Migrate Security & Encryption Server to Security & Encryption Cloud

 

This page outlines the steps to migrate your Security & Encryption data from Confluence Server or Data Center to Confluence Cloud. 

Prework

Before you start, read and understand the following information:

  • understand the macro differences and feature differences between the Security and Encryption for Confluence Server and Confluence Cloud

  • be aware of the following limitations, and take the suggested actions if needed

    • rich text content used to create secrets does not appear correctly when migrated. Ensure secrets are in plain text before migration

    • restricted pages are not supported currently. Depending on the sensitivity of the data, we suggest users manually migrate these secrets or remove any restrictions on related pages

    • Confluence Cloud currently does not support nested macros (See CONFCLOUD-68323) which means integration with other apps by way of nesting will be limited.  We suggest moving the secrets outside of the nested macros in server before performing the migration.

Administrators using the CCMA tool to allow partial user migration should review the product access of the users before attempting steps related to the Server Migration tab

It is recommended to perform a test migration to understand the steps required to migrate data and reconfigure the migrated data

This guide assumes you have successfully migrated your Confluence Server data into Confluence Cloud, per Atlassian's Server to Cloud migration guide.

Guide

At the end of this guide, you will have

Depending on how large your Confluence data is, this process may take a few hours to complete.  

Step 1 - Run CCMA

Follow through with the steps in Step 1 - Run CCMA (Security & Encryption)

Overview

  • prepare a set of test data and a staging instance to perform a pre-migration environment test before production migration OPTIONAL

  • upgraded Security and Encryption for Confluence Server to version 3.6.0 or above

  • find and identify the spaces that are using the Security and Encryption macros

  • perform the migration using the Confluence Cloud Migration Assistant(CCMA) tool

  • schedule the migration window

Step 2 - Secure Macro Transformation to Secrets

Follow through with the steps in Step 2 - Secure Macro Transformation to Secrets (Security & Encryption)

Overview

  • have your Confluence cloud instance ready

  • select which secrets you want to migrate from the Server Migration Beta tab

  • generate the migration key and passphrase from the Confluence server 

  • perform the transformation of the server secure Macro to its cloud equivalent Secret

  • after a successful migration, admins should check for Secret owners without add/delete restrictions and then grant them access

For further information on the restrictions - How do we check and bulk update add/delete restrictions?)

The improved version of Security and Encryption for Confluence Cloud utilizes zero-knowledge architecture. To learn more, read What is a legacy secret?.

Legacy secrets will be automatically converted when migrated to the cloud. To ensure that this transition happens smoothly, the Administrator executing the migration will be added as the owner of the secrets.

Step 3 - Troubleshooting Steps

Follow through with the steps in Step 3 - Troubleshooting Steps (Security & Encryption)

Overview

  • ensure the Security and Encryption add-on is given the appropriate permission in space permissions

  • understand the type of error messages and what non-transformed secrets look like. 


Next StepsÂ