jamf/JAWA jamf/JAWA

  • Stars
    star
    133
  • Rank 272,600 (Top 6 %)
  • Language
    HTML
  • License
    MIT License
  • Created about 5 years ago
  • Updated 3 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
jamf/JAWA
github

jamf

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Jamf Automation and Webhook Assistant

Jamf Automation and Webhook Assistant ("JAWA") Version 3.0.3

JAWA allows an IT Administrator to focus on providing the best end user experience through automation.

[!] NOTE: Always test automations in a dev/eval environment before deploying to production.

What is it?

Jamf Automation and Webhook Assistant, "JAWA", is a web server for hosting automation tools that interacts with Jamf Pro, Okta, and more. It includes a webhook receiver for if-this-then-that automation workflows in real-time, and crontab for the timed execution of scripts and automated report generation. JAWA is intended to make webhooks and automation more accessible to admins of Jamf Pro by providing them with a simple framework with which they can design time-saving workflows and to provide a conduit through which admins can connect multiple services within an organization.

Check out JAWA on the Jamf Marketplace for screenshots.

How it works?

JAWA is a Python Flask web app which runs on Linux and can be accessed from a web-browser. Once installed, the IT Admin is able to use JAWA to upload, edit, or adjust webhook and timed automations managed by JAWA. Automation scripts can be uploaded by the IT admin and be configured to run when triggered (webhook), or run on a timer (cron). JAWA leverages Jamf and Okta APIs when creating webhooks in their respective services.

Server Requirements

General Server Requirements:

  • Ubuntu 18.04+ or RHEL 7.x+
  • Minimum: 512MB RAM (4GB recommended)
  • Minimum: 12GB Storage (64GB recommended)
  • Minimum: 1 CPU Core (2 Cores recommended)
  • Python 3.7+ (with pip)

Network Requirements:

  • Inbound port 443 from JPS for webhooks (IPs for Jamf Cloud)
  • Inbound port 443 from LAN (for web access)
  • Outbound port 443 to JPS and auxiliary services ( Okta, WorkDay, etc.)

Certificate Requirements

  • SSL/TLS certificate (publicly trusted) and private key
  • A publicly trusted full-chain certificate (bundle of root CA + intermediate + server cert) is preferred for jawa.crt

Jamf Pro Requirements

  • Jamf Pro Server 10.35.0+

How do I use it?

See the "JAWA Administrators Guide" found in the release for more detailed installation and configuration instructions.

Installation Steps:

  1. Complete server requirements
  2. Rename certificate to jawa.crt and the private key to jawa.key
  3. Ensure you are in the same directory as your jawa.crt and jawa.key
  4. Download and run JAWA installer:

    1. Ubuntu installer:

      curl -O https://raw.githubusercontent.com/jamf/JAWA/master/bin/ubuntu_installer.sh && sudo bash ./ubuntu_installer.sh

    2. RHEL installer:

      curl -O https://raw.githubusercontent.com/jamf/JAWA/master/bin/rhel_installer.sh && sudo bash ./rhel_installer.sh
  5. After installation completes, navigate to your FQDN/IP (i.e., https://jawa.company.com) in your web browser to continue with the web-based setup

Configuration Steps:

  1. Log in to JAWA with your Jamf Pro URL and Jamf Pro Administrator Credentials
  2. Click the โ€œConfigure JAWAโ€ link in the JAWA Dashboard or click Setup in the top-nav
  3. Fill out the Server Setup form:
    1. [required] JAWA Server Address FQDN (i.e: https://jawa.company.com) - this address needs to be resolvable by the Jamf Pro Server to send webhooks
    2. [recommended] Lock your JAWA to a primary Jamf Pro Server
    3. [optional] Add an alternate Jamf Pro Server for
  4. Click Setup
  5. Set up your first webhook or timed automation

When scripting for webhooks, verify JSON structure sent from source:

  1. Jamf Pro Webhook Event Info
  2. Okta Webhook Event Info

Releases

Find JAWA releases here.

