AMA: Export YAML Files for Vendors Pulled from SSO Providers

circle
circle

AMA is an ongoing series published each Thursday, highlighting questions the community has asked in our support and how-to channels on Slack. If you haven't already done so, please join us on Slack

 

"I'm digging the patterns on the secops automation. Is there a way to auto-generate (export) YAML files for the vendors that have been pulled from the SSO provider, so we can revision control, and update in bulk?"

--Question from Will on the J1 Community Slack

 

Answer from the JupiterOne Team

Hi Will. There are a couple things you can do.

1) From the landing, try a query like Find Vendor withtype='mapped_entity' , and download as JSON

2021-04-22 AMA

2) Use the j1 command line tool to perform the same query, which will save a local results.json file with the same values. These values could probably be massaged just a bit, then committed to your git repo. That PR/commit approval would then serve as an indelible record of your vendor approval.

3) The publish script, which uses the J1 cli, should also accept JSON format.

Articles in this Series

  1. AMA: JupiterOne and PagerDuty WebHooks
  2. AMA: Export YAML Files for Vendors Pulled from SSO Providers
  3. AMA: Map Controls and Frameworks Relationships
  4. AMA: How to Track Professional Associations, Security Forums, and Threat Intel Sources
  5. AMA: Find AWS Instances by their Private IP Address
  6. AMA: SSO Integrated Authentication, Move to Another Role
  7. AMA: send-mail action to map two properties
  8. AMA: Setup the Policy Accept Button
  9. AMA: Match a blank field in J1QL
  10. AMA: Track and Alert Using Firewall Rules Matrix
  11. AMA: AWS Roles not used for 90 days, and date related queries
  12. AMA: Manage Alerts for Jira through J1 Terraform Provider
  13. AMA: Filter Results from Specific AWS Accounts
  14. AMA: Iterate and return total count of iam users per account
  15. AMA: Search for security groups by tag
  16. AMA: Identify S3 Buckets Open to Cross-Account Attacks

Resources for this AMA

 

 

avatar

Posted By Erich Smith

Erich is the Principal Security Engineer at JupiterOne. An industry veteran of 20+ years, his background includes roles in software development, security, devops, systems administration, and compliance automation.

To hear more from Erich, get our newsletter. No spam, just the good stuff once or twice a month. Sign up below.

PREVIOUS ARTICLE

cyber-security 1

Ad Title Placeholder

Lorem ipsum dolor sit amet, consectetur adipiscing elit.