Differences

This shows you the differences between two versions of the page.

--- wiki:rundeck_add_new_role_acl_policy [2022/11/11 14:59] – add storage access code antisa
+++ wiki:rundeck_add_new_role_acl_policy [2024/05/13 10:32] – [Allow access to all jobs under Backend projet] fix typo antisa
@@ Line 1: / Line 1: @@
-{{tag>rundeck}}
+{{tag>rundeck acl}}
 ====== Rundeck add new role ACL policy  ======
@@ Line 17: / Line 17: @@
       allow: 'read'
   adhoc:
-    - allow: 'read'
+    - deny: run
   job:
     - equals:
@@ Line 47: / Line 47: @@
 Now create new user that belongs to the editor group in rundeck's //realm.properties// file, e.g.
   newuser:password1234,editor
+===== Allow access to all jobs under Backend project =====
+In job section above, don't match on name, so that part would go like
+<code yaml>
+  ...
+  job:
+    - allow: [read,run,kill,killAs]
+  ...
+</code>
 ====== Tested on ======
@@ Line 55: / Line 65: @@
 ====== References ======
+  * https://resources.rundeck.com/learning/acl-policy-files-by-example/
   * https://docs.rundeck.com/docs/administration/security/authorization.html#rundeck-resource-authorizations
+  * https://kcaps.medium.com/rundeck-key-storage-acl-grant-access-to-path-27da34345220