Skip to main content
C1 provides identity governance for Atlassian Bamboo (Data Center / self-hosted). Integrate your Bamboo instance with C1 for unified visibility and governance over administrative and privileged access.

Capabilities

Gather Bamboo credentials

The Bamboo connector is read-only. The account must hold the global Administration permission so it can read permissions across every scope.
1
Sign in to your Bamboo Data Center instance as a Bamboo administrator.
2
Create a Personal Access Token under your profile menu > Personal access tokens > Create token. Copy the token value.
3
Note your Bamboo base URL, for example https://bamboo.example.com. The REST API is served from <base-url>/rest/api/latest.
4
If your instance cannot issue Personal Access Tokens, you may instead supply an administrator username and password for HTTP Basic authentication.

Configuration fields

Supply either a Personal Access Token, or a username and password — not both. When a username is set the connector uses HTTP Basic auth; otherwise it uses the Personal Access Token.

Synced resource types

  • Users and Groups: the principals that hold permissions, surfaced from the global permissions endpoints. Bamboo has no full user-directory REST endpoint, so principals are discovered through the permissions API.
  • Global, Projects, Plans, Deployment projects, and Environments: each scope is a permission-bearing resource. Every scope exposes its permission set as entitlements, and a grant is emitted for each user or group that holds a permission on that resource:
    • Global: ADMINISTRATION, RESTRICTED_ADMINISTRATION, CREATE_PLAN, CREATE_REPOSITORY
    • Project: CREATE, BUILD, CLONE, EDIT, ADMINISTRATION, VIEW
    • Plan: VIEW, EDIT, BUILD, CLONE, ADMINISTRATION
    • Deployment: VIEW, EDIT, DEPLOY, ADMINISTRATION
    • Environment: VIEW, EDIT, DEPLOY, ADMINISTRATION

Special notes

  • Group membership rosters are not synced. Bamboo Data Center delegates group membership (which users belong to each group) to its external Crowd/LDAP directory; the Bamboo REST API does not expose it. Groups are therefore modeled as permission principals — each group appears as a resource and receives the permission grants assigned to it, but its individual members are not enumerated.
  • Users and groups are discovered through the permissions API rather than a directory listing, because Bamboo exposes no full user-directory endpoint.
  • The connector is read-only; it does not provision access.