This is most commonly caused by incorrect or insufficient permissions. Check the IAM policy assigned to the IAM role used by JupiterOne in your AWS account. You can find details on the required permissions by going to
Integrations Configuration > Add AWS Configuration > and clicking on the Setup Instructions button.
Or they can be found on the jupiterone-aws-integration project on Github.
public property on a Network entity means the network is publicly
accessible. A publicly accessible network could be either internal or external.
There is an
internal property to indicate whether that is the case.
A network that is not an entity ingested from an integration is determined to be
potentially an external network, with
internal=undefined. When such a network
(or host) has a public IP address or CIDR, it is set to be
An internal network - that is, a Network entity ingested from an integration,
such as an
aws_vpc - is set to
internal network may be determined to be publicly accessible by the integration
with certain conditions that are specific to each type of integration.
aws_subnet is determined to be publicly accessible --
public=true -- only when the following conditions are met:
- The VPC has an Internet Gateway that connects it to the Internet
- The VPC or subnet has a Route in the Route Table to external networks
- The VPC or subnet has a Network ACL that allows traffic to/from external networks
You can add custom properties by tagging your AWS resources. AWS supports tags
for most resources. All tags will be ingested as entity properties. Each tag
will have a prefix
tag. followed by the tag name as the entity property name.
You can then build queries using these tag properties. For example:
Find aws_instance with tag.Environment='staging'