Rundeck Key Security

[D Russell]

We have a request/need from our DevOps Team to completely secure their Project keys.   This includes securing them from RundeckAdmins.   By default, RundeckAdmins has read/write access to all projects and their associated keys.   We currently have a on-premise, two-node cluster running Rundeck Enterprise 3.4.10 on Windows Server 2019.  I have created a Rundeck Project to automate the creation of new Rundeck Projects and securing those projects based upon membership of an Active Directory group.   This does secure access to the project and associated keys to all except RundeckAdmins.   Is there any way to do this?

[rac...@rundeck.com]

Hi!

That's possible by applying ACL rules focused on your (AD) user roles, take a look at this and the first example of this article.

For process Automation questions (formerly "Rundeck Enterprise") please contact the dedicated support team, they will help you ASAP :-)

Regards!

[Don Russell]

Much appreciated.   We actually have this set up and projects are controlled via AD groups.   The problem is that our DevOps engineers want to have control over their private keys.  This poses a problem, because the RundeckAdmins group has inherent access to ALL objects in the Rundeck space, including the keys that are stored in the database.   I'm not sure how to prevent this.

Don Russell

--
You received this message because you are subscribed to a topic in the Google Groups "rundeck-discuss" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/rundeck-discuss/3u83GYOptD0/unsubscribe.
To unsubscribe from this group and all its topics, send an email to rundeck-discu...@googlegroups.com.
To view this discussion on the web visit

https://groups.google.com/d/msgid/rundeck-discuss/1a76d4e4-798f-4d20-9c67-1ad164533a35n%40googlegroups.com

.