Chapter 8. Role Based Access Control Plugin
Prev		Next

Chapter 8. Role Based Access Control Plugin

Table of Contents

Introduction

Concepts and Definitions

Setting up the Role Based Access Control plugin

Enabling the authorization strategy
Configuring and managing roles
Configuring and managing groups
Configuring and managing role filters

Example Configurations

Instance owned by one cross-functional team
Instance shared by multiple cross-functional teams
Instance shared by multiple single-function teams
Secret projects on a shared instance

Scripting RBAC

group-membership
create-group
delete-group
group-role-assignments
list-groups

Troubleshooting

Recovering from a lock-out
Completely resetting the configuration
Finding hidden projects

Introduction

The Role Based Access Control plugin gives a Jenkins administrator the ability to define various security roles that will apply to the system they administer. Once roles have been defined the Jenkins administrator can assign those roles to groups of users. The assignment of roles can take place either at the global level, or limited to specific objects within the system. And, additionally, the Jenkins administrator can even delegate the management of groups for specific objects to specific users.

The Role Based Access Control plugin combines with the Folders plugin to give a powerful solution for managing a Jenkins which is shared by multiple teams of users. The Jenkins administrator can create folders for each of the teams and then create groups in those folders for each of the roles that team members can have. By delegating the management of the group membership (but not the management of the roles assigned to groups) to the team leaders, the Jenkins administrator can empower the team leads to manage the permissions of their team while reducing their own administrative overhead.

The RBAC plugin was introduced in Nectar 11.04.

Prev		Next
Setting up Fast Archiver	Home	Concepts and Definitions