-
Bug
-
Resolution: Unresolved
-
High
-
1
-
Severity 2 - Major
-
Issue Summary
When a support ticket is created with Atlassian and data access consent is granted, the Atlassian Engineer is able to get a temporary and controlled access to the instance added to the support ticket.
However, the access granted to the Atlassian Support is not added as an Org Audit log event, so the Org admins not involved in the ticket do not have any visibility of the access consent given.
Steps to Reproduce
- Raise a Support ticket with Atlassian > Add a tenant for the support and approve data access.
- The Atlassian Engineer/assignee gets access to the instance as Org/site admin.
- No event is tracked in Audit logs about the access/permission granted to the Atlassian contact.
Expected Results
Add an event of the Atlassian engineer receiving such permissions and access.
Actual Results
No events are recorded/available.
Workaround
Currently there is no known workaround for this behavior. A workaround will be added here when available
- is blocked by
-
ACCESS-2155 Org Audit logs doesn't include Atlassian Support agent added as Org Admin events
- Closed
- mentioned in
-
Page Failed to load
Thank you for raising ACCESS-2164 regarding the missing audit logs when an Atlassian Support agent is granted temporary Org Admin access. This issue introduces significant security and compliance risks for organizations using Atlassian Cloud.
Key Concerns
Questions
🔹
ACCESS-2155was closed – Does this mean Atlassian has no plans to implement audit logs for these events? If so, can you clarify why?🔹 Timeline for Fix – Is there an estimated timeframe for when Atlassian will provide a fix for this issue?
🔹 Interim Workaround – Until a proper fix is in place, does Atlassian recommend any alternative method for tracking support agent access?
This is a high-priority issue, and we strongly urge Atlassian to provide a clear commitment and timeline for resolution.