Jenkins: Role-Based Permissions Strategy
Jenkins Role-Based Strategy Plugin; When we use a single Jenkins, we don’t want users to see or process (Build, Delete, etc.) all projects. In these cases, we can use Global Roles, but only transactions such as normal jobs and credentials, etc. can be restricted. For this reason, we can add specific patterns with the features that Role-Based plugin provides us and add them to the project-based role to the users.
To enable role-based strategy, it is enough to follow the steps below.
Step 1. Go to Jenkins Dashboard -> Manage Jenkins -> Configure Global Security -> Authorization-> Select Role-Based Strategy
After enabling Role-Based Strategy, we can now define our item roles.
Step 2. Manage Jenkins -> Manage and Assign Roles -> Manage Roles
In this step, we can now define our roles. We perform our roles with specific patterns under Items Roles. We name the role from the role to add part. From the pattern section below, we give a certain pattern of the job we want to restrict.
After defining our role, we need to assign it to users to enable this role.
Step 3. Manage Jenkins -> Manage and Assign Roles -> Assign Roles
You will be greeted with a screen like the one below. Since we have defined the role in the item roles section above, we will perform our operations on item roles in the assigned roles section. After adding the username you want to add, you can mark the role.
Now let’s look at the view which is in normal user, then log in with our test user and check if our role is defined.
If you create your jobs here to start with the names Test, Dev, Prod, Pre-prod, it will be more useful to define them in a collective role in the future.
Let’s login with our tester user and take a look. As you can see, it only brought jobs starting with “Test”.
This is useful when specific jobs shouldn’t be accessed by certain users.
