Hey everyone 👋
I’m Anusha Kuppili, a DevOps enthusiast, and recently while helping a team set up Jenkins for their CI/CD pipelines, I had to configure user access and permissions securely.
Honestly, it sounds simple… until you're staring at Jenkins’ settings wondering:
“Wait, where is this matrix everyone’s talking about?”
So here's a straightforward, no-fluff walkthrough of how I got it working — creating a user, restricting access, and enabling job-level permissions. Let's go! 🚀
🧩 Why Access Control in Jenkins Matters
If you’re collaborating with a team, you don’t want every user to have admin access. And you definitely don’t want anonymous users poking around your jobs.
That’s where Jenkins’ Project-based Matrix Authorization Strategy comes in handy — it lets you fine-tune exactly what each user can and can’t do.
✅ Step 1: Log in to Jenkins
Open your Jenkins instance (usually at http://localhost:8080 or your server IP).
Use your admin login. If it’s freshly installed, you might be using something like:
Username: admin
Password: Adm!n321 (or whatever you’ve set)
👤 Step 2: Create a New User
We’re creating a user named ammar.
Go to Manage Jenkins → Manage Users
Click Create User
Fill in:
Username: ammar
Password: TmPcZjtRQx
Full Name: Ammar
Click Create User
Now Ammar has a Jenkins account — but no permissions yet!
🔌 Step 3: Install the Matrix Authorization Plugin
Here’s where I initially got stuck — if you don’t see the Matrix-style permission grid, you likely need the plugin.
Go to Manage Jenkins → Plugins
Under the Available tab, search:
Matrix Authorization Strategy
Select it and click Install without restart
When done, hit Restart Jenkins when installation is complete
🔁 Wait until Jenkins fully reloads and you see the login screen again.
🔐 Step 4: Enable Project-based Matrix Authorization
Now that the plugin is in, let’s set up permissions.
Go to Manage Jenkins → Configure Global Security
Under Authorization, select:
✅ Project-based Matrix Authorization Strategy
You’ll now see a permissions grid. Add:
ammar → Check only Overall → Read
admin → Make sure you keep Overall → Administer
Anonymous → Uncheck everything or remove it
✅ This setup allows Ammar to view Jenkins, but not change anything.
📁 Step 5: Give Ammar Access to Just One Job
By default, users don’t get access to jobs. If you want ammar to view one specific job (and nothing else), you’ll need to:
Go to the Job (aka pipeline or project)
Click Configure
Scroll down and enable:
✅ Project-based security
Add ammar and give only:
Job → Read
Make sure admin still has all permissions checked
Click Save
Now Ammar can view that job, but can’t build, delete, or modify anything.
🚫 Step 6: Remove Anonymous Access
For safety:
Go back to Configure Global Security
Find Anonymous in the permission matrix
Remove it or uncheck all boxes
This ensures only logged-in users can access Jenkins.
🎉 Done! Jenkins Is Now Locked Down
What we achieved:
Created a user with limited permissions
Installed the Matrix plugin
Disabled anonymous access
Secured job-level visibility
🧠 Quick Summary
Task What You Did
✅ Add user Created ammar with password
🔌 Install plugin Matrix Authorization Strategy
🔒 Restrict access Global + Job-level permissions
🔐 Disable guests Removed Anonymous user
💬 Got Questions?
If you're setting up Jenkins for the first time or want help automating this setup, drop your questions in the comments below. I’d love to connect and learn how others are managing access too! 🙌
Follow me for more hands-on DevOps content
Top comments (0)