Versions Compared

Old Version 1

changes.mady.by.user Hua Soon SIM [Akeles]

Saved on

compared with

New Version Current

changes.mady.by.user Hua Soon SIM [Akeles]

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The Project Access Report provides in-depth information of every users who is involved in the each Jira project or the entire Jira siteas a downloadable Excel report.

It connects various information sources to collate enumerate all the access permissions inside the report

  • Group Membership

  • Permission Schemes

  • Project Roles

...

Like Jira Permission Helper, the report can answer if a user has a particular permission within a project.
In addition, it also explain how the permission was granted

  • via application access

    Status
    colourBlue
    titleindirect

  • via a group added into the project role

    Status
    colourBlue
    titleindirect

  • via a project role

    Status
    colourGreen
    titledirect

  • via the permission scheme

    Status
    colourBlue
    titleindirect

To simplify analysis, the permissions are also grouped in terms of

  • read access

  • write access

  • admin access

Info

Check outWhat is inside the Audit Report

Applicable Scenarios

The report can be used for the following scenarios

  • Jira project admins to review only people who authorised users have access to their projects

  • Auditors checking who has access to which projects

  • During on-boarding and off-boarding to handover access

Risk of unintentional information disclosure

Due to the way Jira is designed, only Jira admins can view the members of the Jira group.

In addition, project admins usually do not review the permission scheme associated with their project.

Typically, they will only update the project role membership of their project.

For large Jira instances, it may be complicated to perform in-depth impact analysis when updating the group membership or permission schemes.

Therefore, it may be possible for users to be granted access to their Jira project without the space admins knowing.

Tip

It is a recommended security best practices for project admins to review who has access to their Jira project periodically.

How it works

As it is a time-consuming process to extract the information, it has to be executed as a background job.

  1. The Jira admin can specify the scope selects the projects to be scanned

  2. The app will perform scanning and compilation in the background

  3. A download button will appear on the page when the scan is completed

...

Related Information

For detailed steps, please refer to the Quick Start Guide

...

for Project Access Report