Update Oct 30 2024: **
Hi everyone,
We have been closely monitoring this ticket and would like to take a moment to address your questions and provide the rationale for closing this ticket.
When we first launched product requests last year, we decided to package this feature as part of the enterprise plan based on our data-backed analysis, which included an analysis of market standards.
Following this decision, we kept this ticket open to continue to monitor feedback from our small-to-medium customers. The feedback you provided led us to further invest in an Atlassian Guard Standard (formerly Atlassian Access) feature called automatic product discovery.
In the last year, the team worked to release ‘add admin’ functionality, making the feature more actionable. Now, an admin can take over the discovered product and determine the appropriate next steps. We have a dedicated community post outlining this process here. Automatic product discovery is not limited to the enterprise plan and any customer of any size can purchase as subscription for Atlassian Guard Standard to gain access to this feature.
We will keep this ticket closed and appreciate your understanding, as well as your time to comment and interact here.
Griffin
Update Oct 15 2024:
Hi, we are happy to share some new updates to this ticket in regards to the following issues listed:
- Ability to create new sites for Jira and Confluence
- Ability to create new Bitbucket or Trello accounts
- Ability to join sites or products external to the organization
- Ability to remove managed users from external sites
- Ability to remove access to specific products
We have solved these issues through both proactive and reactive controls for user-created instances (also referred to as sites), and an organization admin’s ability to control them.
With our Atlassian Guard (formerly Atlassian Access) feature automatic product discovery, admins are able to see what user-created instances exist within their cloud footprint, and join these instances to take over control. By doing so, they can remove certain users, products, etc. - and determine the best next steps.
With the Enterprise plan feature product requests, admins can set a policy and then either deny or approve requests for a new user-created instance. This feature is available to customers who have a Jira, Confluence, or Jira Service Management Enterprise plan - and coverage now expands to Trello and Bitbucket (Premium plan, in beta).
For further information, please refer to our latest community post: An update on product requests: bringing shadow IT controls to Trello and Bitbucket
- is duplicated by
-
ACCESS-1135 Need to control or manage; users or user group from creating products
- Closed
-
- Closed
-
- Closed
-
- Closed
- is related to
-
- Closed
-
MOVE-109089 Loading...
-
-
-
- relates to
-
- Closed
-
- Closed
-
-
- mentioned in
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
[CLOUD-10325] Allow non-Enterprise administrators to control managed users' associated sites and products
Users who are part of managed domain should never ever be able to create new instanced using their company owned email. The sign in process is tricking users to think that they enter to our company site by offering them autofilled instance name which looks too familiar to our exiting site. By the end of the day - there are like regularly one person in a week who creates yet another new instance by mistake without even realising it. And the removal is time consuming and sometimes even not possible as when that license is forced by Atlassian to become free after the trial expires (as no one entered any billing data) - that cancellation option is not there any more. Not sure how this helps Atlassian or us/any other customer facing with this issue as Atlassina is not getting any more money that way but all we have is just a bad publicity and a fustration.
SUGGESTION FOR ATLASSIAN...
Since Atlassian has locked out our ability to block creation behind a paywall, then How about improving TWO THINGS: (1) The ability to DELETE the sites, and (2) the Site creation process?
1. Please ADD A WAY to QUICKLY remove the product & site – an EXPEDITED removal process.
- Simply give us multiple confirmation prompts to ensure we know we're deleting the site – and then let us delete it, immediately! (Similar to how a "Product" is deleted.)
- I understand the need for confirmation-delays, but ~90 days is excessive.
- The current deletion process in the “improved” billing experience takes almost 3 months. (The old way took 2 weeks!) Think about that for a second. I have to keep a trouble ticket open for 3 months to track the work on this. I have to show it in my stats for 3 months. I have to keep this on my radar for 3 months. All for a mistaken click from a user.
2. During CREATION, the Atlassian system should improve user prompts – Add CONFIRMATIONS.
- Confirm the user's actions with pop-ups/messages to ensure they know what they are doing.
