Automation Actor = Automation for Jira is failing

Got it working now, thanks for your help!

It does mean every project needs its own scheme, if you use groups directly.

However, if you set up a permission scheme that says things like

• Browse - role:developers, role:users
• Can be assigned issues - role:developers
• Work on issues - role:developers

and so-on, then you can do stuff like:

• Project AAA, Alice is a developer, Bob is a user, group XYZ are users
• Project BBB, Alice is a user, Bob is a developer, group XYZ are users

and so-on

Im hoping theres a better way to do it, :).

Thank you for your response.

Does this mean that each project that I want to restrict has to have its own scheme? Or.. does the scheme inherit the properties of the project if I only allow specific users or role to see that project. This is the confusing part. It looks to me that I need to modify each scheme and pick the groups or roles for each individual action within that project so to restrict roles to a project I need to modify multiple things. For instance, for engineering projects, I would need to go through and create a permissions scheme that only allow engineering roles to do everything that is currently set to "everyone who is signed in" -- does that make sense?

People is used in later versions, you're in the right place when you get to "users and roles".  The principles have not changed, and it works the same way in people.

Your process is mostly right too, and it really is that simple.  (Mostly right because the general advice is to use roles and not groups, otherwise you have to set up multiple permission schemes and your admins have to do all the work.  With roles, you set it up once and get your project admins to choose the right users and groups to add to the project)

With one honking great problem - Atlassian's default setup is totally broken.  It sets up all the defaults as "everyone who can sign in can see this project" and that means every new project.  You have to unpick that by correcting the permission scheme and removing users from existing projects to get to your sensible simple process.