SHARE
TWEET

Untitled

a guest Oct 21st, 2019 68 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. description: Developer project level access control. Applies to resources within a specific project.
  2. context:
  3.   project: 'Your Project Name here' # all projects
  4. for:
  5.   job:
  6.     - allow: [read] # allow read of all jobs
  7.     - match:
  8.         group: 'HML/*'
  9.       allow: [read,run] # allow run access for jobs within the "HML" top level group
  10.  
  11. by:
  12.   group: gdev
  13. ---
  14. description: Developer Application level access control, applies to creating/deleting projects, admin of user profiles, viewing projects and reading system information.
  15. context:
  16.   application: 'rundeck'
  17. for:
  18.   resource:
  19.     - equals:
  20.         kind: system
  21.       allow: [read] # allow read of system info, enable/disable all executions
  22.     - equals:
  23.         kind: system_acl
  24.       allow: [read] # allow modifying system ACL files
  25.     - equals:
  26.         kind: user
  27.       allow: [read] # allow modify user profiles
  28.   project:
  29.     - match:
  30.         name: '.*'
  31.       allow: [read]
  32.   project_acl:
  33.     - match:
  34.         name: '.*'
  35.       allow: [read]
  36.   storage:
  37.     - allow: [read]
  38.  
  39. by:
  40.   group: gdev
  41. ---
  42. description: Leader project level access control. Applies to resources within a specific project.
  43. context:
  44.   project: 'Your Project Name Here' # all projects
  45. for:
  46.   job:
  47.     - allow: [read,run] # allow read of all jobs
  48.  
  49. by:
  50.   group: gleader
  51. ---
  52. description: Leader Application level access control, applies to creating/deleting projects, admin of user profiles, viewing projects and reading system information.
  53. context:
  54.   application: 'rundeck'
  55. for:
  56.   resource:
  57.     - equals:
  58.         kind: system
  59.       allow: [read] # allow read of system info, enable/disable all executions
  60.     - equals:
  61.         kind: system_acl
  62.       allow: [read] # allow modifying system ACL files
  63.     - equals:
  64.         kind: user
  65.       allow: [read] # allow modify user profiles
  66.   project:
  67.     - match:
  68.         name: '.*'
  69.       allow: [read]
  70.   project_acl:
  71.     - match:
  72.         name: '.*'
  73.       allow: [read]
  74.   storage:
  75.     - allow: [read]
  76.  
  77. by:
  78.   group: gleader
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top