- Prompts like, “YOU ARE ABOUT TO CREATE A WHOLE NEW SITE…” and “YOU ARE ABOUT TO ADD A BILLABLE PRODUCT TO THIS SITE” and a confirmation, "CONFIRM: I AM AUTHORIZED TO CREATE THIS NEW SITE AND ADD THIS NEW BILLABLE PRODUCT" and "CHECK WITH YOUR ATLASSIAN ADMINISTRATOR BEFORE CONTINUING" !!
- This would reduce the accidental creations.
- Every one of the site creations in my organization were created accidentally. This is 100% due to the way the system presents options for our users. The Jira App prompted it or the user wasn’t logged in and so they thought they were clicking into Confluence but they were actually creating a new site.
Respectfully,
Mark
Why is the ability to block site creation locked behind a paywall?
We have ~1300 employees and I end up with 3-4 sites to delete per month, which I typically forward to your support for expedited deletion as I don't wish to wait the 60+ days. With this, not only are you creating unnecessary work for us as site admins, but you are also creating unnecessary work or your own support agents.
Please reconsider locking this basic functionality behind a paywall (enterprise-only, no less! https://support.atlassian.com/organization-administration/docs/update-product-request-settings/), allowing our employees to create rogue sites is not going to win you more customers or bring in more revenue, nor is it going to inspire existing customers to upgrade.
Thanks for your consideration, and happy 2025!
This is not a real solution, we need to be able to BLOCK, not REACT after the fact.
Kicking off another delete process for 2 more sites sites that were unintentionally created by users trying to login, after deleting previous 3 sites unintentionally created by users trying to login. This is for a mid-size org of 200-400 employees in a span of 4 months.
Strangely enough, never ran into this issue until that recent timeframe. Now it's every other week or two.
Atlassian still out here promoting shadow IT & leveraging the diminishing availability of administrators to manage the security/billing vulnerabilities they've created.
Agreed 1b46c259bc3c BUT RE: "a +750 vote for this issue can not be taken lightly" absolutely agreed, BUT please note that actually the number of votes to improve this area is MUCH HIGHER, thanks 495ef2a83e74 for collecting up useful links, I'd consider the accurate number of votes for work on this issue to be a sum of the non-duplicates of the 750 from this CLOUD-10325 , the 1611 in https://jira.atlassian.com/browse/ACCESS-1468 and those who've voted on all of the issues linked to it, so likely to be at least 2000 people!
PS 8f4050917dd7 LOL at your Simpsons meme.
the "solution" is not a solution as it's reactive for most of the customers (it's only proactive for Enterprise customers). Why is it that difficult to enable that feature on all subscription-levels ? In our company we already have +65 user-created confluence/Jira instances out of our admin-control. Users are not aware of what they doing as it's a "feature" in the product. Users afterwards want to migrate their custom-created instance back to our global company instance, which takes looooots of unwanted/unscheduled/budgeted IT support/resources. So please take your customers seriously regarding this matter : a +750 vote for this issue can not be taken lightly and it's a real burden for customers to have extra time & money spend to manage shadow-IT imposed by our SaaS solution vendor: SaaS should be a service and not a shadow-IT generating service. So - with sugar on top - RECONSIDER a proper solution !
I find it somewhat ironic that even the product they called "Guard" does not actually "guard" you against this....just tell you it happened, and let you show up after the fact. Users just love it when you show up like the "uncool" parents at the high school party to shut things down.
As 416840511601 said, this is disappointing and unacceptable.
Preventing users from creating unsanctioned sites is a core security and data governance + compliance feature.
Atlassian Guard Standard is already overpriced (around USD 10.000 a year for 300 ppl product tier), and the features in it are close to none though Atlassian's attitude is more like "be thankful they are even there in the first place". To add more shame to the matter, the feature is already developed!
Atlassian Guard Standard as it is right now should be included for free, and the Enterprise tier should cost half of what they are charging now.
Boooo Atlassian! 
Thanks to 7a79c351a973 for getting CLOUD-12193 - Reduce occurrences of accidental site creations created. I hope everyone can vote for this Suggestion that is actually addressing the issue of accidental creations.