firefrost-gaming/claude-skills-reference
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
12591282da29bcfd772d5ee55dfead5ae8819834
claude-skills-reference/project-management/atlassian-admin/references/user-provisioning-checklist.md
Alireza Rezvani a68ae3a05e Dev (#305) 
* chore: update gitignore for audit reports and playwright cache

* fix: add YAML frontmatter (name + description) to all SKILL.md files

- Added frontmatter to 34 skills that were missing it entirely (0% Tessl score)
- Fixed name field format to kebab-case across all 169 skills
- Resolves #284

* chore: sync codex skills symlinks [automated]

* fix: optimize 14 low-scoring skills via Tessl review (#290)

Tessl optimization: 14 skills improved from ≤69% to 85%+. Closes #285, #286.

* chore: sync codex skills symlinks [automated]

* fix: optimize 18 skills via Tessl review + compliance fix (closes #287) (#291)

Phase 1: 18 skills optimized via Tessl (avg 77% → 95%). Closes #287.

* feat: add scripts and references to 4 prompt-only skills + Tessl optimization (#292)

Phase 2: 3 new scripts + 2 reference files for prompt-only skills. Tessl 45-55% → 94-100%.

* feat: add 6 agents + 5 slash commands for full coverage (v2.7.0) (#293)

Phase 3: 6 new agents (all 9 categories covered) + 5 slash commands.

* fix: Phase 5 verification fixes + docs update (#294)

Phase 5 verification fixes

* chore: sync codex skills symlinks [automated]

* fix: marketplace audit — all 11 plugins validated by Claude Code (#295)

Marketplace audit: all 11 plugins validated + installed + tested in Claude Code

* fix: restore 7 removed plugins + revert playwright-pro name to pw

Reverts two overly aggressive audit changes:
- Restored content-creator, demand-gen, fullstack-engineer, aws-architect,
  product-manager, scrum-master, skill-security-auditor to marketplace
- Reverted playwright-pro plugin.json name back to 'pw' (intentional short name)

* refactor: split 21 over-500-line skills into SKILL.md + references (#296)

* chore: sync codex skills symlinks [automated]

* docs: update all documentation with accurate counts and regenerated skill pages

- Update skill count to 170, Python tools to 213, references to 314 across all docs
- Regenerate all 170 skill doc pages from latest SKILL.md sources
- Update CLAUDE.md with v2.1.1 highlights, accurate architecture tree, and roadmap
- Update README.md badges and overview table
- Update marketplace.json metadata description and version
- Update mkdocs.yml, index.md, getting-started.md with correct numbers

* fix: add root-level SKILL.md and .codex/instructions.md to all domains (#301)

Root cause: CLI tools (ai-agent-skills, agent-skills-cli) look for SKILL.md
at the specified install path. 7 of 9 domain directories were missing this
file, causing "Skill not found" errors for bundle installs like:
  npx ai-agent-skills install alirezarezvani/claude-skills/engineering-team

Fix:
- Add root-level SKILL.md with YAML frontmatter to 7 domains
- Add .codex/instructions.md to 8 domains (for Codex CLI discovery)
- Update INSTALLATION.md with accurate skill counts (53→170)
- Add troubleshooting entry for "Skill not found" error

All 9 domains now have: SKILL.md + .codex/instructions.md + plugin.json

Closes #301

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: add Gemini CLI + OpenClaw support, fix Codex missing 25 skills

Gemini CLI:
- Add GEMINI.md with activation instructions
- Add scripts/gemini-install.sh setup script
- Add scripts/sync-gemini-skills.py (194 skills indexed)
- Add .gemini/skills/ with symlinks for all skills, agents, commands
- Remove phantom medium-content-pro entries from sync script
- Add top-level folder filter to prevent gitignored dirs from leaking

Codex CLI:
- Fix sync-codex-skills.py missing "engineering" domain (25 POWERFUL skills)
- Regenerate .codex/skills-index.json: 124 → 149 skills
- Add 25 new symlinks in .codex/skills/

OpenClaw:
- Add OpenClaw installation section to INSTALLATION.md
- Add ClawHub install + manual install + YAML frontmatter docs

Documentation:
- Update INSTALLATION.md with all 4 platforms + accurate counts
- Update README.md: "three platforms" → "four platforms" + Gemini quick start
- Update CLAUDE.md with Gemini CLI support in v2.1.1 highlights
- Update SKILL-AUTHORING-STANDARD.md + SKILL_PIPELINE.md with Gemini steps
- Add OpenClaw + Gemini to installation locations reference table

Marketplace: all 18 plugins validated — sources exist, SKILL.md present

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat(product,pm): world-class product & PM skills audit — 6 scripts, 5 agents, 7 commands, 23 references/assets

Phase 1 — Agent & Command Foundation:
- Rewrite cs-project-manager agent (55→515 lines, 4 workflows, 6 skill integrations)
- Expand cs-product-manager agent (408→684 lines, orchestrates all 8 product skills)
- Add 7 slash commands: /rice, /okr, /persona, /user-story, /sprint-health, /project-health, /retro

