Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Preferences
Contact Us
Feedback
AWS Documentation
Create an AWS Account

Configuring AWS Security Hub Integration

PDF
RSS
Focus mode
Configuring AWS Security Hub Integration - AWS Service Management Connector
Video: Bidirectional integration with Atlassian Jira Service Management

AWS Security Hub enables users to view security findings from AWS services, such as Amazon Guard Duty, Amazon Inspector, as well as AWS Partner solutions.

If you use both AWS Security Hub and Jira Service Management (JSM), the AWS Service Management Connector for JSM allows you to create an automated, bidirectional integration between Security Hub and JSM. This two-way integration synchronizes your Security Hub findings and Jira issues.

Specifically, as a Jira administrator, you can use this integration to automatically create Jira issues from Security Hub findings. When you update those tickets in Jira, the changes are automatically replicated back to the original Security Hub findings. For example, when you resolve the issue in Jira, the workflow status of the Security Hub finding also changes to RESOLVED. This action ensures Security Hub always has up-to-date information about your security posture.

To configure AWS Security Hub integration features

  1. Enable AWS Security Hub. For more information, see Accessing Security Hub.

  2. Set up an SQS queue to receive updated Findings. Name the queue AwsSmcJsmSecurityHubQueue to align with the default name in the JSM Connector Settings for the AWS Security Hub integration. For more information, see Getting started with Amazon SQS.

  3. Set up a Amazon EventBridge rule to detect changes to Findings and push these to the queue. For more information, see Getting started with Amazon EventBridge.

    The CloudWatch rule should have the following event pattern and should point to the SQS queue created in Step 2.

    "EventPattern": {

       "source": [

        "aws.securityhub"

        ]
}

  4. You can also customize this CloudWatch Events rule to only pull in Security Hub findings that have specific finding types, severity labels, workflow statuses, or compliance statuses. For details about how to filter the event pattern, see Configuring an EventBridge rule for automatically sent findings in the AWS Security Hub User Guide.

Note

You can use the available AWS CloudFormation templates for the JSM connector to configure your AWS account to enable AWS Service Catalog integration. For more information, see Baseline Permissions.

Video: Bidirectional integration with Atlassian Jira Service Management

This video (8:40) describes how to set up a bidirectional integration with Atlassian Jira Service Management. This feature makes it easier for AWS Security Hub users to automatically create and update issues in Jira Service Management from AWS Security Hub findings and ensure that updates to those tickets are synced with the findings.

On this page

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.