware
Anchor

...

Jira-

...

Actions

...

Jira-

...

Actions

  1. Log in to Cloudaware account → Admin.

...

  1. Image Added

  2. Find Jira Accounts & Actions in the list of

...

3. Fill in the integration details:

...

  1. Cloud Integrations, click N CONFIGURED*.

    Image Added

*Note that Jira account must be added to Cloudaware before setting up Jira actions.

  1. Select the tab 'Jira Actions'. Click +ADD JIRA ACTION.

    Image Added

  2. Fill out the form:

    Image Added

    WHERE
    Name - a meaningful name for Jira action, e.g. New Vulnerability Detected
    Jira Account - select the pre-configured

...

  1. Jira account
    Project - select

...

  1. the Jira project where issues will be created in

...


  1. Issue Type - select the issue type (issue types are managed in

...

  1. Jira)

...


  1. Summary -

...

  1. a summary of Jira issues (in this example, we use sObject.Name to display the full name of CloudAware Vulnerability Scan

...

  1. )
    Description -

...

  1. a description

...

  1. to be added

...

  1. to the Jira issue body

...


  1. Comment -

...

  1. text

...

  1. to be displayed as a Cloudaware comment

...


...


  1. For our use case, we

...

  1. use sObject.CA10disappearanceTime__c, where CA10disappearanceTime__c is the API Name of the field showing the date and time when the vulnerability was deleted from the scanner.

Tip

Pay attention to using expression fields. The data type of the value returned depends on the elements used in the expression. Here below are sample outputs:

Expression

Output

test

test

sObject.Name

'the name of this field in your org'

'sObject.Name'

sObject.Name

'Hey, ' + sObject.Name

Hey, 'the name of this field in your org'

Field List - determine list the fields you'd like to be displayed in a JIRA Jira issue and Cloudaware comment.

Note

Use API Names of names for fields. The integration must have include all the fields you are planning plan to use in notifications. The sequence order you choose for the fields ' order will be reflected in a JIRA Jira issue.

...

4. Click Save.5.

  1. Copy and save the URL as it is required for further configuration in Cloudaware.

...

  1. Image Added

...

Set up Cloudaware

...

workflows to

...

create issues and post comments in Jira
Anchor
workflow-to-create-jira-ticket
workflow-to-create-jira-ticket

Having one JIRA Notifications Integration configuredOnce you have configured Jira Action, set up two different workflow rules - for creating a JIRA Jira issue (1) and adding a comment (2).

1. Workflow Rule for JIRA Jira issue creation:

  • From Cloudaware Admin go to Setup → Create → Workflows & Approvals → Workflow Rules → New Rule:

...

  • Click Save&Next.

  • Add Workflow Action → New Outbound Message:

Object: CloudAware Vulnerability Scan
Name: Jira Notification: New Vulnerability Detected
Endpoint URL: paste the URL copied from the integration's details

  • Select the fields to be displayed as set up in the Integration details:

...

Note that Name is a mandatory field.

  • Click Done. Click Activate to activate your workflow.

2. Workflow Rule for posting a comment in JIRA Jira issue:

  • Go back to Workflow Rules → New Rule.

  • Select the object. In our use case we are using CloudAware Vulnerability Scan. Click Next.

  • Add Rule Name, set Evaluation Criteria and Rule Criteria as shown below:

...

  • Click Save&Next.

  • Add Workflow Action → New Outbound Message:

Object: CloudAware Vulnerability Scan
Name: Jira Notification: Vulnerability Fixed
Endpoint URL: paste the URL copied from the integration's details

  • Select the fields to be displayed as set up in the Integration details:

...

  • Click Done. Click Activate to activate your workflow.

JIRA

Jira issue

sample

example

Cloudaware comment

sample

example

Image ModifiedImage Modified

JIRA

Jira issue

sample

in Cloudaware CMDB

Image Modified

Bulk

...

close Jira issues with Cloudaware

...

comments

Based on our use case, we can consider all issues with a comment as not requiring further actions since a vulnerability the JIRA Jira issue informs of has been fixed.

Follow these steps to configure automatic change of issue status to 'Resolved':

  1. In your Service Desk project select Project settings Automation.

  2. Select Add rule.

  3. Select Custom rule from the list, then select Next.

  4. Give your custom rule a name and a description.

  5. Configure your rule by defining the WHEN, IF, and THEN fields:
    5.1. When comment added
    5.2. If comment contains This vulnerability is fixed and deleted on
    5.3. Then transition issue to status "Resolved"

...

...

Populate custom fields in Jira
Anchor
Populating-Custom-Fields-In-JIRA
Populating-Custom-Fields-In-JIRA

...

This option requires having custom fields Object Type, Object Identifier and fields that were created for

...

Jira actions.

Based on our use case, we can consider having all custom field values populated automatically. This will also provide a great visibility in Cloudaware CMDB as each JIRA Jira issue will be linked to a CMDB record.

...

Once you set the automation for both Object Type and Object Identifier, make sure to add these fields to the JIRA Jira issue.