Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- description: Developer project level access control. Applies to resources within a specific project.
- context:
- project: 'Your Project Name here' # all projects
- for:
- job:
- - allow: [read] # allow read of all jobs
- - match:
- group: 'HML/*'
- allow: [read,run] # allow run access for jobs within the "HML" top level group
- by:
- group: gdev
- ---
- description: Developer Application level access control, applies to creating/deleting projects, admin of user profiles, viewing projects and reading system information.
- context:
- application: 'rundeck'
- for:
- resource:
- - equals:
- kind: system
- allow: [read] # allow read of system info, enable/disable all executions
- - equals:
- kind: system_acl
- allow: [read] # allow modifying system ACL files
- - equals:
- kind: user
- allow: [read] # allow modify user profiles
- project:
- - match:
- name: '.*'
- allow: [read]
- project_acl:
- - match:
- name: '.*'
- allow: [read]
- storage:
- - allow: [read]
- by:
- group: gdev
- ---
- description: Leader project level access control. Applies to resources within a specific project.
- context:
- project: 'Your Project Name Here' # all projects
- for:
- job:
- - allow: [read,run] # allow read of all jobs
- by:
- group: gleader
- ---
- description: Leader Application level access control, applies to creating/deleting projects, admin of user profiles, viewing projects and reading system information.
- context:
- application: 'rundeck'
- for:
- resource:
- - equals:
- kind: system
- allow: [read] # allow read of system info, enable/disable all executions
- - equals:
- kind: system_acl
- allow: [read] # allow modifying system ACL files
- - equals:
- kind: user
- allow: [read] # allow modify user profiles
- project:
- - match:
- name: '.*'
- allow: [read]
- project_acl:
- - match:
- name: '.*'
- allow: [read]
- storage:
- - allow: [read]
- by:
- group: gleader
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement