Security & Permissions
In this article, you’ll find detailed information about Golive’s permission scheme and how to manage it.
Permissions Page
The Permissions page is your central hub for managing all permissions in Golive.
Requirements
To access and manage permissions on the Permissions page, you must have one of the following roles:
Jira Administrator.
Golive Administrator.
Accessing the Permissions Page
In Golive, click the the gear icon at the top right corner of any Golive Page.
From the drop-down menu, select Golive Settings.
In the Settings section, select Permissions. This will open the Permissions page.
Unable to View or Create Environments?
By default, all permissions are granted to standard Jira groups (jira-administrators, jira-users, jira-software-users, jira-core-users and jira-servicedesk-users). If If your user is not a member of one of these default groups, you will need to modify the default setup to enable these permissions.
For example if your user belongs to the group "my-company-group", you have to add this group to the roles that are created by default during app installation.
If users don't belong to at least 1 of the default roles they won't be able to view or create any Environment.
Role Based Permissions
The security model is based on Roles. A Role defines a set of permissions that allow specific Jira Users or Groups to perform certain operations.
When creating a Role you need to specify:
The list of Permissions that are granted to this role.
The list of Jira Users and/or Groups who will be assigned this role.
For example, you might create a new Deployer role with the deploy permission and assign it to all Jira users who should have the authority to deploy.
Changing Golive’s Global Permissions
You can set default permissions across GoLive globally, eliminating the need to configure permissions at the environment level:
Steps
Ensure you select Global Permission from the top left corner of the permissions page.
Click Edit next to an existing role to add or remove permissions, users, or groups.
Click the Add Role button to create a new role and assign the desired permissions.
Global Golive Permissions
The following permissions are global, meaning they apply to all Environments and Timelines within Golive. A Jira user with one of these permissions can perform the allowed operations across the entire Golive platform:
Manage Applications: Allows users to create, update, or delete applications.
Manage Categories: Allows users to create, update, or delete environment categories.
Manage Calendars: Allows users to create, update, or delete environment calendars.
Share Calendars: Allows users to share calendars.
Info
A user must have the permission to update a calendar in order to change its sharing options.
Plan Events: Allows users to schedule Events on the Timeline.
Info
The Global Plan Events permission overrides any Plan Events permissions set at the Environment level and Plan permissions set at the Calendar level.
Share Timelines: Allows users to share their own timelines with other users.
Golive Administrator
The Golive Administrator role grants access to all Golive administration features, including
Jira Project Mapping (note that project associations can also be managed by project administrators)
Environment Statuses
Attributes and Custom Properties
Security & Permissions
Info
By default, Jira Administrators have the same permissions as Golive Administrators.
Create Multiple Environment Permission Schemes
If you need to manage a subset of Environments with specific permissions for a dedicated team, you should create a new Environment Permission Scheme and assign it to the relevant environments.
An Environment Permission Scheme allows you to group Environments that share the same lifecycle or ownership. Each environment is associated with only one Environment Permission Scheme, but you can create as many schemes as necessary to suit your needs.
For example, a development and integration Environment may be managed by the development and testing team, while staging and pre-production Environments are handled by a dedicated System or Middleware team.
Alternatively, you might use this scheme to limit the visibility of certain Environments to a group of users who work only with a specific set of applications and Environments.
Environment Permissions
An Environment Permission defines a set of operations that can be assigned through Roles within an Environment Permission Scheme.
Below are the available Environment Permissions you can set at the Environment level:
Browse Environments: Allows users to view the Environment.
Edit Environments: Allows users to edit an existing Environment.
Create and Delete Environments: Allows users to create/delete Environments.
Info
The Create and Delete Environments includes/overrides the Edit Environments permission
Deploy Version: Allows users to change the deployed version of an Environment.
Manage Deployments: Allows users to delete/create new deployment at any date in the past.
Info
Th Create and Delete Environments includes/overrides the Deploy Version permission
Change Status: Allows users to change the status of an Environment.
View Secured Attributes: Allows users to view secured attributes value.
Info
More information about secured attributes: Manage Environments
Edit Secured Attributes: Allows users to view and modify secured attributes value.
Info
The Edit Secured Attributes includes/overrides the View Secured Attributes permission. For detailed information about secured attributes, refer to theManage Environments article.
Plan Events Allows: Users to schedule Events linked to an Environment.
Info
Note that the Plan Events Allows permission can be overridden by the Plan Events Global permission.
Allowing “Anyone” to browse Environments & Public Gadgets
You can configure access to Golive gadgets and Environment data for anonymous users who are not logged into Jira.
Assigning the Browse Environments permission to the Anyone group will make Environment information publicly accessible. This allows you to display Environment gadgets on the Jira System Dashboard and on Confluence pages that are accessible to the public.
Important: Potential Security Breach!
DO NOT allow the Anyone group to access sensitive data within your Environments. Doing so would make this information available to anyone who can access your Jira base URL, potentially leading to security breaches. Always ensure that sensitive data remains protected and accessible only to authorized users.