Skip to content

Scan and Open Jira Tickets (AWS Security Hub) #308

Scan and Open Jira Tickets (AWS Security Hub)

Scan and Open Jira Tickets (AWS Security Hub) #308

name: Scan and Open Jira Tickets (AWS Security Hub)
on:
workflow_dispatch: # for testing and manual runs
schedule:
- cron: "0 6 * * *" # daily at 0600 UTC
permissions:
id-token: write
jobs:
sync:
name: Run sync
runs-on: ubuntu-20.04
steps:
- name: Check out repo
uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
role-to-assume: ${{ secrets.PRODUCTION_SYNC_OIDC_ROLE }}
- name: Sync Security Hub and Jira
uses: Enterprise-CMCS/mac-fc-security-hub-visibility@v1.0.7
with:
jira-username: "mdct_github_service_account"
jira-token: ${{ secrets.JIRA_ENT_USER_TOKEN }}
jira-host: jiraent.cms.gov
jira-project-key: CMDCT
jira-ignore-statuses: Done, Closed, Canceled
jira-custom-fields: '{ "customfield_10100": "CMDCT-2280", "customfield_26700" : [{"id": "40104", "value": "MCR"}] }'
aws-severities: CRITICAL, HIGH, MEDIUM
assign-jira-ticket-to: "MWTW"