Please advise. Happy to provide more info.
Please note that per our security guidelines, we need to onboard these security groups in Infosec portal when application is go-live. With above approach, I can't ask Infosec to keep on adding more security groups into their portal whenever new project or space is created. They won't allow it.
So is there a way to have few standard groups across each application which we can onboard. Now whenever, new project is created, we manage the groups locally somehow or any other way.
At time of audit, when it is asked, who all have access to JIRA, that can be derived from security group. If asked, which user has access to which particular project in JIRA, that can also be derived without any issue.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.