Page tree
Skip to end of metadata
Go to start of metadata

Groups let you manage permissions for users in bulk so you don't have to individually assign permissions that need to be the same for many users. Applications in Atlassian Cloud are set up with some default groups (and permissions assigned to those groups). Users are automatically placed in the '[product]-users' group when you give them application access to the corresponding application. The '[product]-users' group allows users to access the application with basic permissions. You can further restrict the users' access within an application by using the application's permissions.

Depending on when you created your site, there might be slight differences in the default groups that exist in your instance.

In this applicationDefault groupsDefault permissions
Site-wide groupsusers

For instances created before Februrary 2014, this was the default group that new users were added to. In instances created after that date, all new users will be added to the '[product]-users' group for the application(s) they have access to instead of the 'users' group.

The default permissions granted to this group depend on the applications you have in your service (for example, if you have JIRA only, the group permissions will include only the JIRA permissions).

In JIRA:

  • the 'JIRA Users' and 'Bulk Change' global permissions.
    • 'JIRA Users' allows users to log in to JIRA
    • 'Bulk Change' allows users to bulk edit issues.
  • a member of the 'users' project role, which allows members to see all project issues (unless protected by a security level or a custom project permission scheme) and create new issues.

In Confluence:

  • the permission to create and view Confluence content for the project, create personal and global spaces

In Bamboo:

  • non-administrator access

jira-developers

(in instances created in February 2014 or later)

OR

developers

(in instances created in January 2014 or earlier)

In JIRA:

  • the 'Browse Users', 'Create Shared Filter' and 'Manage Group Filter Subscriptions' global permissions in JIRA.
  • a member of the 'Developers' project role, which allows members to edit, move, assign, be assigned, link, work on, resolve and close issues.

Typically, you add users who work on issues to this group. You can add users to this group from the Users page.

 administrators

The default permissions granted to this group depend on the applications you have (for example, if you have JIRA-only, the group permissions will include only the JIRA permissions).

  • In JIRA:
    • the 'JIRA Administrators' global permissions.
    • a member of the 'Administrators' project role, which allows members to edit project versions and manage project content (delete issues, comments, manage watchers).

  • In Confluence:

    • the 'Confluence Administrator' global permission

  • In Bamboo:

    • administrator access and the permission to create plans

Users with this permission are considered site administrators for documentation and Support purposes, and they have access to all the applications in the site.

Users in the 'administrators' group have application access to JIRA, and therefore, require a JIRA license. If you have users in the 'administrators' group that you don't need/want to take up a JIRA license, you can create a new group, such as 'confluence-admins,' that you can use for admins that don't require a JIRA license.

 site-admins

Site-admins are the users who manage a site. These are the permissions currently available to site-admins:

  • All permissions assigned to the 'administrators' group for the application(s) you have
  • Access to user management (ability to create new users, assign users to groups, grant application access, etc.)
  • Access to billing information

Users with this permission are considered site administrators for documentation and Support purposes, and they have access to all the applications in the site

JIRAjira-users
  • the 'JIRA Users' and 'Bulk Change' global permissions.
    • 'JIRA Users' allows users to log in to JIRA,
    • 'Bulk Change' allows users to bulk edit issues.
  • a member of the 'Users' project role, which allows members to see all project issues (unless protected by a security level) and create new issues.
Confluenceconfluence-users

The permission to create and view Confluence content for the project, create personal and global spaces.

  • All members of this group have access to Confluence by default.
  • Whenever a non-admin user is removed from this group he also loses his access to Confluence.
Bamboobamboo-usersnon-administrator access
JIRA Service Desk

service-desk-agents

JIRA Service Desk uses this group to manage license allocation. Users in this group count towards the JIRA Service Desk license.

  • the JIRA Service Desk agent access global permission

In addition to these groups, there are two default groups that are used by Atlassian support staff. You cannot edit these groups or add users to them:

  • confluence-administrators
  • system-administrators

The 'sysadmin' user from these groups can log into your site to provide support to you and to perform certain system maintenance tasks. This user automatically has full application access but does not count towards your license limit, no matter which groups it is placed in.

The account is only used by Atlassian. You may notice logins by this user even without having raised a support request. This is because certain types of system maintenance involve our automated systems performing tasks using this account.

  • No labels