Configuring AWS Security Hub integration - AWS Service Management Connector

Configuring AWS Security Hub integration

This section describes how to configure your AWS services in Jira Service Management Cloud.

To configure AWS Security Hub integration features
  1. Enable AWS Security Hub. For more information, refer to Setting up AWS Security Hub with the Console.

  2. Set up an SQS queue to receive updated Findings. Name the queue, AwsSmcJsmCloudForgeSecurityHubQueue, to align with the default name in the Jira Service Management Connector Settings for the AWS Security Hub integration. For more information, refer to Getting started with Amazon SQS.

  3. Set up an Amazon EventBridge rule to detect changes to Findings and push these to the queue. For more information, refer to Getting started with Amazon EventBridge.

    The CloudWatch rule should have this event pattern and point to the SQS queue created in Step 2.

    "EventPattern": {"source": [ "aws.securityhub" ] }
  4. You can also customize this CloudWatch Events rule to only pull in Security Hub Findings that have specific Finding types, severity labels, workflow statuses, or compliance statuses. For details about how to filter the event pattern, refer to Configuring an EventBridge rule for automatically sent findings in the AWS Security Hub User Guide.

Note

You can use the AWS CloudFormation templates for the Connector for Jira Service Management to automate the AWS Config custom resource and AWS Security Hub integration features. For more information, refer to Setting baseline permissions for AWS Service Management Connector for ServiceNow.