SonarCloud | Managing your organization | Overview

On this page

Managing your organization - Overview

Projects on a repository platform are typically grouped into organizations. This enables teams to work together, define different permissions for different users and configure common settings and features.

SonarCloud uses the same organization-based structure.

What is a SonarCloud organization?

Each SonarCloud organization represents a corresponding organization on the repository platform side. The two organizations are bound one-to-one.

An organization in SonarCloud is composed of:

  • The connection to the corresponding organization on the repository platform side.
  • The projects from that repository platform organization that have been imported.
  • The members of the organization. Each member has a set of permissions that govern which operations they may perform.
  • Organization-level configurations such as the new code definition default, the quality gate definition, and the quality profiles.
  • Whether the organization is free or paid and if it is paid, the payment information and tier of the paid plan.

Creating an organization

When you sign in to SonarCloud for the first time, it will prompt you to choose one of your existing organizations (or your personal account) on the repository service to import. On import, a corresponding organization is created on the SonarCloud side.

SonarCloud will then let you choose which repositories to import from your platform-side organization (or personal account) to the SonarCloud-side organization.

Later, you can create additional SonarCloud organizations by clicking + > Create New Organization (under the plus sign in the top bar) and specifying an organization on the repository platform side to import.

Organizations cannot be re-bound

Once an organization is created on the SonarCloud side it is bound to its peer organization on the repository platform until one or the other is deleted. The SonarCloud organization cannot be re-bound to another organization.

If you are migrating projects to another organization (either on the same repository platform), you will need to create a new SonarCloud organization to bind to the new platform organization and re-import the projects you want to analyze.

Organization keys can be changed

Although an organization cannot be rebound, its key can be changed.

The organization key is used in CI-based analysis setups to link the analysis produced by the scanner in your local or cloud-based build environment with the correct organization in SonarCloud. It appears as the value of the sonar.organization parameter in your analysis configuration.

The key is set when you import the organization into SonarCloud. At that point, you can choose your own key or accept the suggested key.

In some cases, you may later wish to change this key (for example, if a new naming convention is adopted at your company, or if you initially chose a bad key by accident).

To change the key, go to Your Organization > Administration > Organization settings > Edit organization key enter your new Key, and Save.

If you change the key of your organization you must also make the same change to the sonar.organization setting of every project in the organization that is configured for CI-based analysis.

Deleting an organization

You can delete an organization under Your Organization > Administration > Organization settingsDelete Organization.

Payment and visibility

In SonarCloud, an organization can be on either a free plan or a paid plan. Free organizations allow the import of only public projects. Paid organizations allow the import of public and private projects.

See Payment and Visibility.

Managing members

Members can collaborate on the projects in the organizations to which they belong. Depending on their permissions within the organization, members can:

  • Analyze projects.
  • Manage project settings (permissions, visibility, etc.).
  • Update issues.
  • Manage quality gates and quality profiles.
  • Administer the organization itself.

See Managing Members.

Organizations and IP filtering

SonarCloud currently allows the following static IP addresses for outgoing calls to supported DevOps platforms (GitHub, GitLab, Azure DevOps Services, and BitBucket Cloud):

  • 3.122.211.192
  • 35.158.229.250
  • 18.196.105.168 
  • 3.68.134.44
  • 3.74.220.70
  • 3.74.69.101

IP filtering is not supported for any other use case.

Domain allowlists

If you can't access SonarCloud on your network and your pipeline is hosted within an organization that is secured with a firewall or proxy server, you must add certain IP addresses and domain URLs to the allowlist. To update this, you need to add an outbound rule to your firewall.

Ensure the following domain URLs are allowed for SonarCloud:

  • *.sonarcloud.io
  • ea6ne4j2sb.execute-api.eu-central-1.amazonaws.com
  • Sc-cleancode-sensorcache-eu-central-1-prod.s3.amazonaws.com
  • sonarcloud.io
  • notifications.sonarcloud.io for web sockets
  • sonarsource.cdn.prismic.io for the latest news on SonarCloud
  • sonarsource.com (if logged out, users are redirected here)
  • docs.sonarcloud.io to view product documentation

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, SONARCLOUD, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Creative Commons License