fbpx

Posted on by admin

How to create a two-way integration in between AWS Security Jira and Hub Service Management

If you are using both  AWS Safety Hub  and  Jira Service Administration , you may use the brand new AWS Program Administration Connector for Jira Provider Administration to generate an automated, bidirectional integration between both of these products that keeps your Security Hub Jira and findings issues inside sync. In this website post, I’ll demonstrate how to setup this integration.

As a Jira administrator, you’ll then have the ability to create Jira problems from Security Hub results automatically, so when you update those presssing problems in Jira, the changes are replicated back to the initial Security Hub findings automatically. For example, in the event that you resolve an presssing problem in Jira, the workflow status of the finding in Protection Hub will undoubtedly be resolved also. This way, Safety Hub has up-to-date position about your security position always.

 

View a demonstration of the integration.

Prerequisites

To perform this walkthrough, you’ll require a Jira instance with the connector configured. To learn more on how to place this up, notice AWS Service Administration Connector for Jira Support Management in the AWS Services Catalog Administrator Guidebook. At the brief moment, this connector may be used with Atlassian Data Middle.

On the AWS side, you will need Protection Hub allowed in your AWS accounts. For more information, discover Enabling Safety Hub manually.

This walkthrough uses an AWS CloudFormation template to generate the required AWS resources because of this integration. In this template, The AWS can be used by me Area us-east-1, but you may use some of the supported Areas for Protection Hub.

Deploy the remedy

In this solution, you’ll very first deploy an AWS CloudFormation stack that creates the required AWS resources which are needed to create the integration in Jira.

To download and work the CloudFormation template

  1. Download the sample template because of this walkthrough.
  2. In the AWS CloudFormation console, select Create stack, select With new assets (standard), and select&amp then;nbsp;Template is set.
  3. For Specify template, select Upload a template document and choose the template that you downloaded inside step one 1.

To generate the CloudFormation stack

  1. In the CloudFormation console, choose Specify stack points, and enter a Stack title (in the instance, I called mine SecurityHub-Jira-Integration).
  2. Keep carefully the other default ideals as shown in Number 1, and choose&amp then;nbsp;Next.

    Figure 1: Developing a CloudFormation stack

    Figure 1: Developing a CloudFormation stack

  3. On the Configure stack choices web page, choose Next.
  4. On the Evaluation page, choose the check container We acknowledge that AWS CloudFormation may create IAM sources with custom made names. (Optional) If you want more information concerning this acknowledgement, select Learn even more.
  5. Choose Create stack.

    Shape 2: Acknowledge development of IAM assets

    Figure 2: Acknowledge development of IAM sources

  6. Following the CloudFormation stack status is CREATE_COMPLETE, the list is seen by you of assets that are created, as shown in Figure 3.

    Figure 3: Assets produced from the CloudFormation template

    Figure 3: Resources produced from the CloudFormation template

Following, you’ll integrate Jira with Security Hub.

To integrate Jira with Safety Hub

  1. In the Jira dashboard, pick the gear icon to open up the JIRA Management menu, and choose &lt then;strong>Manage apps.

    Body 4: Jira Manage applications

    Figure 4: Jira Manage apps

  2. On the Management display screen, under AWS SERVICE Administration CONNECTOR in the left routing menu, select AWS accounts.

    Amount 5: Choose AWS accounts

    Figure 5: Choose AWS accounts

  3. Choose Link new accounts to open a full page where one can configure Jira to gain access to an AWS accounts.

    Figure 6: Connect fresh account

    Figure 6: Connect new accounts

  4. Enter values for the accounts and consumer credentials alias. For the accounts alias, I’ve called my account SHJiraIntegrationAccount. In the SecurityHub-Jira-Integration CloudFormation stack that you formerly created, find the Outputs section to find the ideals for SCSyncUserAccessKey, SCSyncUserSecretAccessKey, SCEndUserAccessKey, and SCEndUserSecretAccessKey, mainly because shown in Figure 7.

    Determine 7: CloudFormation Outputs details

    Figure 7: CloudFormation Outputs information

    Important: Because that is an illustration walkthrough, The access is showed by me key and key key generated as CloudFormation outputs. However, if you’re utilizing the AWS Service Administration Connector for Jira in a creation workload, observe How do you create an AWS accessibility key? to comprehend the connectivity also to generate the access key and key key for users. Go to that connect to create a good IAM access and consumer key. For the permissions which are necessary for the IAM consumer, you can evaluation the permissions and plans outlined in the template.

