One ACL setup for multiple applications or projects

shankar nanjundan

unread,

Oct 31, 2019, 12:43:56 PM10/31/19

to rundeck-discuss

Can i control with one user id for muliple applications or projects . Becuse i need to create multiple entries if i go by individual applcations

description: projects

context:

project: ['project1','project2']

for:

resource:

- equals:

kind: job

allow: '*' # allow create jobs

- equals:

kind: node

allow: [read,create,update,refresh] # allow refresh node sources

- equals:

kind: event

allow: [read,create] # allow read/create events

adhoc:

- allow: [read,run,runAs,kill,killAs] # allow running/killing adhoc jobs

job:

- allow: [create,read,update,delete,run,runAs,kill,killAs] # allow create/read/write/delete/run/kill of all jobs

node:

- allow: [read,run] # allow read/run for nodes

by:

group: rundeck_admin

Reiner Acuña

unread,

Oct 31, 2019, 2:24:13 PM10/31/19

to rundeck-discuss

Hi Shankar,

I did an example to works with multiple projects, just put the project at the 'project' line:

description: Rules at Project context.
context:
  project: (ProjectANSIBE|ProjectLOCAL) # put your projects here


for:
  resource:
    - equals:
        kind:

 job
      allow: [run] 
    - equals:
        kind: node
      allow: [read,update,refresh]


    - equals:
        kind: event
      allow: [read,create]


  adhoc:
    - allow: [read,run,kill]
  job:
    - allow: [read,run,kill]
  node:
    - allow: [read,run]
by:
  username: user # also, you can point this to user group with group: yourgroup
  
---
description: Rules at Rundeck application Project
context:
  application: 'rundeck'
for:
  project:
    - match:
        name: (ProjectANSIBE|ProjectLOCAL) # put your projects here
      allow: [read]
  storage:
     - allow: [read]
by:
  username: user # also, you can point this to user group with group: yourgroup

You will found more information here:

https://docs.rundeck.com/docs/manual/document-format-reference/aclpolicy-v10.html#aclpolicy

And here a good example to play:

https://docs.rundeck.com/docs/manual/document-format-reference/aclpolicy-v10.html#example-admin-policy

Hope it helps!

shankar nanjundan

unread,

Oct 31, 2019, 2:43:07 PM10/31/19

to rundeck-discuss

Thanks :) Will test and update you .

Reply all

Reply to author

Forward