标签:rundeck使用说明
登录rundeck系统http://rundeck.com:4440/user/login (登录自己的系统)
2.权限设置, 点击Access Contral
3.创建策略
4. 策略内容模板
description: user.
context:
project: 'test-02'
for:
resource:
- equals:
kind: job
allow: [read,create] # allow read/create all kinds
- equals:
kind: node
allow: '.*'
- equals:
kind: event
allow: '.*'
adhoc:
- allow: '*'
job:
- match:
group: '.*' ##若是project 给授权所有的job组权限,就这样,若是 project/moni/xxjob 就改成 moni
name: '.*'
allow: [read,run,create,runAs,kill,killAs] # allow read/write/delete/run/kill of all jobs
node:
- allow: [read,run] # allow read/run for all nodes
by:
username: 'test01'
---
description: user.
context:
application: 'rundeck'
for:
resource:
- equals:
kind: project
allow: [read,create] # allow create of projects
- equals:
kind: system
allow: [read]
- equals:
kind: user
allow: [read]
project:
- match:
name: 'test-.*'
allow: [read,create] # allow view/admin of all projects
storage:
- allow: [read,create] # allow read/create/update/delete for all /keys/* storage content
by:
username: 'admin|test'
group: 'admin'
注: 以上各字段说明参考官方文档:http://rundeck.org/docs/administration/access-control-policy.html
用户test01是用命令行工具创建,参考文档: http://blog.51cto.com/haoyonghui/2085869
标签:rundeck使用说明
原文地址:http://blog.51cto.com/haoyonghui/2086774
