05_Authentication_and_Authorization
In this lab we will explore how authentication and authorization work in Jenkins:
- Create users for all the members of your group.
- Create 2 groups of dev and DevOps and assign people to each group.
- Ensure that DevOps group people will have complete access to the Jenkins server.
- Ensure that dev group people are only allowed to run the jobs.
- Create a job to which one member of the dev group should have edit access.
- We have to install the "Role-based Authorization Strategy" plugin in Jenkins. Go to Manage Jenkins > Manage Plugins and click on the available tab.
-
Search for role-strategy and install it without restart
-
Once the installation is done, restart Jenkins by URL
http://your_jenkins_url:8080/restart
- Go to Manage Jenkins > Manage Users and click on "Create User" and fill out the values
- Do similar steps for creating other users of your team
- Go to Manage Jenkins > Configure Global Security and go to the Authorization section and select "Role-Based Strategy"
- Go to Manage Jenkins > Manage and Assign Roles > Manage Roles and create role for dev and then save the config
- Similarly, add the role for "devops"
- Go to Manage Jenkins > Manage and Assign Roles > Assign Roles and add the users to the roles
-
Save the configuration
-
Try to login with the user and see the changes
- Go to Manage Jenkins > Configure Global Security and go to the Authorization section and select "Project-based Matrix Authorization Strategy"
- Create a freestyle job with the name "Role Testing" and while configuring it check "Enable project-based security"
- Login with Dev user and validate the access
