guilhemmarchand
commented
1 year ago Thanks will be considered ASAP @jeffland-consist Sorry for being late on this one
Open jeffland-consist opened 1 year ago
guilhemmarchand
commented
1 year ago Thanks will be considered ASAP @jeffland-consist Sorry for being late on this one
Currently, all jira accounts that can be used in the alert action are set up centrally through the app. All users can use all configured accounts however, meaning in a jira account with multiple tenants people can see and use accounts not intended for them.
A simple solution for this would be to have the jira accounts rely on splunks permission model. An account would have read permissions grantable per role, meaning only users with roles that grant read permissions to the account can use it in the alert action. This is also used in other contexts, e.g. identities and connections in DB Connect.