DEV Community

Wycliffe A. Onyango
Wycliffe A. Onyango

Posted on

100 Days of DevOps: Day 70 (New)

#jenkins #devops #automation #cicd

Jenkins User Access Configuration

Objective

The goal of this task was to set up secure user access in Jenkins by:

  • Creating a new user named Jim.
  • Enabling Project-based Matrix Authorization Strategy for fine-grained permissions.
  • Granting read-only access to Jim.
  • Removing all permissions from Anonymous users.
  • Retaining full administrative privileges for the admin account.

This configuration ensures that only authenticated users can access Jenkins and that permissions are strictly role-based.

Steps Performed

Step 1: Login to Jenkins

  1. Access Jenkins UI using your browser.
  2. Log in using:
  • Username: admin
  • Password: Adm!n321

Step 2: Create a New User (Jim)

  1. Navigate to: Manage Jenkins → Users → Create User
  2. Fill in the details:
  • Username: jim
  • Password: YchZHRcLkL
  • Full Name: Jim

Click Create User.

Step 3: Install Matrix Authorization Plugin

  1. Navigate to: Manage Jenkins → Plugins → Available Plugins
  2. Search for: Matrix Authorization Strategy
  3. Click Install without restart.
  4. Once done, select: Restart Jenkins when installation is complete and no jobs are running.
  5. Wait until the Jenkins login page reloads.

Step 4: Configure Global Security

  1. Go to: Manage Jenkins → Security → Configure Global Security
  2. Under Authorization, select: ✅ Project-based Matrix Authorization Strategy
  3. In the permission table, assign as follows:

Global Security Configs

Click Save.

Step 5: Configure Job-level Access

  1. Open any existing Jenkins job.
  2. Click Configure.
  3. Scroll down to Build Permissions or Enable project-based security.
  4. Add user jim and grant only Read access.
  5. Click Save.

Job Level Access

Step 6: Verify Permissions

  1. Log out from admin.
  2. Log in as jim using:
  • Username: jim
  • Password: YchZHRcLkL

Confirm that Jim can only:

  • View dashboard and job details.
  • Cannot configure or trigger builds.

dashboard

build info

Results

User Permissions Status
admin Full administrative control
jim Read-only (view jobs, no modification)
anonymous No access

✅ Jenkins user access control successfully configured and verified.
This enhances the security and accountability within the Nautilus CI/CD environment.

Notes

  • Future team members should be added using the same controlled process.
  • Always ensure Matrix Authorization is active before modifying user roles.
  • It is recommended to take a full Jenkins configuration backup after major security changes.

Top comments (0)