Community
Questions Library
Docs
Blog
Events
Swag
Github
Slack
JupiterOne
Discussions
Release Notes
Contact Us
JupiterOne 2020.58 Release - AskJ1 Community
<main> <article class="userContent"> <p>2020-11-17</p> <h2 data-id="new-features">New Features</h2> <ul><li><p>Modified API to pass account ID via <code class="code codeInline" spellcheck="false" tabindex="0">JupiterOne-Account</code> header (it is backwards compatible with<br> the legacy <code class="code codeInline" spellcheck="false" tabindex="0">LifeOmic-Account</code> header).</p></li> <li><p>Added support to generate integrations API key that can be used to run integrations in your own infrastructure.</p></li> </ul><blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <p class="blockquote-line">These API keys are configured in an integration instance and scoped to that particular integration instance by<br> ID. They can only be used to synchronize data in the selected integration's scope and cannot be used to read <br> the graph or perform any other action in the system.</p> </div></blockquote> <p><strong>Sneak peek:</strong> <br><em>We are working on a visual query builder to make it easier to construct J1QL queries. Stay tuned!</em></p> <h2 data-id="integrations">Integrations</h2> <h3 data-id="aws">AWS</h3> <ul><li><p>Updated the <code class="code codeInline" spellcheck="false" tabindex="0">accessKeyEnabled</code> flag on <code class="code codeInline" spellcheck="false" tabindex="0">aws_iam_user</code> entities such that it is set to <code class="code codeInline" spellcheck="false" tabindex="0">true</code> only when there<br> is at least one <em>active</em> access key associated with that user.</p></li> <li><p>Fixed missing ECR image findings</p></li> <li>Added processing of EC2 <code class="code codeInline" spellcheck="false" tabindex="0">RunInstances</code> CloudTrail events to create <code class="code codeInline" spellcheck="false" tabindex="0">aws_instance</code> entities soon after <br> they're created in AWS</li> </ul><h3 data-id="azure">Azure</h3> <ul><li>Added managed questions for Azure CIS 2.3 - 2.19</li> </ul><h3 data-id="cloudflare">Cloudflare</h3> <ul><li>Fixed duplicate <code class="code codeInline" spellcheck="false" tabindex="0">_key</code> for <code class="code codeInline" spellcheck="false" tabindex="0">cloudflare_account_role</code> entities</li> </ul><h3 data-id="gitlab">GitLab</h3> <ul><li>Fixed duplicate <code class="code codeInline" spellcheck="false" tabindex="0">gitlab_group_has_user</code> relationships</li> <li><p>Fixed unhandled authentication/authorization error during configuration<br> validation</p></li> <li><p>Fixed unhandled authentication/authorization error in resource API calls</p></li> <li><p>Ingest projects of accessible groups in addition to projects owned by the<br> configured user credentials</p></li> <li><p>Fixed unhandled <code class="code codeInline" spellcheck="false" tabindex="0">403</code> response to requests for project merge requests would<br> kill all merge request ingestion</p></li> <li><p>Added <code class="code codeInline" spellcheck="false" tabindex="0">allowMergeOnSkippedPipeline</code> to project entities</p></li> <li><p>Added properties to merge request entities: <code class="code codeInline" spellcheck="false" tabindex="0">approved</code>, <code class="code codeInline" spellcheck="false" tabindex="0">approvers</code> (names of<br> persons who approved), <code class="code codeInline" spellcheck="false" tabindex="0">approverIds</code>, and <code class="code codeInline" spellcheck="false" tabindex="0">approverLogins</code></p></li> <li><p>Added approval configuration source to raw data of merge requests</p></li> </ul><h3 data-id="google-cloud">Google Cloud</h3> <ul><li>Fixed IAM service account <code class="code codeInline" spellcheck="false" tabindex="0">ASSIGNED</code> role relationship duplicates</li> <li><p>Added a script that allows JupiterOne integration instance creation for every<br> Google Cloud project in an organization</p> <p>Example:</p> <pre class="code codeBlock" spellcheck="false" tabindex="0">yarn jupiterone-organization-setup \ --google-access-token $(gcloud auth print-access-token) \ --organization-id 1111111111 \ --jupiterone-account-id MY_JUPITERONE_ACCOUNT_ID_HERE \ --jupiterone-api-key MY_JUPITERONE_API_KEY_HERE </pre></li> </ul><h3 data-id="google-workspaces">Google Workspaces</h3> <ul><li><p>Fixed relationship duplicate key error users in the same group have the same<br> email address</p></li> <li><p>For group members, added <code class="code codeInline" spellcheck="false" tabindex="0">name</code>, <code class="code codeInline" spellcheck="false" tabindex="0">displayName</code> to mapped users and groups</p></li> <li>For group member relationships, added member properties <code class="code codeInline" spellcheck="false" tabindex="0">email</code>, <code class="code codeInline" spellcheck="false" tabindex="0">id</code>, <code class="code codeInline" spellcheck="false" tabindex="0">kind</code>, <code class="code codeInline" spellcheck="false" tabindex="0">role</code>,<br><code class="code codeInline" spellcheck="false" tabindex="0">status</code>, and <code class="code codeInline" spellcheck="false" tabindex="0">type</code> to better expose properties of the membership</li> </ul><h3 data-id="okta">Okta</h3> <ul><li>Fixed unhandled <code class="code codeInline" spellcheck="false" tabindex="0">ETIMEDOUT</code> Okta API errors</li> <li>Added job logging of Okta API errors for customer visibility</li> <li>Fixed issue that could prevent complete ingestion of some Okta users</li> </ul><h3 data-id="qualys">Qualys</h3> <ul><li>Added configuration fields to allow control over finding history ingestion limits</li> </ul><h3 data-id="tenable-cloud">Tenable Cloud</h3> <ul><li>Fixed a failure to retry <code class="code codeInline" spellcheck="false" tabindex="0">500</code> responses fetching vulnerability details</li> </ul><h2 data-id="other-improvements-and-bug-fixes">Other Improvements and Bug Fixes</h2> <ul><li>Added validation to prevent users from submitting invalid queries for table and graph charts</li> <li>Fixed an issue with insights table chart parsing queries incorrectly in certain cases</li> <li>Fixed an issue that prevented the sharing of an insights dashboard</li> <li>Fixed an issue where non-admin users would be taken to onboarding</li> <li>Fixed an issue where the matrix chart would not scroll when it was overflowing</li> <li>Fixed an issue where an error message was shown in a chart when it should not be</li> <li>Fixed a number of issues identified as part of the Compliance Review Workflow beta testing</li> <li>Updated account IDs to use UUIDs</li> <li>Performance improvements to the integrations data ingestion/processing pipeline</li> </ul> </article> </main>