Azure DevOps
Visualize Azure DevOps projects, teams, and users, and monitor changes through queries and alerts.
- Installation guide
- Azure DevOps data model
Installation
To install this integration, you will need to configure settings both within Azure DevOps and on JupiterOne. Before enabling in JupiterOne, ensure that you have completed the setup within Azure DevOps.
Configuration on Azure DevOps
The Azure DevOps integration uses a read-only, personal access token to ingest data from the Azure DevOps platform.
You must have the necessary permissions to generate a personal access token in Azure DevOps.
You will need to generate your Personal Access Token (PAT), and grant the following permissions for the PAT:
- Project and Team :
read - Work Items:
read - Build:
read - Environment:
read & manage - User Profile:
read - Code:
read - Graph:
read - Identity:
read - Advanced Security:
read
With your PAT created, and the credentials at hand, proceed to JupiterOne for the remaining setup.
Configuration in JupiterOne
To install the Azure DevOps integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select Azure DevOps. Click New Instance to begin configuring the integration.
Creating an Azure DevOps instance requires the following:
The Account Name used to identify the AirWatch account in JupiterOne. Ingested entities will have this value stored in
tag.AccountNamewhen theAccountNametoggle is enabled.Description to assist in identifying the integration instance, if desired.
Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as
DISABLEDand manually execute the integration.Your Azure DevOps URL (example: "https://dev.azure.com/jupiterone") and your Personal Access Token generated for use with JupiterOne.
Click Create once all values are provided to finalize the integration.
Next steps
Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.
Data Model
Entities
The following entities are created:
| Resources | Entity _type | Entity _class |
|---|---|---|
| ADO Project | azure_devops_project | Project |
| ADO Team | azure_devops_team | UserGroup |
| ADO User | azure_devops_user | User |
| ADO WorkItem | azure_devops_work_item | Record |
| Azure DevOps Alerts | azure_devops_alert_finding | Finding |
| Azure Devops Account | azure_devops_account | Account |
| AzureBuildSettings | azure_devops_build_settings | Configuration |
| AzureDevOps | azure_devops | Service |
| AzureDevOpsPipeline | azure_devops_pipeline | Workflow |
| AzureDevOpsPullRequest | azure_devops_pr | PR |
| Environments | azure_devops_environment | Configuration |
| Repository | azure_devops_repo | Repository |
Relationships
The following relationships are created:
Source Entity _type | Relationship _class | Target Entity _type |
|---|---|---|
azure_devops | SCANS | azure_devops_project |
azure_devops_account | HAS | azure_devops |
azure_devops_account | HAS | azure_devops_project |
azure_devops_account | OWNS | azure_devops_repo |
azure_devops_account | HAS | azure_devops_team |
azure_devops_account | HAS | azure_devops_user |
azure_devops_project | HAS | azure_devops_build_settings |
azure_devops_project | HAS | azure_devops_environment |
azure_devops_project | HAS | azure_devops_pipeline |
azure_devops_project | USES | azure_devops_repo |
azure_devops_project | HAS | azure_devops_team |
azure_devops_project | HAS | azure_devops_work_item |
azure_devops_repo | HAS | azure_devops_alert_finding |
azure_devops_repo | HAS | azure_devops_pr |
azure_devops_team | HAS | azure_devops_user |
azure_devops_user | MANAGES | azure_devops_account |
azure_devops_user | APPROVED | azure_devops_pr |
azure_devops_user | OPENED | azure_devops_pr |
azure_devops_user | REVIEWED | azure_devops_pr |
azure_devops_user | ASSIGNED | azure_devops_work_item |
azure_devops_user | CREATED | azure_devops_work_item |
Mapped Relationships
The following mapped relationships are created:
Source Entity _type | Relationship _class | Target Entity _type | Direction |
|---|---|---|---|
azure_devops_project | USES | *bitbucket_repo* | FORWARD |
azure_devops_project | USES | *github_repo* | FORWARD |