Versions Compared

Old Version 14

changes.mady.by.user Shivi Sivasubramanian

Saved on

compared with

New Version 15

changes.mady.by.user Shivi Sivasubramanian

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Amazon Security Hub sends findings that match with matching the corresponding CloudWatch Event rule to CloudWatch. Selecting an SNS topic for the target lets you publish the related event message for findings to SNS which will send this message to Jira Service Management at the end.

...

Amazon Security Hub is a bidirectional integration, and setting it up involves multiple steps:

...

  1. Go to AWS SNS, select Topics > Create topic.

  2. When on the Subscription tab, select Create subscription. This is how you’ll send SNS messages to Jira Service Management.

  3. In the Protocol field, select HTTPS as an endpoint type.

  4. In the Endpoint field, enter the API endpoint URL you copied while adding the integration in Jira Service Management.

...

  1. In your Amazon CloudWatch account, select Events > Rules.

  2. Then select Create rule.

  3. In the Event Source section, select the Event Pattern option.

  4. Then select Build event pattern to match all events from the dropdown menu.

  5. Select Edit in the Event Pattern Preview and enter copy-paste the script below provided to you under given in this section.

  6. In the Targets section, select the SNS topic from the dropdown menu, then select the topic you’ve created before.

  7. Select Configure details and enter a name, description, and other detailsinformation.

  8. When done, select Create rule.

...

Code Block
{
  "source": [
    "aws.securityhub"
  ],
  "detail-type": [
    "Security Hub Findings - Custom Action"
  ],
  "resources": [
    <custom action arn you created in security hub>
  ]
}

Configure the integration in Amazon EventBridge Events

  1. Go to Amazon EventBridge and select Rules.

  2. Select Create rule.

  3. In Step 1, enter a Name and Description for this rule.

  4. Select Rule with an event patterns as Rue type and select Next.

  5. In Step 2, select AWS events and EventBrigde partner events as the Event source.

  6. Then, select Select AWS services as Event source.

  7. Select Security Hub as AWS Service.

  8. In the Event Type section, select the custom action you created in the security hub.

  9. Select Next.

  10. In Step 3, select SNS topic from the dropdown menu in Target types, then select the topic you created before in the Topic field.

  11. Select Next.

  12. In Step 5, review and create the rule.

...

  1. From the Amazon Security Hubintegration page in Jira Service Management, select the Send alert updates back to Amazon Security Hub check box checkbox.

  2. Allow Jira Service Management to access security hub resources using an IAM Role. To create a role that allows Jira Service Management to access security hub resources, you can use the CloudFormation template.

  3. Make sure that all the input parameters to the cloudformation template (such as the API URL from the integration page (pre-populated), Jira Service Management Aws AccountId (pre-populated), and RoleName) are correct. The role name should be in jsmSecurityHubRole* format.

  4. Copy the IAM role ARN created in the previous step and paste it into AmazonSecurityHub Role ARN and select .

  5. Select the region where the Security Hub is enabled.

...