Skip to main content
Skip table of contents

Security & Permissions

In this article, you’ll find detailed information about Golive’s permission scheme and how to manage it.


Permissions Page

The Permissions page is your central hub for managing all permissions in Golive.

Requirements

To access and manage permissions on the Permissions page, you must have one of the following roles:

  • Jira Administrator.

  • Golive Administrator.

Accessing the Permissions Page

  1. In Golive, click the the gear icon at the top right corner of any Golive Page.

  2. From the drop-down menu, select Golive Settings.

  3. In the Settings section, select Permissions. This will open the Permissions page.

Unable to View or Create Environments?

By default, all permissions are granted to standard Jira groups (jira-administrators, jira-users, jira-software-users, jira-core-users and jira-servicedesk-users). If If your user is not a member of one of these default groups, you will need to modify the default setup to enable these permissions.

For example if your user belongs to the group "my-company-group", you have to add this group to the roles that are created by default during app installation.

If users don't belong to at least 1 of the default roles they won't be able to view or create any Environment.


Role Based Permissions

The security model is based on Roles. A Role defines a set of permissions that allow specific Jira Users or Groups to perform certain operations.

When creating a Role you need to specify:

  • The list of Permissions that are granted to this role.

  • The list of Jira Users and/or Groups who will be assigned this role.

For example, you might create a new Deployer role with the deploy permission and assign it to all Jira users who should have the authority to deploy.

Changing Golive’s Global Permissions

You can set default permissions across GoLive globally, eliminating the need to configure permissions at the environment level:

Steps

  1. Ensure you select Global Permission from the top left corner of the permissions page.

  2. Click Edit next to an existing role to add or remove permissions, users, or groups.

  3. Click the Add Role button to create a new role and assign the desired permissions.

image-20240829-151042.png

Permissions page with Global Permissions selected in the top left corner.


Global Golive Permissions

The following permissions are global, meaning they apply to all Environments and Timelines within Golive. A Jira user with one of these permissions can perform the allowed operations across the entire Golive platform:

Manage Applications: Allows users to create, update, or delete applications.

Manage Categories: Allows users to create, update, or delete environment categories.

Manage Calendars: Allows users to create, update, or delete environment calendars.

Share Calendars: Allows users to share calendars.

Info

A user must have the permission to update a calendar in order to change its sharing options.

Plan Events: Allows users to schedule Events on the Timeline.

Info

The Global Plan Events permission overrides any Plan Events permissions set at the Environment level and Plan permissions set at the Calendar level.

Share Timelines: Allows users to share their own timelines with other users.

Golive Administrator

The Golive Administrator role grants access to all Golive administration features, including

  • Jira Project Mapping (note that project associations can also be managed by project administrators)

  • Environment Statuses

  • Attributes and Custom Properties

  • Security & Permissions

Info

By default, Jira Administrators have the same permissions as Golive Administrators.


Create Multiple Environment Permission Schemes

If you need to manage a subset of Environments with specific permissions for a dedicated team, you should create a new Environment Permission Scheme and assign it to the relevant environments.

An Environment Permission Scheme allows you to group Environments that share the same lifecycle or ownership. Each environment is associated with only one Environment Permission Scheme, but you can create as many schemes as necessary to suit your needs.

For example, a development and integration Environment may be managed by the development and testing team, while staging and pre-production Environments are handled by a dedicated System or Middleware team.

Alternatively, you might use this scheme to limit the visibility of certain Environments to a group of users who work only with a specific set of applications and Environments.

Example of configuration with multiple permission schemes


Environment Permissions

An Environment Permission defines a set of operations that can be assigned through Roles within an Environment Permission Scheme.

Below are the available Environment Permissions you can set at the Environment level:

Browse Environments: Allows users to view the Environment.

Edit Environments: Allows users to edit an existing Environment.

Create and Delete Environments: Allows users to create/delete Environments.

Info

The Create and Delete Environments includes/overrides the Edit Environments permission

Deploy Version: Allows users to change the deployed version of an Environment.

Manage Deployments: Allows users to delete/create new deployment at any date in the past.

Info

Th Create and Delete Environments includes/overrides the Deploy Version permission

Change Status: Allows users to change the status of an Environment.

View Secured Attributes: Allows users to view secured attributes value.

Info

More information about secured attributes: Manage Environments

Edit Secured Attributes: Allows users to view and modify secured attributes value.

Info

The Edit Secured Attributes includes/overrides the View Secured Attributes permission. For detailed information about secured attributes, refer to theManage Environments article.

Plan Events Allows: Users to schedule Events linked to an Environment.

Info

Note that the Plan Events Allows permission can be overridden by the Plan Events Global permission.


Allowing “Anyone” to browse Environments & Public Gadgets

You can configure access to Golive gadgets and Environment data for anonymous users who are not logged into Jira.

Assigning the Browse Environments permission to the Anyone group will make Environment information publicly accessible. This allows you to display Environment gadgets on the Jira System Dashboard and on Confluence pages that are accessible to the public.

Important: Potential Security Breach!

DO NOT allow the Anyone group to access sensitive data within your Environments. Doing so would make this information available to anyone who can access your Jira base URL, potentially leading to security breaches. Always ensure that sensitive data remains protected and accessible only to authorized users.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.