Log in to rundeck and go to Settings > Access control > Create ACL policy and paste the ACL configuration. Here is an example for “editor” role user having access to Backend project and being able to run “Sync” job:

description: Editor
context:
  project: 'Backend'
for:
  resource:
    - equals:
        kind: event
      allow: 'read'
    - equals:
        kind: node
      allow: 'read'
  adhoc:
    - deny: run
  job:
    - equals:
        name: 'Sync'
      allow: [read,run,kill,killAs]
  node:
    - allow: [read,run,kill,killAs]
by:
  group: editor
 
---

description: Allow editors to actually see the above jobs
context:
  application: 'rundeck'
for:
  project:
    - match:
        name: 'Backend'
      allow: 'read'
  storage: # allow access to ssh key
    - match:
        path: 'keys/ssh_privkey'
      allow: 'read'
by:
  group: editor

Now create new user that belongs to the editor group in rundeck's realm.properties file, e.g.

newuser:password1234,editor

In job section above, don't match on name, so that part would go like

  ...
  job:
    - allow: [read,run,kill,killAs]
  ...

• Rundeck (docker container) 4.5.0, 4.16.0

• https://resources.rundeck.com/learning/acl-policy-files-by-example/
• https://docs.rundeck.com/docs/administration/security/authorization.html#rundeck-resource-authorizations
• https://kcaps.medium.com/rundeck-key-storage-acl-grant-access-to-path-27da34345220