Jira Project Admins can add any group (main target is jira-users group) to any role in a project. This causes instance performance issues in combination with notification schemes (sending email notifications to thousands of users in big instances for thousands of notifications) and security disclosure issues with these notifications sent to all Jira users.
Is there a way to block jira-users from project admins? or any workaround solution to hide jira-users groups? Please suggest.
Hi Alex,
Thanks for your reply, after going through above link this line made me think about this
"script something that regularly removes jira-users if it's found in any roles"
So please suggest is this approach is still valid? and any other impact?
@Ravish Nayak Hi Ravish - We have a similar scenario https://community.atlassian.com/t5/Jira-discussions/Permission-strategy-for-Jira-access-by-external-users/td-p/2371733 .
Were you able to implement something to send alerts at least if not come up with a restriction ?