Jenkinsdevops~30 mins

Authorization strategies (Matrix, role-based) in Jenkins - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Authorization Strategies in Jenkins: Matrix and Role-Based

📖 Scenario: You are setting up a Jenkins server for a small team. You want to control who can do what in Jenkins by using authorization strategies. This helps keep your projects safe and organized.

🎯 Goal: Learn how to configure Jenkins authorization strategies: first using the Matrix-based security, then adding role-based access control. You will create user permissions and roles step-by-step.

📋 What You'll Learn

Access to Jenkins web interface

Basic knowledge of Jenkins UI navigation

Understanding of users and permissions concepts

💡 Why This Matters

🌍 Real World

Controlling who can do what in Jenkins keeps your projects safe and organized, especially in teams.

💼 Career

Understanding Jenkins authorization strategies is essential for DevOps engineers and system administrators managing CI/CD pipelines.

Progress0 / 4 steps

Set up Matrix-based Security

In Jenkins, enable Matrix-based security under Manage Jenkins > Configure Global Security. Create a user called developer and give this user Overall Read and Job Build permissions only. Write the configuration snippet that shows the developer user with these permissions in the matrix.

Jenkins

# Add the matrix security configuration snippet for user 'developer' with 'Overall Read' and 'Job Build' permissions
# Your code here

Need a hint?

Look for the matrix block and add permission lines for the developer user.

Add Role-Based Authorization Plugin Setup

Add a variable called roleStrategy that represents enabling the Role-Based Authorization Strategy plugin in Jenkins. This variable should be set to enabled to indicate the plugin is active.

Jenkins

authorizationStrategy {
  matrix {
    permission('Overall.Read', 'developer')
    permission('Job.Build', 'developer')
  }
}

# Set roleStrategy variable to 'enabled'
# Your code here

Need a hint?

Just create a variable named roleStrategy and assign it the string 'enabled'.

Define Roles and Assign Permissions

Create a dictionary called roles with two roles: admin and viewer. The admin role should have permissions Overall/Administer and Job/Configure. The viewer role should have only Overall/Read. Then assign the user developer to the viewer role.

Jenkins

authorizationStrategy {
  matrix {
    permission('Overall.Read', 'developer')
    permission('Job.Build', 'developer')
  }
}
roleStrategy = 'enabled'

# Create roles dictionary and assign 'developer' user to 'viewer' role
# Your code here

Need a hint?

Use a dictionary named roles with keys 'admin' and 'viewer'. Then create user_roles dictionary to assign 'developer' to 'viewer'.

Display User Roles and Permissions

Write a print statement that outputs the string User developer has viewer role with permissions: ['Overall/Read'] using the user_roles and roles dictionaries.

Jenkins

authorizationStrategy {
  matrix {
    permission('Overall.Read', 'developer')
    permission('Job.Build', 'developer')
  }
}
roleStrategy = 'enabled'

roles = {
  'admin': ['Overall.Administer', 'Job.Configure'],
  'viewer': ['Overall.Read']
}
user_roles = {'developer': 'viewer'}

# Print user role and permissions
# Your code here

Need a hint?

Use an f-string to print the role and permissions for user developer.