As you are likely well aware, Forge introduces a new way of building apps for Atlassian cloud products where Atlassian hosts and runs apps on behalf of developers. This approach to hosting apps shifts many of the operational and maintenance responsibilities onto Atlassian.
In the context of security, one question that frequently comes up with this shared approach to running apps is “What are app developers responsible for?” vs “What is Atlassian responsible for?” Up until now, answering this would involve scouring the Forge documentation to deduce answers. To help clarify these questions, we’ve built the Forge Shared Responsibility Model (SRM).
The Forge SRM is a living document that expands on the Cloud Shared Responsibility Model to help clarify the division of responsibilities between app developers and Atlassian in the context of Forge apps. This is similar in concept to SRMs you may have seen from cloud providers like AWS or Microsoft Azure. Our goal in publishing the SRM externally is to create clarity around what Forge seeks to ensure from a security perspective, and what you as an app developer should be considering when building and operating your app.
Additionally, we’ve also set out to document the Forge Security Principles to define what Forge apps can vs cannot do by design. We use both the Forge SRM and these Forge Security Principles to guide security design and discussions internally.
Please familiarise yourself with the Forge SRM, as it will continue to evolve with your feedback and the Forge platform. If you have any questions or feedback, please reply to this thread or reach out to us on the Ecosystem Security Service Desk.
Security Engineer, Ecosystem Security