Collection management beta
Collections gather together logins, notes, cards, and identities for secure sharing from an organization. Think of collections as organization-equivalents to folders, with a few key differences:
Organization users control access to organization-owned items by assigning users or groups to collections.
Organization-owned items must be included in at least one collection.
Collection management settings can be customized to best fit the needs of your organization. Specifically, there are two options located on the Settings > Organization info screen which you can use:
備考
03/07/24から、コレクション管理を有効にしていない組織は、更新された権限構造にバッチで移行を開始します。まだ移行していない場合、あなたの組織は次の数週間以内に移 行されるでしょう。または、手動でコレクション管理をオンにすると移行されます。
移行中、すべてのマネージャーはユーザー役割のメンバーに移行され、自動的に新しい管理可能権限が割り当てられたコレクションに提供されます。彼らは、新しいメンバーやグループにアクセスを割り当てる能力を含む、それらのコレクションを完全に管理する能力を保持します。これもまた:
割り当てられたコレクションを編集を含むカスタム役割のメンバーを、それらのコレクションに対する管理が可能な権限を持つユーザー役割に移行します。
削除が割り当てられたコレクションのみを持つカスタム役割のメンバーを、それらのコレクションに対する権限がないユーザー役割に移行します。
すべての既存および将来のコレクションにアクセスする権限を非推奨とし、この権限を持っていたすべてのユーザーに管理できる権限をすべての既存のコレクションに対して付与しました。
Owners and admins can manage all collections and items
This option will dictate whether users with the owner or admin role are provided management permissions to all collections within your organization. This option is suited for you if, for example, your IT team requires access to all vault items associated with your organization. If turned on, management permissions will allow owners and admins to:
Add, edit, or remove vault items from a collection.
Add or remove users or groups from a collection.
チップ
If you want a break-glass account with access to all collections, but don't want all owners and admins to have that access, consider creating a custom role user with the Manage all collections permission.
Limit collection creation and deletion to owners and admins
This option will dictate whether users with the user role are provided with the ability to create or delete collections for themselves and their teams. This option is suited to you if, for example, you want owners and admins to create your organization's collections infrastructure on behalf of your users.
チップ
オンにしても、任意のユーザーにはコレクションの管理権限を付与することができます。これにより、作成されたメンバーやコンテンツを管 理することができます。
Both options off
With both options turned off, your individual users and teams must be responsible for the creation and management of their own collections and will be using credentials that owners and admins will not have access to.
Consider this scenario for the most principle-of-least-privilege experience and if your owner and admin accounts will be used primarily for organization configuration (e.g. policies) and user management (e.g. setting up SCIM or inviting users manually).
Only 'Owners and admins can manage all collections and items' on
With only this option turned on, your individual users and teams can create and manage their own collections however owners and admins will automatically gain access to them and can opt to create or manage collections on users' behalf when appropriate.
Consider this scenario if your owner and admin team requires predictable access to all vault items associated with your organization for regular auditing or management, but wants to provide users with the flexibility to create collections for themselves and their teams.
Only 'Limit collection creation and deletion to owners and admins' on
With only this option turned on, your owners and admins will be required to create your organization's collections infrastructure on behalf of your users but can also assign individual users to manage the items and people in those collections once created.
Consider this scenario if your owner and admin team requires that shared data be kept within a discrete set of known collections, but doesn't want access to the credentials themselves.
Both options on
チップ
If you were a customer of Bitwarden prior to February 20th, 2024, this scenario matches the functionality offered before collections management was released.
With both options turned on, your owners and admins must be responsible for the creation and management of collections on behalf of your users.
Consider this scenario if your owner and admin team requires strict control over the shared credentials used within your organization.
このページの変更を提案する
どうすればこのページを改善できますか?
技術、請求、製品に関するご質問は、サポートまでお問い合わせください。