Manage Marketplace apps for Atlassian Government apps
The Atlassian Marketplace lists a wide range of third-party apps that are available for Atlassian apps. We have worked with Marketplace appdevelopers to make many of them available for Atlassian Government Cloud apps.
Refer to the section further down this page for a list of Marketplace apps that are available for Atlassian Government apps. If an unavailable Marketplace app is critical to your workflows, contact the vendor to let them know that you would like to use it with an Atlassian Government app.
When you are ready to install a Marketplace app, we install them for you when we provision your Atlassian Government apps and at any time you request a new one.
Security assessment requirement
Even though many Marketplace apps are compatible with Atlassian Government Cloud, they aren’t required to be FedRAMP authorized. They are also not required to store customer data in the U.S.
To protect the confidentiality, integrity, and availability of your system and data, you are required to conduct a security assessment for each Marketplace app that you want to install. This assessment is a requirement of the Federal Information Security Modernization Act (FISMA) and Risk Management Framework (RMF) Assessment and Authorization (A&A) Process.
During the assessment, you can verify where the app’s data is stored, assess its security posture, and evaluate data flows between the Atlassian Government environment and the app.
Conduct a security assessment
During the assessment, review the security posture of each Marketplace app in accordance with NIST 800-53 rev5. Confirm that the app meets your organization’s policies and risk tolerance, as well as the requirements outlined in the 20 FedRAMP Moderate control families. Refer to fedramp.gov for more details.
To gather information about an app, review the following under its Marketplace listing:
Look for the Runs on Atlassian badge under the Trust Signals. With Runs on Atlassian, we programmatically verify apps that support data residency controls and don’t egress data outside the Atlassian Government environment. If an app doesn’t have this badge, it doesn’t mean that you can’t use it. It means that you need to investigate further about its security posture.
Review details from the app vendor under the Privacy & Security tab. This will help you assess the app’s compliance with your own FedRAMP requirements. If you’re unable to find answers to all of your questions, contact the vendor directly for clarification and answers to your security assessment questions.
After you have a clear view of how the app handles your data and what external systems it connects to, you can determine the level of risk for installing the app.
Request a Marketplace app for installation
If you determine that the level of risk is low, you can request the Marketplace app by reaching out to your Carahsoft or Atlassian sales contact. After you make the purchase, you will receive a bill for the Marketplace app with the number of users with access to your Atlassian Government app.
To verify that a Marketplace app has been added to your Atlassian Government app:
Go to Atlassian Administration. Select your organization if you have more than one.
Select Apps.
Under Sites in the left navigation, select the site name for the Atlassian Government app where the Marketplace app was installed.
From the left navigation for the selected site, select Connected apps.
If you decide that you no longer want to pay for the Marketplace app, reach out to the same Carahsoft or Atlassian sales contact to make the request.
Marketplace apps compatible with Atlassian Government Cloud apps
The following Marketplace apps are available for Atlassian Government apps. Contact your Carahsoft or Atlassian sales contact to request installation:
Jira apps
Burnup Burndown charts: forecasting in Jira Dashboard gadget
Spreadsheets Hierarchy Structure Table, Gantt chart for Jira
Confluence apps
Was this helpful?