Jenkins Role-Based Authorization Setup

Step 1: Create Users

• Go to: Manage Jenkins → Security → Users → Create User

• Create the following users:

  • asif
  • test
  • demo

Step 2: Install and Enable Role-Based Authorization Plugin

1. Go to: Manage Jenkins → Manage Plugins → Available

2. Search for Role-based Authorization Strategy and install it.

3. After installation, go to: Manage Jenkins → Configure Global Security

   • Under Authorization, select Role-Based Strategy.
   • Save changes.

Step 3: Define Global Roles

1. Go to: Manage Jenkins → Manage and Assign Roles → Manage Roles

2. Under Global Roles, create the following roles:

   • role_asif
   • role_demo

3. For both roles, check:

   • Overall → Read
   • Job → Read

Step 4: Define Item Roles

1. In the same Manage Roles page, go to Item Roles.

2. Create regex-based roles for job access.

   • Example:

     • If job name contains test, use regex → .*test.*

       • Matches: abc.test.job, [email protected], etc.

   • For user asif:

     • Create role: item_roles_asif

     • Regex: .*prod.* (This matches jobs like indigo-prod-api-job, abc-api-prod-job, prod-job-payu, icici-backend-prod, etc.)

     • Permissions:

       • Job → Read
       • Job → Build

Step 5: Assign Roles to Users

1. Go to: Manage Jenkins → Manage and Assign Roles → Assign Roles

2. Assign roles as follows:

   • For user asif:

     • Global Roles: role_asif
     • Item Roles: item_roles_asif

   • (Similarly, assign other roles for users test and demo if needed.)

Step 6: Verification

• Log in as asif.

• Check that:

  • User asif can see jobs with prod in the name.
  • User asif has Read and Build permissions only for those jobs.

✅ Now your Jenkins Role-Based Access Control is properly configured.