Uploaded image for project: 'Jira Cloud'
  1. Jira Cloud
  2. JRACLOUD-32695

RBAC for granular control of administration section


    • Icon: Suggestion Suggestion
    • Resolution: Duplicate
    • None
    • None
    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion.

      As companies grow in both projects and people administration teams must grow to service business needs, however giving full administration access can lead to configuration accidents or general loss of control for they system.

      Many complex web applications have the ability of creating roles in order to assign different sets of permissions.

      For example, just because I want someone to be able to create new projects it doesn't mean I want him to be able to change the user directory configuration or be able to install plugins.

      An easy (and good enough) implementation would be to just hide administration sections per role created.

      Having the ability to define roles would allow me to say, for example:

      • System administrator: Full access
      • Administrator: Access to workflows, permisions & issue level security, custom fields, screens, projects, etc. This role wont have access to System or Plugins settings, but will have access to Projects, Users and and Issues. However, no access to User Directories
      • Project administrator: Access to Users (but not User Directories) and Projects

      Having the option to only give full access or none affects our decision as a company whether to or not to fully move to Jira: we already have it in our organization but it is only being used in some geographical locations.

      Some teams currently use Assembla or other tools just because they cannot get the access they need from the Jira administrators. Much of this has to do with the inability to create workflows and custom fields. IT doesn't want to give access to everybody for obvious security reasons and that our Jira instance is a big production system, and any disruption of service that may be cause due to a misconfiguration can lead to business disruption or even downtime.

            Unassigned Unassigned
            1ae864c8726d David Vega
            0 Vote for this issue
            3 Start watching this issue