What is the best way to make a JIRA Project private such that access and visibility is restricted?

Dawn Spierings April 29, 2022

I have a sensitive project that I want to have restricted view, and edit access for.  How do I do this?  Our JIRA instance is configured so that anyone with a login can at a minimum view all projects.    

I tried to restrict by creating a group and a permission scheme that I could assign to the project.  But, when I created the group in admin.atlassian.com, it does not see our product(s) (JIRA) to give the group access to.  Therefore when I created the permission scheme in our product (JIRA) - it cannot find the group I set up.   

How do I get these to see each other?  Or is there another way to achieve my end goal?

1 answer

1 accepted

2 votes
Answer accepted
Fabian Lim
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
April 29, 2022

Hi @Dawn Spierings

You need to work with your sys admin to create a new permission scheme where you can select which roles are allowed to perform what and then associate it to the project. Then you can add the users to the roles in the project.

Here is some additional info: https://support.atlassian.com/jira-cloud-administration/docs/manage-project-permissions/

Regards

Dawn Spierings April 29, 2022

Hi @Fabian Lim - so you are saying to use roles vs using groups.  I can create the permission scheme ( actually have) but when I go to edit each  permission to grant access to the group I created, my group is not a selection option.  If I understand correctly, you are advising to create a role, add users to the roles and then grant permissions by role. 

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
April 29, 2022

Yes, roles are more powerful and flexible (and as an aside, actually faster) than groups when used in permissions. 

You can use groups or users in roles as well, varying them by project - it's not unusual to see large installations with hundreds of projects using 5-6 permission schemes.  Roles give them the knowledge that each project works the same way, but each project has a different set of users and groups using it.

Fabian Lim
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
April 29, 2022
Like Nic Brough -Adaptavist- likes this
Deleted user April 30, 2022

The best structure for access control within Jira is to use Project Roles in Permission Schemes, and add Groups to projects with the desired Project Role.

 

E.g:

My Private Project
Viewers (Project Role)
my-private-project-viewers (group)
sally
joe
peter
mary
Like Dawn Spierings likes this

Suggest an answer

Log in or Sign up to answer