I am wondering if permissions can be set freely to basic and trusted user, are they basically the same? (the third user level - administrator is clear that user with this level has administration power which the other two does not.)
Adding a user to the Basic Role will allow them the same global permission as the group “Jira-Software-Users”. When added to the Basic Role, a new user will show up belonging to the Jira-Software-Users basic user group, and only this group. Users in this role/group will have the permission to access and work in projects based on their Project Permissions. And as usual, these users will have access to all visualization tools (filters, board, dashboards) for those issues they have Project Permissions to see.
Site Administrator Role:l
Adding a user to the Site Administrator Role will allow them the same global permission as the group “Site-Admins”. When added to the Site Administrator role, a new user will show up belonging to both the Site-Admins and the Jira-Software-Users groups. These users will have full access to the broadest permission available in a Cloud instance. This includes Jira Admin rights (ability to create and configure projects) as well as Site Admin rights (user management and billing).
The Trusted User Role grants the user access to Jira Admin features, but not Site Admin features. Also, adding a user to the Trusted User Role will not add them automatically to any of the groups that have Jira Admin Global Permissions (like site-admins or jira-administrators). The only global group these users will be part of is Jira-Software-Users. However, even though Trusted User will only be in this basic user group, they will have those Jira-Admin permissions that exceed basic users.
That's not strictly true in my cloud instance. Every Trusted User has been granted access to ALL of the software on my Cloud based system. So Trusted users are by default added to the Service Desk license Count and there is NO WAY to remove them unless I make them basic users.
This is very poor logic and has cause use a lot of grief with licensing.
So far I did not see difference between Trusted role and administrator group(provided I do not change it's default permissions) - but I need to get rid of my admins receiving unwanted notifications when someone deletes a projects (at the moment that is very often since all people are trying it out)
How do I do that? I have tried removing Trusted from all and just giving them the jira-admin group.
Per Atlassian's "Invite and remove users" page in their Cloud documentation, Trusted users can access, configure, and add products. They also can invite users.
Adding my answer since I found an official Atlassian page on it.
My point was not that both can access products, it was that if you became a TRUSTED user you were given access to all products. For Service Desk (in our case) with a 3 user license, adding a trusted user takes us from $10 a month to $100 a month. In my book that's an order of magnitude increase for something we did not want.
Site-admins are able to maintain the Cloud site - mostly users, which are shared across the applications that make up the sie.
Jira administrators look after Jira - fields, screens, workflows, projects, permissions and so-on. Confluence administrators look after Confluence at a similar level.
You can change the permissions in each application if you want, granting extra admin rights - one of our clients created an "atlas admin" group and granted it Jira, Bitbucket and Confluence admin inside the applications, so they had a really simple way to say "these people are admins for the whole stack".
You don't get System administration on Cloud, only Atlassian support have that access.