Policy
A written policy documentation.
Policy properties
Property | Type | Description | Specifications |
---|---|---|---|
content * | string | Text content of the policy. For policies/procedures used by the Policy Builder app, this will contain the template text in markdown format. Stored in raw data. | |
summary * | string | Summary or overview the describes the policy. Summary text is intended as guidance to the author and not included in the published version. | |
title * | string | Title of the policy | |
adopted | boolean | Indicates if policy or procedure has been adopted. Only adopted policies and procedures are included in the published view of the Policy Builder app. | |
applicable | boolean | Indicates if policy or procedure is applicable based on the organization's current risk and compliance needs. A Policy that is not applicable may become applicable later as the organization's requirements and maturity change. | |
author | string | Author of the record |
Inherited properties
Property | Type | Description | Specifications |
---|---|---|---|
_class * | string | array of string s | One or more classes conforming to a standard, abstract security data model. For example, an EC2 instance will have '_class':'Host'. | |
_key * | string | An identifier unique within the scope containing the object. For example, for a Bitbucket repo, this will be the GUID of the repo as assigned by Bitbucket. For an IAM Role, this will be the ARN of the role. | minLength: 10 |
_type * | string | The type of object, typically reflecting the vendor and resource type. For example, 'aws_iam_user'. In some cases, a system knows about a type of entity that other systems know about, such as 'user_endpoint' or 'cve'. | minLength: 3 |
displayName * | string | Display name, e.g. a person's preferred name or an AWS account alias | |
name * | string | Name of this entity | |
approved | boolean | If this is record has been reviewed and approved. | |
approvedOn | number | The timestamp (in milliseconds since epoch) when this record was approved. | Format: date-time |
approvers | array of string s | The list of approvers on the record. | |
category | string | The category of the official record Examples: exception, finding, hr, incident, issue, job, legal, request, policy, procedure, problem, review, risk, other | |
classification | string | The sensitivity of the data; should match company data classification scheme. For example: critical - confidential - internal - public. Examples: critical, confidential, internal, public | |
createdOn | number | The timestamp (in milliseconds since epoch) when the entity was created at the source. This is different than _createdOn which is the timestamp the entity was first ingested into JupiterOne. | Format: date-time |
description | string | An extended description of this entity. | |
exception | boolean | Indicates if this record has an applied exception. For example, exception for a known finding or a PR that is not fully approved. | |
exceptionReason | string | Reason / description of the exception. | |
open | boolean | Indicates if this record is currently open. For example, an open Vulnerability finding (Vulnerability extends Record). | |
production | boolean | If this is a production record. For example, a production change management ticket would have this set to true , and have a category = change property. Another example would be a Vulnerability finding in production. | |
public | boolean | If this is a public record. Defaults to false. | default: false |
reportedOn | number | The timestamp (in milliseconds since epoch) when this record was reported/opened. In most cases, this would be the same as createdOn but occasionally a record can be created at a different time than when it was first reported. | Format: date-time |
reporter | string | The person or system that reported or created this record. | |
updatedOn | number | The timestamp (in milliseconds since epoch) when the entity was last updated at the source. | Format: date-time |
webLink | string | Hyperlink to the location of this record, e.g. URL to a Jira issue | Format: uri |
Required properties
_key
_class
_type
name
displayName
title
summary
content