Managing your organization - Overview
Projects on a repository platform are typically grouped into organizations. This enables teams to work together, define different permissions for different users and configure common settings and features.
SonarCloud uses the same organization-based structure.
What is a SonarCloud organization?
Each SonarCloud organization represents a corresponding organization on the repository platform side. The two organizations are bound one-to-one.
In GitHub and Azure DevOps collections of projects are called organizations, in BitBucket Cloud, workspaces, and in GitLab, groups. For simplicity, we will refer to all of these generically as organizations.
An organization in SonarCloud is composed of:
- The connection to the corresponding organization on the repository platform side.
- The projects from that repository platform organization that have been imported.
- The members of the organization. Each member has a set of permissions that govern which operations they may perform.
- Organization-level configurations such as the new code definition default, the quality gate definition, and the quality profiles.
- Whether the organization is free or paid and if it is paid, the payment information and tier of the paid plan.
Creating an organization
When you sign in to SonarCloud for the first time, it will prompt you to choose one of your existing organizations (or your personal account) on the repository service to import. On import, a corresponding organization is created on the SonarCloud side.
SonarCloud will then let you choose which repositories to import from your platform-side organization (or personal account) to the SonarCloud-side organization.
Later, you can create additional SonarCloud organizations by clicking + > Create New Organization (under the plus sign in the top bar) and specifying an organization on the repository platform side to import.
Organizations cannot be re-bound
Once an organization is created on the SonarCloud side it is bound to its peer organization on the repository platform until one or the other is deleted. The SonarCloud organization cannot be re-bound to another organization.
If you are migrating projects to another organization (either on the same repository platform), you will need to create a new SonarCloud organization to bind to the new platform organization and re-import the projects you want to analyze.
Organization keys can be changed
Although an organization cannot be rebound, its key can be changed.
The organization key is used in CI-based analysis setups to link the analysis produced by the scanner in your local or cloud-based build environment with the correct organization in SonarCloud. It appears as the value of the sonar.organization
parameter in your analysis configuration.
The key is set when you import the organization into SonarCloud. At that point, you can choose your own key or accept the suggested key.
In some cases, you may later wish to change this key (for example, if a new naming convention is adopted at your company, or if you initially chose a bad key by accident).
To change the key, go to Your Organization > Administration > Organization settings > Edit organization key enter your new Key, and Save.
If you change the key of your organization you must also make the same change to the sonar.organization
setting of every project in the organization that is configured for CI-based analysis.
Deleting an organization
You can delete an organization under Your Organization > Administration > Organization settings > Delete Organization.
Payment and visibility
In SonarCloud, an organization can be on either a free plan or a paid plan. Free organizations allow the import of only public projects. Paid organizations allow the import of public and private projects.
Managing members
Members can collaborate on the projects in the organizations to which they belong. Depending on their permissions within the organization, members can:
- Analyze projects.
- Manage project settings (permissions, visibility, etc.).
- Update issues.
- Manage quality gates and quality profiles.
- Administer the organization itself.
See Managing Members.
Organizations and IP filtering
SonarCloud currently allows the following static IP addresses for outgoing calls to supported DevOps platforms (GitHub, GitLab, Azure DevOps Services, and BitBucket Cloud):
- 3.122.211.192
- 35.158.229.250
- 18.196.105.168
- 3.68.134.44
- 3.74.220.70
- 3.74.69.101
IP filtering is not supported for any other use case.
For GitHub users, we have added those addresses to our SonarCloud GitHub App, so they will be automatically applied if you have selected the “Enable IP allow list configuration for installed GitHub Apps” option for your GitHub organization.
Domain allowlists
If you can't access SonarCloud on your network and your pipeline is hosted within an organization that is secured with a firewall or proxy server, you must add certain IP addresses and domain URLs to the allowlist. To update this, you need to add an outbound rule to your firewall.
Ensure the following domain URLs are allowed for SonarCloud:
*.sonarcloud.io
ea6ne4j2sb.execute-api.eu-central-1.amazonaws.com
Sc-cleancode-sensorcache-eu-central-1-prod.s3.amazonaws.com
sonarcloud.io
notifications.sonarcloud.io
for web socketssonarsource.cdn.prismic.io
for the latest news on SonarCloudsonarsource.com
(if logged out, users are redirected here)docs.sonarcloud.io
to view product documentation