Phase 2 — Script Gap Closure (2,779 lines):
- jira-expert: jql_query_builder.py (22 patterns), workflow_validator.py
- confluence-expert: space_structure_generator.py, content_audit_analyzer.py
- atlassian-admin: permission_audit_tool.py
- atlassian-templates: template_scaffolder.py (Confluence XHTML generation)

Phase 3 — Reference & Asset Enrichment:
- 9 product references (competitive-teardown, landing-page-generator, saas-scaffolder)
- 6 PM references (confluence-expert, atlassian-admin, atlassian-templates)
- 7 product assets (templates for PRD, RICE, sprint, stories, OKR, research, design system)
- 1 PM asset (permission_scheme_template.json)

Phase 4 — New Agents:
- cs-agile-product-owner, cs-product-strategist, cs-ux-researcher

Phase 5 — Integration & Polish:
- Related Skills cross-references in 8 SKILL.md files
- Updated product-team/CLAUDE.md (5→8 skills, 6→9 tools, 4 agents, 5 commands)
- Updated project-management/CLAUDE.md (0→12 scripts, 3 commands)
- Regenerated docs site (177 pages), updated homepage and getting-started

Quality audit: 31 files reviewed, 29 PASS, 2 fixed (copy-frameworks.md, governance-framework.md)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: audit and repair all plugins, agents, and commands

- Fix 12 command files: correct CLI arg syntax, script paths, and usage docs
- Fix 3 agents with broken script/reference paths (cs-content-creator,
  cs-demand-gen-specialist, cs-financial-analyst)
- Add complete YAML frontmatter to 5 agents (cs-growth-strategist,
  cs-engineering-lead, cs-senior-engineer, cs-financial-analyst,
  cs-quality-regulatory)
- Fix cs-ceo-advisor related agent path
- Update marketplace.json metadata counts (224 tools, 341 refs, 14 agents,
  12 commands)

Verified: all 19 scripts pass --help, all 14 agent paths resolve, mkdocs
builds clean.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: repair 25 Python scripts failing --help across all domains

- Fix Python 3.10+ syntax (float | None → Optional[float]) in 2 scripts
- Add argparse CLI handling to 9 marketing scripts using raw sys.argv
- Fix 10 scripts crashing at module level (wrap in __main__, add argparse)
- Make yaml/prefect/mcp imports conditional with stdlib fallbacks (4 scripts)
- Fix f-string backslash syntax in project_bootstrapper.py
- Fix -h flag conflict in pr_analyzer.py
- Fix tech-debt.md description (score → prioritize)

All 237 scripts now pass python3 --help verification.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(product-team): close 3 verified gaps in product skills

- Fix competitive-teardown/SKILL.md: replace broken references
  DATA_COLLECTION.md → references/data-collection-guide.md and
  TEMPLATES.md → references/analysis-templates.md (workflow was broken
  at steps 2 and 4)

- Upgrade landing_page_scaffolder.py: add TSX + Tailwind output format
  (--format tsx) matching SKILL.md promise of Next.js/React components.
  4 design styles (dark-saas, clean-minimal, bold-startup, enterprise).
  TSX is now default; HTML preserved via --format html

- Rewrite README.md: fix stale counts (was 5 skills/15+ tools, now
  accurately shows 8 skills/9 tools), remove 7 ghost scripts that
  never existed (sprint_planner.py, velocity_tracker.py, etc.)

- Fix tech-debt.md description (score → prioritize)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* release: v2.1.2 — landing page TSX output, brand voice integration, docs update

- Landing page generator defaults to Next.js TSX + Tailwind CSS (4 design styles)
- Brand voice analyzer integrated into landing page generation workflow
- CHANGELOG, CLAUDE.md, README.md updated for v2.1.2
- All 13 plugin.json + marketplace.json bumped to 2.1.2
- Gemini/Codex skill indexes re-synced
- Backward compatible: --format html preserved, no breaking changes

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: alirezarezvani <5697919+alirezarezvani@users.noreply.github.com>
Co-authored-by: Leo <leo@openclaw.ai>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-10 09:48:49 +01:00

6.9 KiB
Raw Blame History

User Provisioning & Lifecycle Management Checklist

Overview

This checklist covers the complete user lifecycle in Atlassian Cloud products, from onboarding through offboarding. Consistent provisioning ensures security, compliance, and a smooth user experience.