JAWA v3.0.3 release

  • New features
    • Jamf Pro API actions now use token-based authentication (resolving #32)
    • Option added for JAWA to return script results/output as part of a Custom webhook's response body (resolving #27)
    • Enhanced JAWA logging
    • Option added to use custom header authentication for Jamf Pro or Custom webhooks

More Repositories

1

PPPC-Utility

Privacy Preferences Policy Control (PPPC) Utility
Swift
748
star
2

CVE-2020-0796-RCE-POC

CVE-2020-0796 Remote Code Execution POC
Python
533
star
3

aftermath

Aftermath is a free macOS IR framework
Swift
474
star
4

DEPNotify-Starter

Bash script to start DEPNotify and run policies during enrollment with Jamf Pro
Shell
370
star
5

NetSUS

NetBoot and Software Update Server
PHP
304
star
6

MakeMeAnAdmin

Provides temporary admin access for a standard user via Jamf Self Service
Shell
258
star
7

CVE-2020-0796-LPE-POC

CVE-2020-0796 Local Privilege Escalation POC
Python
242
star
8

FreeTheSandbox_LPE_POC_13.7

Jailbreak for iOS 13.7 and earlier
C
225
star
9

jamfprotect

A repository for open-source resources created for use with or alongside Jamf Protect.
Shell
188
star
10

Jamf-Nation-Scripts

Scripts Migrated from Jamf Nation
Shell
186
star
11

CVE-2020-1206-POC

CVE-2020-1206 Uninitialized Kernel Memory Read POC
C#
146
star
12

FileVault2_Scripts

Scripts and Extension Attributes for use with FileVault 2 on Mountain Lion
Shell
146
star
13

JamfMigrator

A tool to migrate data granularly between Jamf Pro servers
Swift
143
star
14

mut

Swift
138
star
15

CIS-for-macOS-Catalina-CP

CIS Benchmarks for macOS Catalina
Shell
122
star
16

Notifier

Swift project which can post macOS alert or banner notifications on 10.15+ clients
Swift
119
star
17

Jamf-Nation-Extension-Attributes

Shell
118
star
18

zecops_public

Objective-C
114
star
19

API_Scripts

Scripts that make use of the JAMF Software Server API
Shell
114
star
20

JamfPrivacyPreferencePolicyControlProfiles

Shell
110
star
21

CIS-for-macOS-Sierra

Shell
105
star
22

ReEnroller

Migrate macOS devices from one Jamf Server to another.
Swift
103
star
23

Jamf-Environment-Test

Admin Utility for testing an environments network for success with Apple Devices
Shell
102
star
24

jamfStatus

Menu app to monitor JamfCloud status
Swift
101
star
25

jamJAR

jamJAR: Jamf, AutoPKG & Munki combined by dataJAR
Python
98
star
26

jamfconnect

A repository for Jamf Connect scripts, configuration profile templates,EAs and more!
Shell
93
star
27

jamfpro

JamfPro Docker image
Shell
71
star
28

regatta

Regatta is a distributed key-value store. It is Kubernetes friendly with emphasis on high read throughput and low operational cost.
Go
64
star
29

NoMAD-2

A complete ground-up rewrite of NoMAD utilizing the same AD Auth Framework found in NoMAD Login.
Swift
63
star
30

NoMADLogin-AD

Login to an AD user account without binding your Mac to AD.
Swift
51
star
31

JamfSync

Jamf Sync utility for synchronizing between Jamf Pro distribution points and/or file folders
Swift
48
star
32

SMBGhost-SMBleed-scanner

SMBGhost (CVE-2020-0796) and SMBleed (CVE-2020-1206) Scanner
Python
46
star
33

DEPNotify

Swift
43
star
34

Classic-API-Postman-Collection

42
star
35

2016_JNUC_Security_Reporting_Compliance

Repo for code used in all presentation slides from the 2016 JNUC Presentation "Digging into Security, Compliance, and Reporting"
Shell
42
star
36

Provisioning-Workflows

Provisioning Workflows for a Post-Imaging World
Shell
41
star
37

CIS-for-macOS-High-Sierra-CP

Shell
40
star
38

jamf-printer-manager

macOS app to upload printer configurations to Jamf Pro
Swift
39
star
39

jamf-laps-public

A GUI app for retrieving Jamf Pro LAPS ("Local Administrator Password Solution") credentials
Swift
38
star
40

ManagedAppConfigLib

Makes Managed AppConfig on iOS, tvOS, and macOS easier to work with.
Swift
37
star
41

Jamf-Connect-Resources

A repository for Jamf Connect scripts, configuration profile templates, and legacy content.
Shell
36
star
42

