# Third-party
AWS Systems Manager Automation provides predefined runbooks for third-party products and services. For more information about runbooks, see [Working with runbooks](https://docs.aws.amazon.com/systems-manager/latest/userguide/automation-documents.html). For information about how to view runbook content, see [View runbook content](automation-runbook-reference.md#view-automation-json).
**Topics**
+ [`AWS-CreateJiraIssue`](automation-aws-createjiraissue.md)
+ [`AWS-CreateServiceNowIncident`](automation-aws-createservicenowincident.md)
+ [`AWS-RunPacker`](automation-aws-runpacker.md)
# `AWS-CreateJiraIssue`
**Description**
Create an issue in Jira.
**Note**
For better control and validation, we recommend [ cloning](https://docs.aws.amazon.com/systems-manager/latest/userguide/documents-creating-content.html#cloning-ssm-document) the `AWS-CreateJiraIssue` runbook to create your own private version. In your cloned runbook, add [validation logic](https://docs.aws.amazon.com/systems-manager/latest/userguide/documents-schemas-features.html#parameter-security-best-practices) for the `JiraURL` parameter to ensure it matches your approved Jira instances before execution. Then use your cloned runbook in place of the AWS-managed one and restrict IAM permissions for executing `AWS-CreateJiraIssue`. This approach gives you more flexibility and ensures the parameter meets your organization's security and compliance requirements.
[Run this Automation (console)](https://console.aws.amazon.com/systems-manager/automation/execute/AWS-CreateJiraIssue)
**Document type**
Automation
**Owner**
Amazon
**Platforms**
Linux, macOS, Windows
**Parameters**
+ AssigneeName
Type: String
Description: (Optional) The username of the person the issue should be assigned to.
+ DueDate
Type: String
Description: (Optional) The due date for the issue in yyyy-mm-dd format.
+ IssueDescription
Type: String
Description: (Required) A detailed description of the issue.
+ IssueSummary
Type: String
Description: (Required) A brief summary of the issue.
+ IssueTypeName
Type: String
Description: (Required) The name of the type of issue you want to create (for example, Task, Sub-task, Bug, etc.).
+ JiraURL
Type: String
Description: (Required) The url of the Jira instance.
+ JiraUsername
Type: String
Description: (Required) The name of the user the issue will be created with.
+ PriorityName
Type: String
Description: (Optional) The name of the priority of the issue.
+ ProjectKey
Type: String
Description: (Required) The key of the project the issue should be created in.
+ SSMParameterName
Type: String
Description: (Required) The name of an encrypted SSM Parameter containing the API key or password for the Jira user.
**Document Steps**
`aws:createStack` - Create CloudFormation stack to create Lambda IAM role and function.
`aws:invokeLambdaFunction` - Invoke Lambda function to create the Jira issue
`aws:deleteStack` - Delete the CloudFormation stack created.
**Outputs**
IssueId: ID of the newly created Jira issue
# `AWS-CreateServiceNowIncident`
**Description**
Create an incident in the ServiceNow incident table.
[Run this Automation (console)](https://console.aws.amazon.com/systems-manager/automation/execute/AWS-CreateServiceNowIncident)
**Document type**
Automation
**Owner**
Amazon
**Platforms**
Linux, macOS, Windows
**Parameters**
+ AutomationAssumeRole
Type: String
Description: (Optional) The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows Systems Manager Automation to perform the actions on your behalf. If no role is specified, Systems Manager Automation uses the permissions of the user that starts this runbook.
+ Category
Type: String
Description: (Optional) The category of the incident.
Valid values: None \$1 Inquiry/Help \$1 Software \$1 Hardware \$1 Network \$1 Database
Default Value: None
+ Description
Type: String
Description: (Required) A detailed explanation on the incident.
+ Impact
Type: String
Description: (Optional) The effect an incident has on business.
Valid values: High \$1 Medium \$1 Low
Default Value: Low
+ ServiceNowInstanceUsername
Type: String
Description: (Required) The name of the user the incident will be created with.
+ ServiceNowInstancePassword
Type: String
Description: (Required) The name of an encrypted SSM Parameter containing the password for the ServiceNow user.
+ ServiceNowInstanceURL
Type: String
Description: (Required) The URL of the ServiceNow instance
+ ShortDescription
Type: String
Description: (Required) A brief description of the incident.
+ Subcategory
Type: String
Description: (Optional) The subcategory of the incident.
Valid values: None \$1 Antivirus \$1 Email \$1 Internal Application \$1 Operating System \$1 CPU \$1 Disk \$1 Keyboard \$1 Hardware \$1 Memory \$1 Monitor \$1 Mouse \$1 DHCP \$1 DNS \$1 IP Address \$1 VPN \$1 Wireless \$1 DB2 \$1 MS SQL Server \$1 Oracle
Default Value: None
**Document Steps**
Push\$1incident – Pushes the incident information to ServiceNow.
**Outputs**
Push\$1incident.incidentID – The created incident ID.
# `AWS-RunPacker`
**Description**
This runbook uses the HashiCorp [Packer](https://www.packer.io/) tool to validate, fix, or build packer templates that are used to create machine images. This runbook uses Packer v1.11.2.
**Note**
If you specify a `vpc_id` value, you must also specify the `subnet_id` value of a public subnet. Unless you modify your subnet's IPv4 public addressing attribute, you must also set `associate_public_ip_address` to true.
**Important**
Packer provisioners execute with root-level privileges on the temporary EC2 instance. Follow least-privilege practices when authoring Packer templates. Avoid granting provisioners access to sensitive instance metadata or local credential files. If you have added additional policies to the IAM role used by [Default Host Management Configuration](https://docs.aws.amazon.com/systems-manager/latest/userguide/fleet-manager-default-host-management-configuration.html), be aware that any process running as root on the instance can access those expanded permissions. Review your Packer templates to ensure they contain only trusted commands.
[Run this Automation (console)](https://console.aws.amazon.com/systems-manager/automation/execute/AWS-RunPacker)
**Document type**
Automation
**Owner**
Amazon
**Platforms**
Linux, macOS, Windows
**Parameters**
+ AutomationAssumeRole
Type: String
Description: (Optional) The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows Systems Manager Automation to perform the actions on your behalf. If no role is specified, Systems Manager Automation uses the permissions of the user that starts this runbook.
+ Force
Type: Boolean
Description: A Packer option to force a builder to run when artifacts from a previous build otherwise prevent a build from running.
+ Mode
Type: String
Description: The mode, or command, in which to use Packer when validating against the template. Options include `Build` , `Validate` , and `Fix` .
+ TemplateFileName
Type: String
Description: The name, or key, of the template file in the S3 bucket.
+ TemplateS3BucketName
Type: String
Description: The name of the S3 bucket containing the packer template.
**Document Steps**
RunPackerProcessTemplate – Runs the selected mode against the template using the Packer tool.
**Outputs**
RunPackerProcessTemplate.output – The stdout from the Packer tool.
RunPackerProcessTemplate.fixed\$1template\$1key – The name of the template stored in an S3 bucket to use only when running in "Fix" mode.
RunPackerProcessTemplate.s3\$1bucket – The name of the S3 bucket that contains the fixed template to use only when running in "Fix" mode.