2

Is it possible in Rundeck to limit a user group to only see a specific group inside of a project. The project has 5 different groups "folders" with jobs in there. I can limit run access to the group I want, but I don't want the user group to see any of the other folders under the project. Does that make sense?

Project

  • group1 Hide for a user group
  • group2 Access for all
  • group3 Hide for a user group
Yang
  • 858
  • 6
  • 22
scott
  • 143
  • 1
  • 2
  • 12

1 Answers1

2

There is.

Just remove read from the job group acl.

The follow acl only allow user from user_group to run and read jobs under group2 only. The users can not read(see) jobs other than jobs under group2

description: Limited user access for group in a project
context:
  project: 'project1'
for:
  job:
    - equals:
        group: 'group2'
      allow: [run,read]
by:
  group: [user_group]

Note: if you have multiple acl, your acl may be overridden by another acl file.

Rundeck ACL

Yang
  • 858
  • 6
  • 22
  • Thanks. That did it. The ACL docs are a bit confusing but this will help immensely. Thanks. – scott Mar 23 '17 at 18:29