Cortex
Cortex is a system management tool that centralizes the oversight of services, applications, and team interactions. You can bring catalog, person, and team data from Cortex into Brinqa to streamline security processes and enhance risk assessments.
This document details the information you must provide for the connector to authenticate with Cortex and how to obtain that information from Cortex. See create a data integration for step-by-step instructions on setting up the integration.
Required connection settings
When setting up a data integration, select Cortex from the Connector drop-down. If you cannot find the connector in the drop-down, make sure that you have installed it first. You must provide the following information to authenticate Cortex with Brinqa:
-
Server URL: The Cortex server URL. The default URL is
https://api.getcortexapp.com/. -
API token: The Cortex API token associated with the Cortex account, which must have permissions to log in to the API server and return data.
Generate a Cortex API token
For the Cortex connector to use the Cortex API, you must provide an access token. You can use either a personal access token or an API token to retrieve data from the Cortex API.
To generate an API token, follow these steps:
-
Log in to your organization's Cortex portal as an administrator.
Only administrators can access the API Keys page and create API keys.
-
Click the User Profile icon in the top-right corner and then click My Preferences from the drop-down.
-
Click API Keys and then click Create API key.
The Create API Key dialog displays. Complete the following fields:
-
API Key Role: Click the drop-down and select the role to determine the level of access.
For the Cortex connector, select Viewer from the drop-down. The Viewer role is a read-only role and is considered to be the minimum role needed to read and retrieve data.
-
Description: (Optional) Provide a description for the token.
-
-
Click Create API Key.
Your new API token appears. You cannot view the token after this. Copy the token and save it to a secure location.
If you do not have permissions to create an API token, contact your Cortex administrator. For additional information, see Cortex documentation.
To generate a new personal access token, follow these steps:
-
Log in to your organization's Cortex portal.
-
Click the User Profile icon in the top-right corner and then click My Preferences from the drop-down.
-
Click Personal access tokens and then click Create new token.
The Create personal access token dialog displays. Complete the following fields:
-
Name: Provide a name for the token.
-
Description: (Optional) Provide a description for the token.
-
Expiration date: Provide an expiry date for the token.
-
-
Click Create access token.
Your new personal access token appears. You can not view the token after this. Copy the token and save it to a secure location.
Personal access tokens inherit the permissions of the user creating the token. At the very least, a User or Viewer role is required to retrieve data from the Cortex API. If permissions aren't sufficient to make API calls, you will receive a 403 error. For additional information, see Cortex documentation.
Types of data to retrieve
The Cortex connector can retrieve the following types of data from the Cortex API:
Table 1: Data retrieved from Cortex
| Connector Object | Required | Maps to Data Model |
|---|---|---|
| Catalog | No | Not mapped |
| Person | Yes | Person |
| Team | Yes | Team |
For detailed steps on how to view the data retrieved from Cortex in the Brinqa Platform, see How to view your data.
Attribute mappings
Expand the sections below to view the mappings between the source and the Brinqa data model attributes.
Catalog
Table 2: Catalog attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| description | description |
| git.alias | Local variable |
| git.basepath | Local variable |
| git.provider | Local variable |
| git.repository | Local variable |
| git.repositoryUrl | Local variable |
| groups | Local variable |
| hierarchy | Local variable |
| isArchived | Local variable |
| lastUpdated | sourceLastModified |
| links.url | Local variable |
| members | Local variable |
| metadata | Local variable |
| name | name |
| owners.individuals | Local variable |
| owners.teams | Local variable |
| slackChannels.name | Local variable |
| tag | uid |
| type | type |
Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.
Person
Table 3: Person attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| members.description | description |
| members.email | uid, email |
| members.name | name |
| members.role.name | Local variable |
| members.role.source | Local variable |
| members.role.tag | Local variable |
| members.role.type | Local variable |
Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.
Team
Table 4: Team attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| catalogEntityTag | Local variable |
| isArchived | Local variable |
| links.url | Local variable |
| metadata.description | Local variable |
| metadata.name | Local variable |
| metadata.summary | Local variable |
| slackChannels.channel | Local variable |
| teamTag | uid, name |
| type | type |
Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.
Operation options
The Cortex connector supports the following operation options. See connector operation options for information about how to apply them.
Table 5: Cortex connector operation options
| Connector Object | Option | All Possible Values | Description | Example |
|---|---|---|---|---|
| Catalog | owners | Any Cortex catalog owner group names | A comma-separated list of Cortex catalog owner group names. Retrieve catalogs by the specified owner group names. For additional information on owners, see Cortex documentation. | Key: owners Value: jane-doe,john-doe. This key and value combination only retrieves catalogs owned by the jane-doe and john-doe owner group names. |
| types | Any Cortex catalog type | Retrieve catalogs by the specified type. Catalog types can include domains, resources, s3, or services. For additional information on catalogs and catalog types, see Cortex documentation. | Key: types. Value: service. This key and value combination only retrieves catalogs with the service type. |
The option keys and values are case-sensitive as they are shown in this documentation.
APIs
The Cortex connector uses the Cortex REST API v1. Specifically, it uses the following endpoints:
Table 6: Cortex API Endpoints
| Connector Object | API Endpoints |
|---|---|
| Catalog | GET https://api.getcortexapp.com/api/v1/catalog/includeOwners=true&includeMetadata=true |
| Person | GET https://api.getcortexapp.com/api/v1/teams |
| Team | GET https://api.getcortexapp.com/api/v1/teams |
Changelog
The Cortex connector has undergone the following changes:
3.0.1
- The LINKS attribute is now retrieved on the Catalog object.
3.0.0
- Initial Integration+ release.