Community
Questions Library
Docs
Blog
Events
Swag
Github
Slack
JupiterOne
Discussions
Release Notes
Contact Us
Alibaba Cloud - AskJ1 Community
<main> <article class="userContent"> <h2 data-id="alibaba-cloud-jupiterone-integration-benefits">Alibaba Cloud + JupiterOne Integration Benefits</h2> <ul><li>Visualize Alibaba Cloud resources in the JupiterOne graph.</li> <li><p>Monitor visibility and governance of your Alibaba cloud environment by<br> leveraging hundreds of out of the box queries.</p></li> <li><p>Monitor changes to Alibaba Cloud users using JupiterOne alerts.</p></li> </ul><h2 data-id="how-it-works">How it Works</h2> <ul><li><p>JupiterOne periodically fetches users and cloud resources from Alibaba Cloud<br> to update the graph.</p></li> <li><p>Write JupiterOne queries to review and monitor updates to the graph, or<br> leverage existing queries.</p></li> <li><p>Configure alerts to take action when the JupiterOne graph changes, or leverage<br> existing alerts.</p></li> </ul><h2 data-id="requirements">Requirements</h2> <ul><li><p>JupiterOne requires an Access and Secret Access Key for making requests to the<br> Alibaba Cloud API.</p> <ul><li>You need permission to create a user with an Access and Secret Access key.</li> </ul></li> <li><p>You must have permission in JupiterOne to install new integrations.</p></li> </ul><h2 data-id="support">Support</h2> <p>If you need help with this integration, please contact<br><a rel="nofollow" href="https://support.jupiterone.io">JupiterOne Support</a>.</p> <h2 data-id="integration-walkthrough">Integration Walkthrough</h2> <h3 data-id="in-alibaba-cloud">In Alibaba Cloud</h3> <p>An Access Key ID and Access Key Secret is required for the integration to<br> interact with Alibaba Cloud's API. In order to obtain an Access Key ID/Secret<br> combination for the integration, an administrator of the Alibaba Cloud account<br> will need to create a new RAM user the integration can use. Additionally, the<br> user will need to have Read Only access to the account. To do so, the<br> administrator can:</p> <ol><li>Navigate to the RAM page in the Alibaba Cloud console.</li> <li>Select <code class="code codeInline" spellcheck="false" tabindex="0">Create User</code>. We suggest the name of the user include <code class="code codeInline" spellcheck="false" tabindex="0">JupiterOne</code>.</li> <li>Check the <code class="code codeInline" spellcheck="false" tabindex="0">Open API Access</code> option while creating the new user.</li> <li>Obtain the Access Key ID/Secret combination that is generated.</li> <li>Grant the new user the <code class="code codeInline" spellcheck="false" tabindex="0">ReadOnlyAccess</code> permission.</li> </ol><h3 data-id="in-jupiterone">In JupiterOne</h3> <ol><li>From the top navigation of the J1 Search homepage, select <strong>Integrations</strong>.</li> <li>Scroll to the <strong>Alibaba Cloud</strong> integration tile and click it.</li> <li>Click the <strong>Add Configuration</strong> button and configure the following settings:</li> </ol><ul><li><p>Enter the <strong>Account Name</strong> by which you'd like to identify this Alibaba Cloud<br> account in JupiterOne. Ingested entities will have this value stored in<br><code class="code codeInline" spellcheck="false" tabindex="0">tag.AccountName</code> when <strong>Tag with Account Name</strong> is checked.</p></li> <li><p>Enter a <strong>Description</strong> that will further assist your team when identifying<br> the integration instance.</p></li> <li><p>Select a <strong>Polling Interval</strong> that you feel is sufficient for your monitoring<br> needs. You may leave this as <code class="code codeInline" spellcheck="false" tabindex="0">DISABLED</code> and manually execute the integration.</p></li> <li><p>Enter the Alibaba Cloud <strong>Access Key ID</strong> and <strong>Secret Access Key</strong> generated<br> for use by JupiterOne.</p></li> </ul><ol start="4"><li>Click <strong>Create Configuration</strong> once all values are provided.</li> </ol><h1 data-id="how-to-uninstall">How to Uninstall</h1> <ol><li>From the top navigation of the J1 Search homepage, select <strong>Integrations</strong>.</li> <li>Scroll to the <strong>Alibaba Cloud</strong> integration tile and click it.</li> <li>Identify and click the <strong>integration to delete</strong>.</li> <li>Click the <strong>trash can</strong> icon.</li> <li>Click the <strong>Remove</strong> button to delete the integration.</li> </ol><p><br></p> <h2 data-id="data-model">Data Model</h2> <h3 data-id="entities">Entities</h3> <p>The following entities are created:</p> <table><thead><tr><th>Resources</th> <th>Entity <code class="code codeInline" spellcheck="false" tabindex="0">_type</code></th> <th>Entity <code class="code codeInline" spellcheck="false" tabindex="0">_class</code></th> </tr></thead><tbody><tr><td>ALB Load Balancer</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_alb_load_balancer</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">Gateway</code></td> </tr><tr><td>Autoscaling Group</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_autoscaling_group</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">Deployment</code>, <code class="code codeInline" spellcheck="false" tabindex="0">Group</code></td> </tr><tr><td>ECS Instance</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_ecs_instance</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">Host</code></td> </tr><tr><td>NAT Gateway</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_nat_gateway</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">Gateway</code></td> </tr><tr><td>OSS Bucket</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_oss_bucket</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">DataStore</code></td> </tr><tr><td>OSS Object</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_oss_object</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">DataObject</code></td> </tr><tr><td>RAM Group</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_ram_group</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">UserGroup</code></td> </tr><tr><td>RAM Policy</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_ram_policy</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">Policy</code></td> </tr><tr><td>RAM Role</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_ram_role</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">AccessRole</code></td> </tr><tr><td>RAM User</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_ram_user</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">User</code></td> </tr><tr><td>VPC</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_vpc</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">Network</code></td> </tr><tr><td>VPN Gateway</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_vpn_gateway</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">Gateway</code></td> </tr></tbody></table><h3 data-id="relationships">Relationships</h3> <p>The following relationships are created:</p> <table><thead><tr><th>Source Entity <code class="code codeInline" spellcheck="false" tabindex="0">_type</code></th> <th>Relationship <code class="code codeInline" spellcheck="false" tabindex="0">_class</code></th> <th>Target Entity <code class="code codeInline" spellcheck="false" tabindex="0">_type</code></th> </tr></thead><tbody><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_autoscaling_group</code></td> <td><strong>USES</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_vpc</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_oss_bucket</code></td> <td><strong>HAS</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_oss_object</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_ram_group</code></td> <td><strong>HAS</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_ram_user</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_ram_policy</code></td> <td><strong>ASSIGNED</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_ram_group</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_ram_policy</code></td> <td><strong>ASSIGNED</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_ram_role</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_ram_policy</code></td> <td><strong>ASSIGNED</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_ram_user</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_vpc</code></td> <td><strong>HAS</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_alb_load_balancer</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_vpc</code></td> <td><strong>HAS</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_ecs_instance</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_vpc</code></td> <td><strong>HAS</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_nat_gateway</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_vpc</code></td> <td><strong>HAS</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">alibaba_cloud_vpn_gateway</code></td> </tr></tbody></table><p><br></p> </article> </main>