Onboarding Steps

Pre-Provisioning

  • Receive approved access request (ticket or HR system trigger)
  • Verify employee record in HR system
  • Determine role-based access level (see Role Templates below)
  • Identify required Atlassian products (Jira, Confluence, Bitbucket)
  • Identify required project/space access

Account Creation

  • User account auto-provisioned via SCIM (preferred) or manually created
  • Email domain matches verified organization domain
  • SSO authentication verified (user can log in via IdP)
  • 2FA enrollment confirmed
  • Correct product access assigned (Jira, Confluence, Bitbucket)

Group Membership

  • Add to organization-level groups (e.g., all-employees)
  • Add to department group (e.g., engineering, product, marketing)
  • Add to team-specific groups (e.g., team-platform, team-mobile)
  • Add to project groups as needed (e.g., project-alpha-members)
  • Verify group membership grants correct permissions

Product Configuration

  • Jira: Add to correct project roles (Developer, User, Admin)
  • Jira: Assign to correct board(s)
  • Jira: Set default dashboard if applicable
  • Confluence: Grant access to relevant spaces
  • Confluence: Add to space groups with appropriate permission level
  • Bitbucket: Grant repository access per team
  • Bitbucket: Configure branch permissions

Welcome & Training

  • Send welcome email with access details and key links
  • Share Confluence onboarding page (getting started guide)
  • Assign onboarding buddy for Atlassian tool questions
  • Schedule optional training session for new users
  • Provide link to internal Atlassian usage guidelines

Role-Based Access Templates

Developer

  • Jira: Project Developer role (create, edit, transition issues)
  • Confluence: Team space editor, documentation spaces viewer
  • Bitbucket: Repository write access for team repos

Product Manager

  • Jira: Project Admin role (manage boards, workflows, components)
  • Confluence: Product spaces editor, all team spaces viewer
  • Bitbucket: Repository read access (optional)

Designer

  • Jira: Project User role (view, comment, transition)
  • Confluence: Design space editor, product spaces editor
  • Bitbucket: No access (unless needed)

Engineering Manager

  • Jira: Project Admin for managed projects, viewer for others
  • Confluence: Team space admin, all spaces viewer
  • Bitbucket: Repository admin for team repos

Executive / Stakeholder

  • Jira: Viewer role on strategic projects, dashboard access
  • Confluence: Viewer on relevant spaces
  • Bitbucket: No access

Contractor / External

  • Jira: Project User role, limited to specific projects
  • Confluence: Viewer on specific spaces only (no edit)
  • Bitbucket: Repository read access, specific repos only
  • Additional: Set account expiration date, restrict IP access

Group Membership Standards

Naming Convention

org-{company}          # Organization-wide groups
dept-{department}      # Department groups
team-{team-name}       # Team-specific groups
project-{project}      # Project-scoped groups
role-{role}            # Role-based groups (role-admin, role-viewer)

Standard Groups

Group Purpose Products
org-all-employees All full-time employees Jira, Confluence
dept-engineering All engineers Jira, Confluence, Bitbucket
dept-product All product team Jira, Confluence
dept-marketing All marketing team Confluence
role-jira-admins Jira administrators Jira
role-confluence-admins Confluence administrators Confluence
role-org-admins Organization administrators All

Offboarding Procedure

Immediate Actions (Day of Departure)

  • Deactivate user account in Atlassian (or via IdP/SCIM)
  • Revoke all API tokens associated with the user
  • Revoke all OAuth app authorizations
  • Transfer ownership of critical Confluence pages
  • Reassign Jira issues (open/in-progress items)
  • Remove from all groups
  • Document access removal in offboarding ticket

Within 24 Hours

  • Verify account is fully deactivated (cannot log in)
  • Check for shared credentials or service accounts
  • Review audit log for recent activity
  • Transfer Confluence space ownership if applicable
  • Update Jira project leads/component leads if applicable
  • Remove from any Atlassian Marketplace vendor accounts

Within 7 Days

  • Verify no lingering sessions or cached access
  • Review integrations the user may have set up
  • Check for automation rules owned by the user
  • Update team dashboards and filters
  • Confirm with manager that all transfers are complete

Data Retention

  • User content (pages, issues, comments) retained per policy
  • Personal spaces archived or transferred
  • Account marked as deactivated (not deleted) for audit trail
  • Data deletion request processed if required (GDPR)

Quarterly Access Reviews

Review Process

  1. Generate user access report from Atlassian Admin
  2. Distribute to managers for team verification
  3. Managers confirm or flag each user's access level
  4. IT Admin processes approved changes
  5. Document review completion for compliance

Review Checklist

  • All active accounts match current employee list
  • No accounts for departed employees
  • Group memberships align with current roles
  • Admin access limited to approved administrators
  • External/contractor accounts have valid expiration dates
  • Service accounts documented with current owners
  • Unused accounts (no login in 90 days) flagged for review

Compliance Documentation

  • Access review completion date recorded
  • Manager sign-off captured (email or ticket)
  • Changes made during review documented
  • Exceptions documented with justification and approval
  • Report filed for audit purposes
  • Next review date scheduled

Automation Opportunities

SCIM Provisioning

  • Automatically create/deactivate accounts based on IdP changes
  • Sync group membership from IdP groups
  • Reduce manual provisioning errors
  • Ensure immediate deactivation on termination

Workflow Automation

  • Trigger onboarding checklist from HR system event
  • Auto-assign to groups based on department/role attributes
  • Send welcome messages via Confluence automation
  • Schedule access reviews via Jira recurring tickets

Monitoring

  • Alert on accounts without 2FA after 7 days
  • Alert on admin group changes
  • Weekly report of new and deactivated accounts
  • Monthly stale account report (no login in 90 days)
Reference in New Issue View Git Blame Copy Permalink