Understand how to manage permissions:
The Permissions page is your your entry point to manage all permissions.
This page is accessible from the Settings menu:
You must be Jira or Apwide administrator in order to access the Permissions Page and manage permissions.
Cannot view or create any environment?
By default, all permissions are granted to standard Jira groups (jira-administrators, jira-users, jira-software-users, jira-core-users and jira-servicedesk-users). If your user does not belongs to one of these defaults groups, you have to change the default setup in order to be able to view and to create environments.
For example if your user belongs to the group "my-company-group", you have to add this group to the roles that are created by default during app installation.
If your user does not belongs to at least 1 of the default roles your will not be able to view/create any environment.
Role Based Permissions
The security model is based on Roles. A Role is defined by a set of Jira Users or Groups that are allowed to do certain operations based on a list of Permissions.
When creating a Role you must specify :
the list of Permissions that are required by this role
the list of Jira users and/or groups who play this role
For example, you can create a new “Deployer” role with the “deploy” permission and associate it to all Jira users who should endorse the role of "Deployer".
Change the global Golive Permissions
You can set default permissions globally, without having to set permission at environment level.
In order to set these global Golive permissions, you have to ensure to select Global Permission on top left:
You can then click on Edit to add / remove permissions or user / groups to an existing Role and click on Add Role button to create a new role.
Global Golive Permissions
The following permissions are global and are shared by all Environments and Timelines. If a Jira user has one of the following permissions, he will be allowed to perform the allowed operations everywhere in Golive:
Allows users to create/update/delete applications
Allows users to create/update/delete environment categories
Allows users to create/update/delete environment calendars
Allows users to share calendars.
A user must have the permission to update a calendar in order to change its sharing options
Allows users to schedule any Events on the Timeline.
This permission overrides the “Plan Events” permission that can be defined at Environment level as well as the “Plan” permission that can be defined at Calendar level
Allows users to share their own timelines with other users
Allows non Jira Administrators to access all Golive administration features:
Jira Project Mapping (note that project associations can also be done by projects' administrators)
Attributes and Custom Properties
Security & Permissions
By default, Jira Administrators have the same permissions as Apwide Administrators.
Create Multiple Environment Permission Schemes
If you have a subset of Environments that should be managed by a dedicated team of users and which required specific permissions, you must create a new Environment Permission Scheme and assign it the relevant environments.
An Environment Permission Scheme allows you to group Environments that share the same lifecycle/owners. Each Environment belongs to only ONE Environment Permissions Scheme but you can define as many different Environment Permission Schemes as you need.
For example, in some companies, the development and integration environments are managed directly by the development and testing team and staging and pre-production environment are managed by a dedicated System or Middleware team.
Another use case would be to avoid showing the full list of environments for a group of users that only works on a limited number of applications and environments.
An Environment Permission is a set of operations that can be granted by Roles belonging to an Environment Permission Scheme.
Here are the available Environment Permissions you can set at environment level:
Allows users to view the Environment
Allows users to edit an existing Environment.
Create and Delete Environments
Allows users to create/delete Environments.
This permission includes/overrides the “Edit Environments” permission
Allows users to change the deployed version of an Environment
Allows users to delete/create new deployment at any date in the past
This permission includes/overrides the “Deploy Version” permission
Allows users to change the status of an Environment
View Secured Attributes
Allows users to view secured attributes value
Edit Secured Attributes
Allows users to view and modify secured attributes value
This permission includes/overrides the “View Secured Attributes” permission
More information about secured attributes: Manage Environments
Allows users to schedule Events linked to an Environment
Note that this permission can be overridden by the “Plan Events” Global permission
Allowing “Anyone” to browse Environments & Public Gadgets
It is possible to give access to Golive gadgets and Environments data to anonymous users who do are not logged in Jira.
Giving the "Browse Environments" permission to the "Anyone" team will make the Environment information public. It will then be possible to display Environment Gadgets on the Jira System Dashboard and in Confluence pages publicly accessible.
Potential Security Breach!
Never let Anyone access to sensitive data of your Environments as they become available to everyone who can reach your Jira base url.