I'm excited that there's a Jira Cloud admin group now. The problem I'm working on is two fold and I'm curious what others have done.
1) Limit external contractors via a GSuite group so they are limited to seeing a particular project. I think I have this solved but I have to update all the NextGen projects to make them private and have shut-off the creation of new NextGen projects. Once the NextGen projects are private, I can just add the contractor Gsuite group to the User role for the project I want the to see which seems to work fine. The contractor group will also be set via Access to have Jira product access.
2) Auto-provision users by their GSuite group. Unfortunately, we have a lot of different Gsuite groups and we have set them up to flow into Atlassian Access. There's at least 15 groups for our development organization and they should all have unlimited access to development Jira projects. With Access I can grant these groups Jira product access, but then they still need to be added to projects. For this use case, I'm thinking of just adding all of the groups into a new permission scheme and then switching all of those development projects to use the new permission scheme. Alternatively, I'd have to go into each project and add the groups to a developer role which seems kind of painful. Note: currently we just have the basic jira-users, jira-developer groups and just put people in those groups manually when they need to use Jira. Has anyone else done something similar?
Later I'll have to figure out how to auto-provision the other non-development teams that use Jira but that's a problem for another time. I welcome any thoughts on this. Thanks.
I think the best solution is to create a new permission scheme where you can add a new user group called 'contractors'. This contractors group will have the access permissions you want to add. Then you should add all of the rest user groups into the new permission scheme and switch all the projects to the new scheme.
:)
Thanks - I ended up doing something similar. I have a new group for the contractors and made a permission scheme that leveraged that group to have the correct access to the 1 project they should be able to see. The contractors aren't in the basic "jira-users" group so they can't see any of the other projects. I didn't have to change the permission scheme that most of the projects were already using.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey for #1
I have several different projects where other groups cannot see each other's projects. To do so I have made my projects private by creating a role and adding that to the projects permissions schemes. By default, if there is no permissions in the project set up, you let people into the system they will have the ability to browse all projects
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks - things have changed slightly with Atlassian Access. I can grant a group product access which allows a user to login to Jira, but they can't see any projects until that group is added to a role or permission scheme.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Recommended Learning For You
Level up your skills with Atlassian learning
Learning Path
Become an effective Jira admin
Manage global settings and shared configurations called schemes to achieve goals more quickly.
Streamline Jira administration with effective governance
Improve how you administer and maintain Jira and minimize clutter for users and administrators.
Learning Path
Become an effective Jira software project admin
Set up software projects and configure tools and agile boards to meet your team's needs.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.