Set up CMK-enabled Atlassian apps

CMK gives greater control over encryption keys to protect your Atlassian Cloud data. Currently you can create only one CMK encryption (policy) per organization for all data in scope for new sites only. Customers not using BYOK can enroll in CMK. BYOK customers will eventually be migrated to CMK.

Set up CMK-enabled Atlassian apps

Once you’ve created the AWS KMS keys and a provisional KMS key policy and enrolled in CMK encryption policy follow the steps on this page to submit a support ticket with required information. The AWS account details that were used to enroll in CMK encryption policy will be used to provision the requested app instances.

Who can do this?
Role: Organization admin
Atlassian Cloud: See https://www.atlassian.com/ja/platform/infrastructure/cmk for details
Atlassian Government Cloud: Not available

Diagram illustrating the process to enroll in CMK encryption policy

Go to Atlassian support, then follow these instructions to submit a request:

  1. Under What can we help you with? select Technical Issues and Bugs.

  2. Under Which product is this for? select Cloud Administration.

  3. Under What is the site URL of your product within your organization enter an existing cloud site URL.

  4. [Optional] Under Include admin or billing/technical/end-customer contact, or additional participants on this ticket enter any relevant contacts from your organization that want to be notified about the request.

  5. Under Summarize your issue enter Encrypt new apps for CMK encryption with organization ID <Organization ID>. This is a unique identifier assigned to your organization in the Atlassian cloud system.

  6. Under What is the impact to your business select a level according to your business needs. For the ticket SLA (time to response), refer to Atlassian Support Offerings.

  7. Under Give us more details provide the following FOUR pieces of information:

    1. Atlassian cloud organization ID: This is a unique identifier assigned to your organization in the Atlassian cloud system. You can retrieve the URL via admin.atlassian.com: https://admin.atlassian.com/o/my-organization-id-xxxxx-xxxxxxx-xxxxxx/overview

    2. Name and e-mail address of the organization admin or billing admin.

    3. Cloud site name(s): Cloud site URL(s), for example, acme-cmk.atlassian.net. URL(s) should be unused. We'll provision your CMK-enabled apps under their corresponding site name(s).

    4. Apps that you want to create the CMK-enabled cloud instances for. This can be Jira, Confluence and/or Jira Service Management.[Optional] Under Want faster, more accurate help? Upload screenshots or videos that show your issue and where it happened. Review our retention policy add any relevant attachments.

  8. [Optional] Under Your phone number enter any relevant phone number.

  9. Under Which is closest to your normal working hours? select the working hours that fit your business needs.

  10. Select Submit Ticket to create the ticket.

After the initial enrolment and app provisioning process, follow the steps above for any future requests to add additional CMK-enabled apps. Subsequent requests for app provisioning are generally fulfilled within two business days after the corresponding support ticket is processed.

CMK-enabled app instances must be provisioned by Atlassian. If you add a app directly via admin.atlassian.com, it will not be set up using CMK but with Atlassian-managed keys.

 

 

さらにヘルプが必要ですか?

アトラシアン コミュニティをご利用ください。