  5. In Jira, on the Connect brand-new accounts page, enter all of the ideals from the CloudFormation Outputs that you found in step 4, and pick the Area you used to start your CloudFormation sources. I chose the Area US East (N.Virginia)/us-east-1.
  6. Choose Connect, and you ought to see a success information for the test link. It is possible to choose &lt also;strong>Test online connectivity after connecting the accounts, as shown in number 8.

    Figure 8: Test connection

    Figure 8: Test online connectivity

The connector is preconfigured to generate Jira incidents for Protection Hub findings automatically. The findings could have the same details in both AWS Safety Hub console and the Jira console.

Check the integration

Finally, you can attempt the integration between Security Jira and Hub Service Administration.

To check the integration

  1. Because of this walkthrough, I’ve created a fresh task from the Tasks console in Jira. Should you have an present project, the AWS could be linked by you account to the project.
  2. In the still left navigation menus, under AWS SERVICE Administration CONNECTOR, select Connector configurations.
  3. On the AWS Service Administration Connector configurations web page, under Tasks enabled for Connector, select Increase Jira task, and choose the project you need to hook up to the AWS accounts.

    Figure 9: Include the Jira project

    Figure 9: Add the Jira task

  4. On a single web page, under OpsCenter Construction, pick the project to keep company with the AWS accounts. Under Protection Hub Construction, associate the Jira task with the AWS accounts. Choose Save after you’ve configured the task.
  5. On the AWS accounts web page, select Sync now.

    Number 10: Sync now

    Figure 10: Sync today

  6. In the very best pane, under Problems, select Seek out problems.
  7. Pick the task that you additional in step three 3. You shall visit a screen just like the one shown in Figure 11.To filtration system just the Safety Hub findings further, it is possible to choose &lt also;strong>AWS Protection Hub Locating under Type.

    Shape 11: A Security Hub finding inside the Jira console

    Figure 11: A Security Hub getting inside the Jira console

  8. It is possible to review exactly the same finding from Security Hub in the AWS console, as shown in Figure 12, to verify that it’s exactly like the finding you saw in action 7.

    Body 12: A Security Hub finding inside the AWS console

    Figure 12: A Security Hub locating inside the AWS console

  9. On the Jira web page for the Security Hub selecting (the same web page discussed in step 7), it is possible to update the workflow standing to Notified, and the presssing issue status changes to NOTIFIED, simply because shown in Figure 13.

    Amount 13: Update the obtaining position to NOTIFIED

    Figure 13: Update the finding standing to NOTIFIED

    It is possible to demand AWS Safety Hub console and appearance at the finding’s workflow, as shown in Shape 14. The workflow should state NOTIFIED, as you up-to-date it in the Jira console.

    Determine 14: The Security Hub finding workflow up-to-date to NOTIFIED

    Figure 14: The Security Hub acquiring workflow updated to NOTIFIED

  10. It is possible to fix the problem from the Security Hub console now. Once you resolve the getting from Security Hub, it will arrive as resolved inside the Jira console also.
  11. (Optional) Inside the AWS Service Management Connector inside the Jira console, it is possible to configure several configurations, such as for example Sync Interval, SQS Queue Title, and Amount of messages to draw from SQS, as shown within Figure 15. It is possible to synchronize Security Hub findings in accordance with their &lt also;strong>Severity worth.

    Number 15: Jira configurations for Security Hub

    Figure 15: Jira settings for Protection Hub

Bottom line

In this website post, I demonstrated you how exactly to set up the brand new two-way integration of AWS Security Hub and Jira utilizing the AWS Assistance Management Connector for Jira Program Management. For more information about Jira’s integration with Safety Hub, watch the movie AWS Protection Hub – Bidirectional integration with Jira Service Administration Middle, and notice AWS Service Administration Connector for Jira Provider Management in the AWS Support Catalog Administrator Tutorial. To download the free of charge AWS Service Administration Connector for Jira, start to see the Atlassian Market. In case you have additional queries, you can write-up them to the AWS Safety Hub forum.

For those who have feedback concerning this post, submit remarks in the Remarks area below.

Want a lot more AWS Security how-to articles, news, and show announcements? Stick to us on Twitter.