Audit purposes finding group permissions

Romeo Bollen September 6, 2022

I have been tasked with producing a comprehensive list of group permission for a particular group in Atlassian cloud. How do I produce this list without going through all the projects and searching for this group?

This list should show all permissions assigned to this group.

3 answers

0 votes
Rick Westbrock June 22, 2023

I have a similar use case and the only thing I can think of is to write a script which makes multiple API calls to get the list of all projects then loops each project to do the following:

  1. Call the Get project roles for project API
  2. Loop the list of roles returned in #1 to call the Get project role for project API
  3. Parse the list of actors returned by #2 for each role to find which actors are groups
  4. Parse the list of groups parsed in #3 to find matches for the group in question

At a high level I think that would work and you could write the output to list project/role pairs to a file. I want to build this myself but due to resource constraints I won't have time to look into that until next year.

For reference the links to the v3 APIs I mentioned are listed below:

  1. https://developer.atlassian.com/cloud/jira/platform/rest/v3/api-group-project-roles/#api-rest-api-3-project-projectidorkey-role-get
  2. https://developer.atlassian.com/cloud/jira/platform/rest/v3/api-group-project-roles/#api-rest-api-3-project-projectidorkey-role-id-get
0 votes
John Funk
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
May 10, 2023

Hey Romeo - did you ever get a solution for this? Did you try the API as Jack suggested? 

0 votes
Jack Brickey
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
September 6, 2022

There is no way of doing this OOTB to the best of my knowledge. You might have a look at the APIs if that's an option for you to see if you could iterate through all the projects together information that could be more easily reviewed.

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
TAGS
AUG Leaders

Atlassian Community Events