​

Jenkins Role-Based Authorization Setup

​

Step 1: Create Users

• Go to: Manage Jenkins → Security → Users → Create User
• Create the following users:
  • asif
  • test
  • demo

​

Step 2: Install and Enable Role-Based Authorization Plugin

1. Go to: Manage Jenkins → Manage Plugins → Available
2. Search for Role-based Authorization Strategy and install it.
3. After installation, go to: Manage Jenkins → Configure Global Security
   • Under Authorization, select Role-Based Strategy.
   • Save changes.

​

Step 3: Define Global Roles

1. Go to: Manage Jenkins → Manage and Assign Roles → Manage Roles
2. Under Global Roles, create the following roles:
   • role_asif
   • role_demo
3. For both roles, check:
   • Overall → Read
   • Job → Read

​

Step 4: Define Item Roles

1. In the same Manage Roles page, go to Item Roles.
2. Create regex-based roles for job access.
   • Example:
     • If job name contains test, use regex → .*test.*
       • Matches: abc.test.job, 123@rer.test-abc, etc.
   • For user asif:
     • Create role: item_roles_asif
     • Regex: .*prod.* (This matches jobs like indigo-prod-api-job, abc-api-prod-job, prod-job-payu, icici-backend-prod, etc.)
     • Permissions:
       • Job → Read
       • Job → Build

​

Step 5: Assign Roles to Users

1. Go to: Manage Jenkins → Manage and Assign Roles → Assign Roles
2. Assign roles as follows:
   • For user asif:
     • Global Roles: role_asif
     • Item Roles: item_roles_asif
   • (Similarly, assign other roles for users test and demo if needed.)

​

Step 6: Verification

• Log in as asif.
• Check that:
  • User asif can see jobs with prod in the name.
  • User asif has Read and Build permissions only for those jobs.