- Where do we run our applications?
- How do we ensure a permanently high level of security for our customers and ourselves?
- How can we ensure good performance and accessibility of our applications?
- How do our applications scale with our growth?
- How much needs to be invested in building the infrastructure?
- What are the initial and ongoing costs?
Our growth presented us with major challenges at the beginning: numerous colleagues had to go through the onboarding process, which includes the creation of user accounts, in a very short time. Depending on how many non-integrated applications are used in a company, a confusing bunch of user accounts can quickly result. A real challenge for data management and the administrators responsible for it!
Typical applications that all larger companies need are:
- Document management (Microsoft SharePoint)
- Communication platform (Microsoft Teams)
- Password management
- CRM (Microsoft Dynamics 365)
- Service portal (Atlassian Jira Service Management)
- Knowledge base and documentation management (Atlassian Confluence)
- Project management (Atlassian Jira & Microsoft DevOps)
Each user needs a user account for each of these applications. Ideally, as is the case here, these are administered in a central user, group, and permissions management system. Microsoft Azure Active Directory (Azure AD), for example, is suitable for this purpose. But can this user management also be used as a central point for applications that do not originate from Microsoft?
The answer is yes! With Atlassian Access, Atlassian provides us with a critical tool for integration with Atlassian Cloud. With Atlassian Access, we can sync our users and groups directly from Azure AD to be automatically provisioned to our Atlassian Cloud at predefined intervals. The integration also has the advantage that we can log in to our Atlassian Cloud with the same data as for Microsoft Cloud through single sign-on (SSO).
This simple mechanism, which can be set up very quickly, has allowed us to automate user and group management in our Atlassian Cloud. At the same time, the solution automatically grows with our business, as users only need to be managed centrally in Azure AD.
But what about the cost of automatically creating users in the Atlassian Cloud? We were often asked about the cost-effectiveness of this solution. After all, each automatically synchronized user would incur additional costs, even though they did not necessarily use the Atlassian Cloud. But with the right permissions concept, we have also solved this problem.
We have a group in Azure AD that includes all colleagues. Through this group, all of our colleagues can log into our Atlassian Service Portal via SSO and create tickets in our internal Atlassian Service Management. This group does not have any other permissions in Atlassian Cloud.
In addition, each Atlassian product has its own group in Azure AD, which controls product-only access in the Atlassian Cloud. Only users in the respective group can work with Jira Software, Jira Service Management, Confluence, or Bitbucket, depending on their configuration, and incur corresponding costs at the end of the month. These groups are not filled automatically. Only colleagues who actually work with the products are assigned to the corresponding group. If a colleague wants to have access to a corresponding Atlassian application, a ticket must be created in the internal service portal. Arineo’s internal IT checks the request and approves it – or not. It can be that simple and clear.
Lastly, there are other groups within Atlassian Cloud that are not managed by Azure AD. These are organized by the respective project, division, or repository administrator, which allows us to stay as fast and flexible as possible.
At a glance
How do our applications scale with our growth?
Automated, through Active Directory synchronization with Atlassian Access, through an intelligent permissions structure, and Atlassian’s licensing model based on the number of users.
How much needs to be invested in building the infrastructure?
Within just a few hours, we were able to complete the integration between Azure AD and Atlassian Cloud. That’s all we had to worry about.
How much needs to be invested in building the permissions structure?
Several days should be planned for a proper permissions structure across the entire organization. Our tip: if in doubt, it is better to invest more time in planning and to set up a sustainable model than to have to make costly adjustments afterward.
In the next part of our series, you’ll learn how Atlassian Cloud pricing has given us a simple and transparent view of our expected costs.
Do you have questions about the Atlassian Cloud or are you about to migrate your on-premise applications to the cloud? Please contact us!