HERE'S WHY
Connecting Jira to Drata allows for the automated checks and evidence collection to prove to auditors that your company follows its vulnerability management policy and procedures. Additionally, you may optionally enable 'Write Access' to create Jira tickets directly from Drata. Learn more about creating Jira tickets through Drata here.
BEFORE DIVING IN
Make sure you are logged into as admin in your company's Jira account. To learn how to verify if you have admin access, go to the Atlassian community post.
HERE'S HOW
Follow these instructions to connect Jira to Drata
Note: You can connect multiple Jira accounts.
1. Select "Connections'' on the side navigation menu.
2. Select the 'Available connections' tab and then search for 'Jira' to select the connect button for the Jira integration.
3. Follow the instructions in the connection drawer.
Account Alias: Enter an alternate account name.
If you have multiple Jira connections, the alias is one of the ways to differentiate the connections. Ensure to enter a descriptive alias so that when you create tickets, you can select the correct Jira connection.
Source: Select label or JQL depending on how you categorize your Jira tickets so that Drata can find the relevant tickets.
Label: Enter the security label you used in Jira to categorize your tickets. Those tickets will be
If no tickets were found based on the label, the test such as test 26 will search based on component and if still none are found, it searches based on custom fields.
JQL: Confirm the JQL provides the expected list of tickets in Jira before pasting it into Drata. Drata cannot validate the JQL that you enter. If your JQL results in an empty list of tickets, the associated test such as test 26 will pass.
Read more about labels and JQL here.
Write access to Jira: Enable this to create Jira tickets (or tasks) directly in Drata.
The tickets created in Drata will be added to your selected Jira Project and will be linked to the applicable Control (DCF or Custom) or Test.
Learn more about creating tickets in Drata here.
4. Select the connect button. You will be redirected to Jira to accept the following permissions scopes. You must be signed into Jira to accept the permissions scopes.
Read jira-user
Read jira-work
5. After you accept the required permissions scopes, you will be redirected to Drata. Once your Jira connection is established, navigate to the Drata's Connections page and search for your newly connected Jira connection. Select the View button to edit the connection, enter an alias for the connection, update the 'Source', or toggling on or off the 'Write Access'.
Note: Drata verifies the values in the native Jira priority field. You will not specify a custom priority value in the connection drawer.
Monitoring tests covered