Ruleset
An operational or configuration compliance ruleset with rules that govern (or enforce, evaluate, monitor) a security control or IT system.
Ruleset properties
Property | Type | Description | Specifications |
---|---|---|---|
category | string | The category of ruleset. Examples: compliance, config, password, other | |
content | string | Contents of the raw rules, if applicable. | |
rules | array of string s | Rules of ruleset. Each rule is written 'as-code' that can be operationalized with a control provider or within JupiterOne's rules engine. |
Inherited properties
Property | Type | Description | Specifications |
---|---|---|---|
_class * | string | array of string s | One or more classes conforming to a standard, abstract security data model. For example, an EC2 instance will have '_class':'Host'. | |
_key * | string | An identifier unique within the scope containing the object. For example, for a Bitbucket repo, this will be the GUID of the repo as assigned by Bitbucket. For an IAM Role, this will be the ARN of the role. | minLength: 10 |
_type * | string | The type of object, typically reflecting the vendor and resource type. For example, 'aws_iam_user'. In some cases, a system knows about a type of entity that other systems know about, such as 'user_endpoint' or 'cve'. | minLength: 3 |
displayName * | string | Display name, e.g. a person's preferred name or an AWS account alias | |
name * | string | Name of this entity | |
active | boolean | Indicates if this entity is currently active. | |
classification | string | null | The sensitivity of the data; should match company data classification scheme Examples: critical, confidential, internal, public | |
complianceStatus | number | The compliance status of the entity, as a percentage of compliancy. | minimum: 0, maximum: 1 |
createdBy | string | The source/principal/user that created the entity | |
createdOn | number | The timestamp (in milliseconds since epoch) when the entity was created at the source. This is different than _createdOn which is the timestamp the entity was first ingested into JupiterOne. | Format: date-time |
criticality | integer | A number that represents the value or criticality of this entity, on a scale between 1-10. | minimum: 1, maximum: 10 |
deletedBy | string | The source/principal/user that deleted the entity | |
deletedOn | number | The timestamp (in milliseconds since epoch) when the entity was deleted at the source. | Format: date-time |
description | string | An extended description of this entity. | |
discoveredBy | string | The source/principal/user that discovered the entity | |
discoveredOn | number | The timestamp (in milliseconds since epoch) when the entity was discovered. | Format: date-time |
expiresOn | number | If the entity is a temporary resource, optionally set the expiration date. For example, the expiration date of an SSL cert. | Format: date-time |
id | string | array | Identifiers of this entity assigned by the providers. Values are expected to be unique within the provider scope. | |
notes | array of string s | User provided notes about this entity | |
owner | string | The owner of this entity. This could reference the name of the owner, or as reference ID/key to another entity in the graph as the owner. | |
public | boolean | Indicates if this is a public-facing resource (e.g. a public IP or public DNS record) or if the entity is publicly accessible. Default is false. | |
risk | integer | The risk level of this entity, on a scale between 1-10. | minimum: 1, maximum: 10 |
status | string | Status of this entity set by the external source system or by a user, e.g. Active, Inactive, Decommissioned Examples: active, inactive, suspended, terminated, open, closed, pending, unknown, other | |
summary | string | A summary / short description of this entity. | |
tags | array of string s | An array of unnamed tags | |
temporary | boolean | Indicates if this node is a temporary resource, such as a lambda instance or an EC2 instance started by ECS. | |
trust | integer | The trust level of this entity, on a scale between 1-10. | minimum: 1, maximum: 10 |
trusted | boolean | Indicates if this is a trusted resource. For example, a trusted Network, Host, Device, Application, Person, User, or Vendor. | |
updatedBy | string | The source/principal/user that updated the entity | |
updatedOn | number | The timestamp (in milliseconds since epoch) when the entity was last updated at the source. | Format: date-time |
validated | boolean | Indicates if this node has been validated as a known/valid Entity. | |
webLink | string | Web link to the source. For example: https://console.aws.amazon.com/iam/home#/roles/Administrator. This property is used by the UI to add a hyperlink to the entity. | Format: uri |
Required properties
_key
_class
_type
name
displayName