lock down attachments

Is there a way to secure documents in confluence to prevent someone from viewing or downloading the document?  We would like to secure a page/space and the attachments on that page but still allow others to have access to other pages on that site.  We have an HR space where HR keeps general content for the company (tavel, 401k, etc)  They also want to keep performance reviews on their space for managers to keep track of their employees (they upload the reviews as doc).  We can restrict the page, but the site also has the 'attachments' page and we can see the documents.  Any way to lock this down or suggestions on a way to secure this content?

4 answers

You can set space permissions that will apply to the whole space, and/or you can set specific page restrictions that will only apply to one page.  Page restrictions include the attachments, so if (for example) you created an "HR Group" of users, and only gave that Group view permissions to a page, only they could see the page and attachments.  You can read more about page restrictions here.


I should have been more specific, the challenge is that the Confluence Admin still has Super User rights to view anything in Confluence. There seems to be no way of granting of admin rights that would be granular enough to flexibly disallow the Confluence Admin from viewing a secure Space.

If you set a parent page to have certain people in the Page View Restrictions but exclude the Space Admin person, I am almost 100% certain that even the admin person can't see the content - they might be able to see the page exists but not the actual page.It is simple to check on a test page in your space. Let me know if my understanding is wrong.

The other thing to test is I think the Admin can force a removal of Restrictions 

Hi Bruce,

There are 2 types of admin: Confluence admins, who administer the ins and outs of Confluence, and site admins, who administer all of your Atlassian products and, most importantly for your question, deal with user management.  You can also have, for example, JIRA admins who administer JIRA but not Confluence.  But site admins are the only ones with user management privileges for your Atlassian instance, no matter what Atlassian products you have.

Confluence admins and site admins are both members of the admin group.  Site admins are also members of the site-admin group.  Only members of the site-admin group can access user management. (The reason for explaining this will become clearer later on.)

By default, every new space gives standard view and edit privileges to the confluence-users group (the default group that every user is automatically put into when their Confluence account is created) and space admin privileges to the admin group.

To resolve your problem:

  1. Create a group that will be allowed to access your secure space.
  2. Create your secure space.
  3. Remove the confluence-users group from the secure space.
  4. Add your secure group to the space.
  5. Add 1 or more individuals to the space with admin privileges for that space (or create a secure admin group and give that group admin privileges for that space if you'd rather do it that way)
  6. Remove the admin group privileges from the space.

This will allow only members of the secure group to view the space, and only the selected people (or admin group) to whom you've given admin privileges to administer the space.

This is where you'll have a problem: Site administrators won't be able to access the space through normal methods, i.e. they won't be able to see it in the space directory, and if they follow a link to it they'll be blocked from viewing it.  But site administrators can go into user management and log in as any user they want.  This is to allow them to trouble shoot problems, or - a very common use - remove permissions from spaces and pages that have been applied by users who've left.  They can also see and manage permissions for all spaces from a central console.  This is absolutely standard, normal admin functionality for an enterprise application.  The site admins should be people with high levels of infosec knowledge, and very trustworthy.  Otherwise, why are they allowed to have that level of power?  You probably only have a very small number of site-admins, and if they're part of your IT team they can already access everyone's email, computers, shared drives and so on. Realistically, it's not possible to create a space that a site-admin can't find some way of getting into if they really wanted, because if necessary they could contact Atlassian and ask them to amend the permissions.  But that's their job smile


Suggest an answer

Log in or Sign up to answer
Community showcase
Posted Feb 06, 2019 in Confluence

Try out the new editing experience

Hi team, I’m Avinoam, a product manager on Confluence Cloud, and today I’m really excited to let the Community know that all customers can now try out the new editing experience and see some of the ...

967 views 50 8
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you