Subprocess

Swift library for macOS providing interfaces for both synchronous and asynchronous process execution
Swift
34
star
43

powerbi

Jamf PowerBi Integration
32
star
44

NoMAD

Get all of AD, with none of the bind!
Swift
30
star
45

JamfProvisioner

An Automated Erase/Install Workflow for macOS and Jamf Pro
Shell
30
star
46

ol

Misc Jamf-related Projects
PowerShell
26
star
47

Mac-Asset-Tag

A script that generates a GUI to accept a user input asset tag for the Mac.
Python
26
star
48

CIS-for-macOS-Sierra-CP

CIS for macOS 10.12 remediated with script and configuration profiles
Shell
26
star
49

AppConfig-Generator

Java
25
star
50

Scripting-101-Webinar

Resources for the "Scripting 101 for Apple Admins" webinar - June 2019
Shell
25
star
51

Jamf-Pro-Object-LookUp

Script to query Jamf Pro and find what an Object is associated with
Shell
23
star
52

STIG-macOS-10_14

STIG for macOS Mojave - audit and remediation with scripts and Configuration Profiles
Shell
21
star
53

Munki-Catalog-Browser

Munki Catalog Browser is an app which allows for easy browsing of items in your devices Munki catalogs as well as exporting to CSV
Swift
20
star
54

homebrew-tap

Ruby
19
star
55

CIS-for-macOS-High-Sierra

Shell
17
star
56

JamfConnectUninstall

Shell
16
star
57

NoMAD-ADAuth

Swift
14
star
58

CertificateSDK

Get Certificates From Jamf Pro Into Your iOS Apps
Objective-C
13
star
59

Jamf-Switcher

Jamf Switcher is an app which points either Jamf Pro applications or your browser to a particular Jamf deployment and is configured by Self Service Bookmarks
Swift
13
star
60

jamf_connectwise

An integration between Connectwise and Jamf Pro
Python
12
star
61

SmashingJamfProDashboards

Example jobs, dashboard and YAML file for use with Jamf Pro and Smashing
Ruby
11
star
62

rendr

A project scaffolding tool
Rust
10
star
63

AppConfigSpecCreator

Tool for Generation of Managed App Config Spec Files
JavaScript
10
star
64

authchanger

Utility for making changes to the macOS authorization database to easily allow for changing loginwindow mechanisms.
Swift
9
star
65

Jamf-Connect-Configurations-Templates

8
star
66

JamfSupport

Shell
8
star
67

JSS-LDAP-Sync

Sync department and building objects in the JSS with LDAP records
PowerShell
7
star
68

TableauIntegrations

JavaScript
7
star
69

groupsync

Sync LDAP groups with GitHub teams (and possibly more in the future).
Go
7
star
70

Classic-API-Swagger-Specification

7
star
71

JamfProtect-PPPC-Profile

A PPPC configuration profile to allow full disk and accessibility permissions for computers with the Jamf Protect agent.
6
star
72

SplunkBase

Jamf's Published Splunk Base Integration
Python
6
star
73

anti-phishing-extension

Augment the web with indicators that help detect phishing attempts
JavaScript
6
star
74

regatta-go

Regatta client for Go language
Go
5
star
75

JamfProFlow

Database application for managing configuration sets and change-managed workflows in Jamf Pro
Roff
5
star
76

GDPRAutomationTool

Python
5
star
77

Haversack

A Swift library for keychain access on Apple devices
Swift
5
star
78

kinobi-title-editor

Shell
4
star
79

gitlab_license_exporter

Gitlab License Information exporter
Go
3
star
80

testrail-reporting

Easily send results of your tests to Test Rail.
Groovy
3
star
81

RADAR_API_Postman_Collection

3
star
82

billboard

Swift
2
star
83

TELUGU_CVE-2018-4124_POC

Objective-C
2
star
84

regatta-helm

Helm Chart for the distributed key-value store Regatta.
Smarty
2
star
85

JamfProFlow-Sets

Configs for Jamf Pro
2
star
86

kyverno-test-util

Python
2
star
87

homebrew-internal-tap

Homebrew Internal Tap
Ruby
1
star
88

rendr-sample-blueprint-go-microservice

Shell
1
star
89

aurorasnapshot

Aurora Cluster snapshot handler (Allows to create and delete Aurora DB Snapshots based in tags)
Python
1
star
90

regatta-java

This repository hosts the code of Regatta client for JVM languages.
Java
1
star
91

ms-security-copilot-plugin

Basic Jamf Pro OpenAPI spec for use with Microsoft Security CoPilot plugin
1
star
92

jamf_entries_menu_manager

ExpressionEngine add-on to rearrange the Entries Menu in the CMS
JavaScript
1
star