Security in Jenkins

1 hour
  • 6 Learning Objectives

About this Hands-on Lab

In this hands-on lab, you will configure security contexts in Jenkins for your company by creating and applying nested folders and ensuring users only have access to items in their scope. During this lab, we will see how configuration changes apply to Jenkins’ overall security and what effect the security contexts have at each of the different levels.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Enable Project-Based Matrix Security
  1. Enable project-based matrix security.
  2. Ensure that our authenticated users have global read access at this level.
Create Users James, Diane, and Laura
  1. Create new user accounts for James, Diane, and Laura.
  2. Take note of all passwords provided for the users.
  3. Check the security settings for each account using the passwords you created.
Create the webdev Folder and Give James Access
  1. Create a top-level folder named webdev.
  2. Enable project security and disallow inheritance.
  3. Add James and give him full access.
  4. Create a freestyle project named test, and set it to inherit from the parent.
Create the backend Folder and Give Diane Full Access
  1. Create a top-level folder named backend.
  2. Configure and enable project-based security for the folder.
  3. Disable inheritance, add Diane, and grant her full access.
Create the tomcat Folder Inside the Backend Folder and Give Laura Access
  1. Go into the backend folder, create a new item, and create the tomcat folder.
  2. Configure this folder with project-based security, allow inheritance from the parent, and add Laura with full access.
  3. Make sure that Laura has permission to view the job on the’ backend’ folder and can see the tomcat folder.
  4. Inside the tomcat folder, make a test freestyle project.
Verify That Each User Can Only Access Their Specified Folders
  1. Log in as James, and verify that the user can’t access the backend folder.
  2. Log in as Diane, and verify that the user cannot see the webdev folder but can see backend and tomcat.
  3. Log in as Laura, and verify that the user can only access the tomcat folder.

Additional Resources

The company has failed a security audit and is implementing stricter security on all servers and services; this includes the Jenkins server. To this end, you will need to create folders for the jobs that are on the Jenkins server. There are 3 users that need to be on the server:

  • James is a web developer, and his projects need to be in the webdev folder so that only James can access them.
  • Diane is the manager of backend development and needs access to the backend folder and all jobs in that folder and all children of that folder.
  • Laura is a new developer on the backend team and has been hired to get the tomcat project back on track. She will require read access to the backend folder and full access to the tomcat folder and all jobs in that folder.

You will need to create these folders and some dummy jobs to ensure that the permissions are correct and that only the required access is given.

Remember to log in to the Jenkins instance as the student user in a private browsing window to confirm that the settings are correct.

To sign in, use the following credentials:

  • Jenkins login user: student
  • Password: OmgPassword!

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?