Permissions
PII Protection requires specific permissions to effectively function as a Data Loss Prevention (DLP) solution within your Jira Cloud instance. Here's a breakdown of each permission requested and its purpose:
| Permission | Description |
|---|---|
read:jira-work | Allows PII Protection to read issue data, including descriptions, comments, and custom fields. This is essential for scanning content and identifying potential data leaks. |
write:jira-work | Enables PII Protection to modify Jira issues, such as adding labels, updating security levels, or redacting data for remediation actions. |
manage:jira-project | Grants PII Protection the ability to manage project settings and properties, which is used to determine whether DLP rules are to be applied to specific projects. |
storage:app | Allows PII Protection to store its configuration data within Atlassian Forges's secure storage environment. |
manage:jira-configuration | Enables PII Protection to receive events whenever issues are created or updated within the instance. |
read:jira-user | Allows PII Protection to read user information for purposes such as identifying data owners or sending notifications. |
send:notification:jira | Enables PII Protection to send automated notifications to administrators or relevant stakeholders about detected data leaks and remediation actions. |
read:jira-expressions:jira | Allows PII Protection to utilize Jira's expression language to selectively request data to scan. |
This detailed explanation clarifies how each permission contributes to PII Protection's functionality, ensuring transparency and informed consent from Jira administrators granting these permissions.