We would like to use wallboards around the organization to show relevant sprint data from JIRA 7.
The industry have high security requirements, so it isn't possible for users to be logged in. Is there any best practice for conguring af dummy/serviceaccount user with restricted access ?
The user needs to be able to browse specific projects and access certain dashboards. It needs to be configured centrally by system administrators, since the local project administrator in theory would be able to assign the user project administrator role by a mistake.
if you want to avoid that project admins play around with that user in the described way it would mean that you have to assign the user directly in the permission scheme of each project and make sure that the manage project permission is never given to a role but always to groups that you control - lots of administrative overhead in my opinion. So what do you fear? You could just create a filter to look for updates made by this user and let it send you an email every hour if the user does something.
Another way could be to implement a static html page where you embed the gadgets using iframes and store the login data to access these in some encrypted way. So the user should not really be logged in in a way that you can do bad things with this user. Don't know if this is possible but it might be worth a try?
Thanks for your reply.
We were asked by the security department to ensure, that the dummy user i tamper-proof. If it is up to the project administrators to assign it the right role, we will according to the security department set up a week link.
The static page would, surprise, hinder the dynamic and iterative approach to dashboard creation, so that is not an option :)
So according to you. Best practice would be to let project administrators assign the dummy user and then monitor the dummy users action by filters ?
You're welcome Kristian - yes monitoring the user with a JIRA filter which you subscribe to is the least work and provides some monitoring if the user is used by someone - of course you are not monitoring if versions are created by this user or if he deletes issues but maybe you could name the user something like "don't make me project admin"? ;)
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot