Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-63911

separate the cluster usage permission from the folder configuration permission

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      1. we are allowing our users to configure folders.
      2. we set each kubernetes cluster we add to the server as "restrict pipeline support to authorized folder".

       

      while starting to use the kubernetes plugin, we found out that once we add a kubernetes cluster to the clouds defined in the jenkins server, each user with configure permission on a folder is capable of adding the cluster to that folder, and using it.

      my request is - set a different permission for that capability, since on the one hand - we want user to be able to configure their own folders, but on the other hand, this allows them to "take control" over kubernetes clusters defined on the server, which is a MAJOR security breach.

        Attachments

          Activity

          There are no comments yet on this issue.

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            amidar Amit Dar
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: