End of support notice: On March 31, 2027, AWS will end support for AWS Service Management Connector. After March 31, 2027, you will no longer be able to access the AWS Service Management Connector console or AWS Service Management Connector resources. For more information, see [AWS Service Management Connector end of support](https://docs.aws.amazon.com/smc/latest/ag/smc-end-of-support.html). # Integrating AWS Security Hub CSPM in Jira Service Management Cloud AWS Security Hub CSPM AWS Security Hub CSPM enables users to view security Findings from AWS services such as Amazon Guard Duty and Amazon Inspector, as well as AWS Partner solutions. If you use both [AWS Security Hub CSPM](https://aws.amazon.com/security-hub/?aws-security-hub-blogs.sort-by=item.additionalFields.createdDate&aws-security-hub-blogs.sort-order=desc) and [ Jira Service Management](https://www.atlassian.com/software/jira/service-management), the AWS Service Management Connector for Jira Service Management allows you to create an automated, bidirectional integration between Security Hub and Jira Service Management. This two-way integration synchronizes your Security Hub CSPM Findings and Jira Issues. Specifically, as a Jira administrator, you can use this integration to automatically create Jira Issues from AWS Security Hub CSPM Findings. When you update those tickets in Jira, the changes are automatically replicated back to the original Security Hub CSPM Findings. For example, when you resolve the issue in Jira, the workflow status of the Security Hub finding also changes to `RESOLVED`. This action ensures that Security Hub CSPM always has up-to-date information about your security posture. **Note** If you are aggregating your Security Hub CSPM findings to a single management AWS account and have onboarded management to the connector, internal customers and Jira agents updates on the Finding issue will **not** be synched to the finding in Security Hub CSPM. # Configuring AWS Security Hub CSPM integration Configuring AWS Security Hub CSPM integration This section describes how to configure your AWS services in Jira Service Management Cloud. **To configure AWS Security Hub CSPM integration features** 1. Enable AWS Security Hub CSPM. For more information, refer to [Setting up AWS Security Hub CSPM](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-settingup.html) with the Console. 1. Set up an SQS queue to receive updated Findings. Name the queue, `AwsSmcJsmCloudForgeSecurityHubQueue`, to align with the default name in the Jira Service Management Connector Settings for the AWS Security Hub CSPM integration. For more information, refer to [Getting started with Amazon SQS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-getting-started.html). 1. Set up an Amazon EventBridge rule to detect changes to Findings and push these to the queue. For more information, refer to [Getting started with Amazon EventBridge](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-get-started.html). The CloudWatch rule should have this event pattern and point to the SQS queue created in Step 2. ``` "EventPattern": {"source": [ "aws.securityhub" ] } ``` 1. You can also customize this CloudWatch Events rule to only pull in Security Hub CSPM Findings that have specific Finding types, severity labels, workflow statuses, or compliance statuses. For details about how to filter the event pattern, refer to [Configuring an EventBridge rule for automatically sent findings](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-cwe-all-findings.html) in the *AWS Security Hub CSPM User Guide*. **Note** You can use the AWS CloudFormation templates for the Connector for Jira Service Management to automate the AWS Config custom resource and AWS Security Hub CSPM integration features. For more information, refer to [Setting baseline permissions for AWS Service Management Connector for ServiceNow](sn-base-perms.md). # Validating AWS Security Hub CSPM integration in Jira Service Management Cloud Validating AWS Security Hub CSPM integration This section describes how to validate AWS Security Hub CSPM Findings, update AWS Systems Manager OpsItems, and view AWS related resources in Jira Service Management. **To view AWS Security Hub CSPM Findings in Jira Service Management from AWS Systems Manager** 1. Log in to your **Jira Agent** view as an internal customer or Jira agent. 1. In the **Jira Service Management Jira Agent** view, choose the Jira project associated with the AWS Security Hub CSPM Finding. 1. Use [Jira filters](https://support.atlassian.com/jira-service-management-cloud/docs/save-your-search-as-a-filter/) to show only issues with the Issue Type **AWS Security Hub CSPM Finding**. **To update AWS Security Hub CSPM Findings in Jira Service Management** 1. Log in to your **Jira Agent** view as an internal customer or Jira agent. 1. In the **Jira Service Management Jira Agent** view, choose the Jira project associated to the AWS Security Hub CSPM Finding. 1. Use [Jira filters](https://support.atlassian.com/jira-service-management-cloud/docs/save-your-search-as-a-filter/) to show only issues with the Issue Type **AWS Security Hub CSPM Finding**. 1. Choose **Edit Issue**. 1. Update the available fields, including **Severity**, **Priority**, and **Criticality**. 1. Choose **Update** to save the details. **Note** Updates to Security Hub CSPM Finding fields from Jira Service Management display in the AWS account view of Findings on the next sync between AWS and Jira Service Management. Only the fields Severity, Priority, and Criticality update in the AWS account from Jira Service Management. **To view AWS related resources in AWS Security Hub CSPM Findings through Jira Service Management** 1. Log in to your **Jira Agent** view as an internal customer or Jira agent. 1. In the **Jira Service Management Jira Agent** view, choose the Jira project associated to the AWS Security Hub CSPM Finding. 1. Use [Jira filters](https://support.atlassian.com/jira-service-management-cloud/docs/save-your-search-as-a-filter/) to show only issues with the Issue Type **AWS Security Hub CSPM Finding**. 1. Choose the **Security Hub CSPM Findings** panel. 1. In the selected AWS resources section of the AWS Security Hub CSPM Finding, you can review the related resource details. If the resources relate and the AWS Config integration is active in the Connector, you can filter on the AWS Config-specific resource details and relationships. The section remains empty if AWS resources do not relate in AWS Security Hub CSPM. Security Hub CSPM Findings follow the [AWS Security Finding format](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) (ASFF). Review the following mapping of fields from AWS Security Hub CSPM Findings to Jira Service Management Incident records. | Jira Issue field | Security Hub CSPM ASFF field | | --- | --- | | Created | CreatedAt | | Updated | UpdatedAt | | Summary | Title | | Priority | Severity.Label | | Status | Workflow.Status |