アトラシアン ガバメント組織をセットアップする

Follow these steps when you first get access to an Atlassian Government Cloud environment. When your apps are ready, we send you an email with a link to log in to the Atlassian Administration at admin.atlassian-us-gov-mod.net.

This page includes tasks that are required as part of the customer responsibilities of FedRAMP Moderate.

設定の前に

このページの設定タスクを始める前に、ドキュメントを見直して、チーム メンバーだけがアクセス権を持つユーザーであることを確認することをお勧めします。

1. アトラシアンの管理に慣れる

Go to Atlassian Administration at admin.atlassian-us-gov-mod.net. Before continuing setup, you may want to click around and also checkout our documentation about the Atlassian administration and Atlassian organizations.

2. 組織から Atlassian ユーザーを削除する

組織をセットアップしたアトラシアンの担当者が、まだ組織のユーザーとしてリストされている場合があります。リストされているかどうかを確認し、当てはまる場合はユーザーを削除してください。ユーザーを組織から削除するには、[ディレクトリ] > [ユーザー] を選択します。ユーザーの名前を選択して、ユーザーの詳細を開きます。右上の アイコンから、[ユーザーを削除] を選択します。

ユーザーとそのアクセス権を設定する

This involves not only making sure that users have access to the right apps but also making sure that they log in securely. Secure login means that their account won’t be compromised.

1. ユーザー プロビジョニングを設定する

Your identity provider is already connected, so you’re ready to configure user provisioning. When you’re done, users and groups sync to your Atlassian Government organization.

ユーザーのアカウントを更新する必要が生じるたびに、ID プロバイダーから変更を加えて、更新がユーザーの Atlassian アカウントに同期するようにしてください。

2. 組織管理者に権限を付与する

Organization admins have access to all organization settings on Atlassian Administration and can complete configuration tasks. Only make someone an organization admin if they need those permissions.

In addition to organization admin role, you can grant other admin roles as well.

4. 組織の IP アドレスからのアクセスを要求する

An IP allowlist outlines the IP addresses that are required for users to access specific Atlassian apps. Define an allowlist with your organization’s IP addresses.

5. Grant users access to apps

To grant users access to apps, use the groups that sync from your identity provider. To give users in a group app access, locate the app from the Apps page, and select Manage App. From the product details page, select Add groups. Search and select the group you want to add, choose an app role, then select Add.

To add or remove users from groups, update their group membership from your identity provider. Make sure to only grant access to authorized staff.

Jira Service Management のセキュリティ設定を適用する

Jira Service Management needs a few additional security settings that the rest of our apps don’t.

1. ポータル限定のカスタマーの SAML シングル サインオンを設定する

A portal is the customer-facing website of every service project that you create with Jira Service Management. The portal is where your customers can log in to see help resources and make requests. Customers can log into the portal with either an Atlassian account or a portal-only account. You determine which accounts are right for your customers.

If you determine that you want your customers to have portal-only accounts, configure SAML single sign-on so that they will log in through your identity provider. To do this, choose your identity provider and configure SAML.

2. メールを既定のアラート通知方法として設定する

Jira Service Management users receive alert notifications when they’re added as responders to an incident. By default, they can choose to be notified of alerts through email, SMS, and voice calls. However, the SMS and voice call options can share data with third-party services that are outside your Atlassian Government environment. To avoid this, we recommend that you set up a role-based notification with Email as the default notification method.

Set up individual apps

Now that you’ve completed these steps, you can set up individual apps. Check out the admin documentation for Jira, Jira Service Management, and Confluence.