• Products
  • Get started
  • Documentation
  • Resources

Integrate with Amazon CloudTrail

The feature described in this article is currently rolling out to some Jira Service Management Cloud customers. It may not yet be visible or available on your site.

AWS CloudTrail Logo

What does the integration offer?

The recorded information from Amazon CloudTrail includes the identity of the API caller, the time of the API call, the source IP address of the API caller, the request parameters, and the response elements returned by the AWS service.

Jira Service Management is an alert and notification management solution that is highly complementary to Amazon CloudTrail. With this integration, Jira Service Management alerts are created for Amazon CloudTrail notifications.

How does the integration work?

Use the Amazon CloudTrail Integration to forward Amazon CloudTrail notifications to Jira Service Management. Jira Service Management determines the right people to notify based on on-call schedules– notifies via email, text messages (SMS), phone calls, and iOS & Android push notifications, and escalates alerts until they are acknowledged or closed.

When Amazon CloudTrail receives a new log, an alert is created in Jira Service Management automatically through the integration.

Set up the integration

Amazon CloudTrail is an API-based integration. Setting it up involves the following steps:

  • Add an Amazon CloudTrail integration in Jira Service Management

  • Configure the integration in Amazon CloudTrail

Add an Amazon CloudTrail integration

If you're using the Free or Standard plan in Jira Service Management, you can only add this integration from your team’s operations page. To access the feature through Settings (gear icon) > Products (under JIRA SETTINGS) > OPERATIONS, you need to be on Premium or Enterprise plan.

Adding an integration from your team’s operations page makes your team the owner of the integration. This means Jira Service Management only assigns the alerts received through this integration to your team.

To add an Amazon CloudTrail integration in Jira Service Management, complete the following steps:

  1. Go to your team’s operations page.

  2. On the left navigation panel, select Integrations and then Add integration.

  3. Run a search and select “Amazon CloudTrail”.

  4. On the next screen, enter a name for the integration.

  5. Optional: Select a team in Assignee team if you want a specific team to receive alerts from the integration.

  6. Select Continue.
    The integration is saved at this point.

  7. Expand the Steps to configure the integration section and copy the integration URL generated for your account.
    You will use this URL while configuring the integration in Amazon CloudTrail later.

  8. Select Turn on integration.
    The rules you create for the integration will work only if you turn on the integration.

Configure the integration in Amazon CloudTrail

To configure the integration in Amazon CloudTrail, complete the following steps:

  1. Create an SNS topic. Find out how to get started with Amazon SNS.

  2. Add an HTTPS subscription to your topic with the integration URL previously copied from Jira Service Management as the endpoint. Find out how to add an HTTPS subscription. If the configuration is successful, a confirmation alert is created in Jira Service Management.

  3. Configure Amazon SNS notifications for AWS CloudTrail. Read more about AWS CloudTrial.

  4. On the Configuration page, select the SNS topic you created for the Integration.

  5. Select Save.

  6. From Amazon CloudTrail Console, navigate to Trails. Add a new trail or use an existing one.

  7. In the S3 tab, select Advanced > SNS topic and then select Save.

Sample payload from Amazon CloudTrail integration

(in JSON format)

1 2 3 4 5 6 7 8 9 10 11 { "Type": "Notification", "MessageId": "d7b0abd-f459-5627-b6e7-5a4cc1f84dcd", "TopicArn": "arn:aws:sns:us-west-2:3456xxxxxx:og", "Message": "{\"s3Bucket\":\"jsmtest\",\"s3ObjectKey\":[\"AWSLogs/345678xxxxxx/CloudTrail/us-east-1/2017/01/12/345678xxxxx_CloudTrail_us-east-1_20170112T0740Z_Q8aey31rGgtoAp9d.json.gz\"]}", "Timestamp": "2017-01-12T07:42:25.469Z", "SignatureVersion": "1", "Signature": "OAXw/gb6ciZSbwZ3o1Moh7U5/1m4uBGnqQmbwL8AGuuOa2Yo9sSaHjUf0Qf4BMtlRQ5pc4ghkW0LWKyHTIikKa4MFjlrgMLf7AaYJgh/5bDhorgdiXSk04PD/me2M9Sv85xZufEj9V0ys1PnwP6X877YFKz6iDNQ9Lyi1woaRmtCPmEtbpwjWYQJRlTpEv+exuqVjm7bgfTV+1DjB5kfFdK4X8Py9lpFMyaIiT24yffTAMLssp8wcGb8ygGxX9kD0JRfIlnAtM3Mn9NI7jmCXiE4iNpISMMlNSDPrUuzUSBzXrt3ArMraLdQ==", "SigningCertURL": "https://sns.us-west-2.amazonaws.com/SimpleNotificationService-b95095bebf6a046b3aafc7f4149a.pem", "UnsubscribeURL": "https://sns.us-west-2.amazonaws.com/?Action=Unsubscribe&SubscriptionArn=arn:aws:sns:us-west-2:345678xxxxx:og:949xxxxx-fed7-4456-b172-3a5xxxxxx41" }

Jira Service Management parses the payload as follows:

(in JSON format)

1 2 3 4 { "s3Bucket": "jsmtest", "s3ObjectKey": "AWSLogs/3456xxxxxxxx/CloudTrail/us-east-1/2017/01/12/34567xxxxxxx_CloudTrail_us-east-1_20170112T0740Z_Q8aey31rGgtoAp9d.json.gz" }

 

Additional Help