- I want that anonymous user only have access to the content of a folder (folder-1) but not to the content of a subfolder inside that folder (folder-2) (folder-1/folder-2).
- CloudBees Jenkins Enterprise
- RBAC plugin
Let’s say I have on my Jenkins dashboard the following job and folder.
And then inside my-folder-2 the following items:
The goal will be to grant the anonymous access to the elements inside my-folder-2, but not to the elements inside my-folder-3.
The first thing you need to do is to create a new role that I am going to call anonymous-internal with at least Overall/Read and Job/Read permission. Notice that in my example anonymous and authenticated users have Overall/Read permission.
Then, at my-folder-2 level I have created a new group of users called anonymous-internal-2, in which the “anonymous” user is a member. I granted to the anonymous-internal-2 user group the role “anonymous-internal” grated at current level and with the Propagates option enabled.
This group should then have a configuration like the one below:
The next step, it is still easiest. You just need to go at my-folder-3 level and filter-out the anonymous-internal role.
So now, if I access Jenkins as anonymous, this is what I can see: