Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Jenkins Project Based Security

Tags:

jenkins

jenkins-plugins

I am using role based security in jenkinks.

what i am wondering is there a to do the following.

Present:

using role based plugin.

under Manager and assign roles

  • "global roles" >> where i have an "admin" he can create a project
  • " Project roles" >> created individual project which lets you build/delete/ect a job - but does not create a job

issue is:

  • i want one person to have the admin rights to create a project
  • team members to go into that project and create jobs but only for there project they have given the rights to without given them "global admin rights"

Future what i want:

admin Role:

  • to give person admin ( global rights) where he can go create the Application(project).

project based:

  • the team members to have the rights to create and delete jobs only for there Application (Project).and not have access to another Applicatons(project) and not given global rights to create other projects or to touch other people projects

any new security rights plugin out there, i am using role-based plugin.

any new interesting plugin i can checkout to see which direction i can go?

like image 433
adam Avatar asked Nov 11 '14 16:11

adam

People also ask

What is matrix based security in Jenkins?

Matrix-based security is one of the authorization strategies available for securing Jenkins. It allows you to grant specific permissions to users and groups. The available permissions are listed below with their descriptions, and are also available by hovering over the permission heading in the Jenkins UI.

What is project-based matrix authorization strategy in Jenkins?

Project-based matrix authorization allows configuring permissions for each item or agent independently. Permission applying to such items or agents that are granted in the global configuration apply to all of them, unless they don't inherit global permissions (see below).

2 Answers

You need this:

First step is install the plugin "Jenkins Role Strategy Plugin".
Second step is reset Jenkins.

Follow the steps:

  1. Login to Jenkins with your credentials.
  2. Go to "Manage Jenkins".
  3. Go to "Configure Global Security".
  4. In the option "Authorization" select "Project-based Matrix Authorization Strategy" and put the privileges as appropriate.

Obviously, if you need have permissions like administrator, then will put the privileges as appropriate.

Note: If you need put privileges by job, then will must setting for each job in the option "Enable project-based security".

Regards...

like image 80
hdmq Avatar answered Nov 09 '22 08:11

hdmq

@adam,

Take a look at Jenkins Role Strategy Plugin.

This plugin adds a new role-based strategy to ease and fasten users management. This strategy allows:

  • Creating global roles, such as admin, job creator, anonymous, etc., allowing to set Overall, Slave, Job, Run, View and SCM permissions on a global basis.
  • Creating project roles, allowing to set only Job and Run permissions on a project basis.
  • Creating slave roles, allowing to set node-related permissions.
  • Assigning these roles to users.

Hope that helps.

like image 22
333kenshin Avatar answered Nov 09 '22 09:11

333kenshin
Sign in to Comment

Related questions

Push to google container registry fails: Retrying
jenkins pipeline PR build contains wrong branch name
Jenkins Kubernetes plugin failing to provision jnlp-slave pods
How to trigger a Jenkins Pipeline on Git commit
Getting Timed out receiving message from renderer: 600.000 When we execute selenium scripts using Jenkins windows service mode
Jenkins Multibranch Pipeline Lightweight Checkout
How to use jenkins to restart PM2?
Jenkins suddenly started failing to provision agents in Amazon EKS
Hudson or Jenkins Parameterized Builds using dynamic choices
Extending a Jenkins/Hudson plugin to set a environment variable pair
Publish Clover Coverage Report fails
Build LaTeX PDF on Jenkins/Hudson
Run custom database scripts in Jenkins
Hudson / Jenkins: share parameters between several jobs
How to keep only red builds in jenkins
Deployed to Tomcat 7 OK but cannot access application
Jenkins job generator
Attempting to use scm:tag in a Jenkins job for a Git repository that requires a username/password
CasperJs + jenkins : when a test fails, how to retrieve all information on this test
Jenkins - How can i pass parameters from the Upstream to Downstream

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!