Skip to main content

Vault

A collection of secrets such as a key ring

Vault properties
PropertyTypeDescriptionSpecifications
name *
stringName of the vault
Inherited properties
PropertyTypeDescriptionSpecifications
_class *
string |
array of strings
One or more classes conforming to a standard, abstract security data model. For example, an EC2 instance will have '_class':'Host'.
_key *
stringAn identifier unique within the scope containing the object. For example, for a Bitbucket repo, this will be the GUID of the repo as assigned by Bitbucket. For an IAM Role, this will be the ARN of the role.minLength: 10
_type *
stringThe type of object, typically reflecting the vendor and resource type. For example, 'aws_iam_user'. In some cases, a system knows about a type of entity that other systems know about, such as 'user_endpoint' or 'cve'.minLength: 3
displayName *
stringDisplay name, e.g. a person's preferred name or an AWS account alias
activebooleanIndicates if this entity is currently active.
classificationstring | nullThe sensitivity of the data; should match company data classification scheme

Examples: critical, confidential, internal, public
complianceStatusnumberThe compliance status of the entity, as a percentage of compliancy.minimum: 0, maximum: 1
createdBystringThe source/principal/user that created the entity
createdOnnumberThe timestamp (in milliseconds since epoch) when the entity was created at the source. This is different than _createdOn which is the timestamp the entity was first ingested into JupiterOne.
Format: date-time

criticalityintegerA number that represents the value or criticality of this entity, on a scale between 1-10.minimum: 1, maximum: 10
deletedBystringThe source/principal/user that deleted the entity
deletedOnnumberThe timestamp (in milliseconds since epoch) when the entity was deleted at the source.
Format: date-time

descriptionstringAn extended description of this entity.
discoveredBystringThe source/principal/user that discovered the entity
discoveredOnnumberThe timestamp (in milliseconds since epoch) when the entity was discovered.
Format: date-time

expiresOnnumberIf the entity is a temporary resource, optionally set the expiration date. For example, the expiration date of an SSL cert.
Format: date-time

idstring | arrayIdentifiers of this entity assigned by the providers. Values are expected to be unique within the provider scope.
notesarray of stringsUser provided notes about this entity
ownerstringThe owner of this entity. This could reference the name of the owner, or as reference ID/key to another entity in the graph as the owner.
publicbooleanIndicates if this is a public-facing resource (e.g. a public IP or public DNS record) or if the entity is publicly accessible. Default is false.
riskintegerThe risk level of this entity, on a scale between 1-10.minimum: 1, maximum: 10
statusstringStatus of this entity set by the external source system or by a user, e.g. Active, Inactive, Decommissioned

Examples: active, inactive, suspended, terminated, open, closed, pending, unknown, other
summarystringA summary / short description of this entity.
tagsarray of stringsAn array of unnamed tags
temporarybooleanIndicates if this node is a temporary resource, such as a lambda instance or an EC2 instance started by ECS.
trustintegerThe trust level of this entity, on a scale between 1-10.minimum: 1, maximum: 10
trustedbooleanIndicates if this is a trusted resource. For example, a trusted Network, Host, Device, Application, Person, User, or Vendor.
updatedBystringThe source/principal/user that updated the entity
updatedOnnumberThe timestamp (in milliseconds since epoch) when the entity was last updated at the source.
Format: date-time

validatedbooleanIndicates if this node has been validated as a known/valid Entity.
webLinkstringWeb link to the source. For example: https://console.aws.amazon.com/iam/home#/roles/Administrator. This property is used by the UI to add a hyperlink to the entity.
Format: uri

Required properties
  • _key
  • _class
  • _type
  • name
  • displayName