Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Leveraging GSuite groups and Atlassian Access

Ken Siskind April 23, 2021

I'm excited that there's a Jira Cloud admin group now.  The problem I'm working on is two fold and I'm curious what others have done.  

1) Limit external contractors via a GSuite group so they are limited to seeing a particular project.  I think I have this solved but I have to update all the NextGen projects to make them private and have shut-off the creation of new NextGen projects.  Once the NextGen projects are private, I can just add the contractor Gsuite group to the User role for the project I want the to see which seems to work fine.  The contractor group will also be set via Access to have Jira product access. 

2) Auto-provision users by their GSuite group.  Unfortunately, we have a lot of different Gsuite groups and we have set them up to flow into Atlassian Access.  There's at least 15 groups for our development organization and they should all have unlimited access to development Jira projects.  With Access I can grant these groups Jira product access, but then they still need to be added to projects.  For this use case, I'm thinking of just adding all of the groups into a new permission scheme and then switching all of those development projects to use the new permission scheme.  Alternatively, I'd have to go into each project and add the groups to a developer role which seems kind of painful.     Note: currently we just have the basic jira-users, jira-developer groups and just put people in those groups manually when they need to use Jira.   Has anyone else done something similar? 

Later I'll have to figure out how to auto-provision the other non-development teams that use Jira but that's a problem for another time.  I welcome any thoughts on this.  Thanks.

2 answers

Suggest an answer

Log in or Sign up to answer
0 votes
Desi Nikolova April 29, 2021

I think the best solution is to create a new permission scheme where you can add a new user group called 'contractors'. This contractors group will have the access permissions you want to add. Then you should add all of the rest user groups into the new permission scheme and switch all the projects to the new scheme.

:) 

Ken Siskind May 12, 2021

Thanks - I ended up doing something similar.  I have a new group for the contractors and made a permission scheme that leveraged that group to have the correct access to the 1 project they should be able to see.   The contractors aren't in the basic "jira-users" group so they can't see any of the other projects.  I didn't have to change the permission scheme that most of the projects were already using.  

Like Desi Nikolova likes this
0 votes
Naomi Palmer
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
April 23, 2021

Hey for #1

I have several different projects where other groups cannot see each other's projects. To do so I have made my projects private by creating a role and adding that to the projects permissions schemes. By default, if there is no permissions in the project set up, you let people into the system they will have the ability to browse all projects

Permission Scheme.png

  1. Create a role for your project
  2. Copy a version of the default permissions scheme for  your project
  3.  Add that role to to the new permission scheme in the "browse projects" permission for your project (photo attached)
  4. Everyone will need to have that role to see the project, even if you are the admin
Ken Siskind April 23, 2021

Thanks - things have changed slightly with Atlassian Access.  I can grant a group product access which allows a user to login to Jira, but they can't see any projects until that group is added to a role or permission scheme.

TAGS
AUG Leaders

Atlassian Community Events