Bitbucket Integration

Bitbucket is a popular cloud-hosted code repository that organizations use to host their production-side code and enable collaborative work among multiple developers.

How does this integration help

Sprinto, upon integration with Bitbucket, fetches your Bitbucket account configuration of all the staff members added and ensures that the framework requirements in terms of configuration for change management and access review system are met. Sprinto activates the applicable checks per the Bitbucket configuration and keeps you aligned with the compliance requirement.

Available Sprinto checks for Bitbucket

Following are the available Sprinto checks for Bitbucket:

Accessed resources through integration

Note: Sprinto only takes “Read-only” access from the integration resources to perform its operations. Refer to Sprinto’s permission utilization document to learn more.

• team: Read your team membership information

• pullrequest: Read your repositories and their pull requests (PR)

• repository: Read your workspace's project settings and read repositories contained within your workspace's projects

• repository:admin: Administer your repositories

Before you begin

• Log in to the Sprinto’s admin portal.

• Ensure that you have “Admin” access on the Bitbucket account you are integrating.

How to integrate Sprinto with Bitbucket

The procedure below includes sections for integrating Bitbucket with Sprinto, configuring Bitbucket as a Change management system, and configuring Bitbucket as a critical assessment system. First, follow the integration section to integrate the service provider, and then configure Bitbucket according to your usage of the service.

Integrating Bitbucket

1. Go to Security Hub > Settings > Available integrations and click on Connect next to Bitbucket.

2. On Integration page, review the controls and automated checks mapped for the Bitbucket integration. Click on Next to proceed. Note: Ensure you have enabled the pop-up window on your browser.

   
3. Click on Connect.

4. Log in to the Bitbucket account with your credentials or use the available Single Sign-On (SSO) options.

   
5. Click Grant Access to grant necessary permissions to Sprinto for its operations.

   

Change management system

Note: Before proceeding further with this section, ensure you have integrated your Bitbucket account on Sprinto.

1. Go to Security Hub > Change mgmt and click on Add system.

   
2. On Add a Change Management System page, click Choose next to Bitbucket.

3. Review the added workspaces that will be monitored for change management. If required, click on Add another workspace to add additional workspaces.

4. Click Add as a change management system to save the changes.

   

Critical access system

Note: Before proceeding further with this section, ensure you have integrated your Bitbucket account on Sprinto.

1. Go to Security Hub > Access and click Add a critical system.

   
2. On Add a Critical Access System page, select Bitbucket and click Add System.

   
3. From Access Overview page, select Bitbucket from the list.

4. Click Configure now from the Summary tab.

   
5. Click Configure next to Access validity to define valid access to the critical system. Depending on your usage, you can set it to all, role-based or ticket-based.

   
6. Additionally, you can assign a critical system owner other than the default assignee for work delegation. Please contactSprinto support if your current plan doesn’t support assigning a custom critical system owner.

Once the Bitbucket account is configured, Sprinto starts the data syncing process and computes the Sprinto checks. Wait until Sprinto completes the data syncing.

Contact Sprinto support if you have any queries related to the integration or need any assistance.