Skip to end of metadata
Go to start of metadata

Overview

JFrog Distribution offers a flexible permissions model that gives an administrator fine-grained control over how users and groups access the different features of Distribution. 

Authentication Provider Required

It is mandatory to configure an Authentication Provider as part of your Distribution installation process. Through an authentication provider, you can apply permissions to all users defined in your LDAP servers.

Permissions are managed as a set of rules applied to three vectors: Resources, Users/Groups and Actions.

Resources

A resource is a configurable entity that can be managed or viewed by users based on the permissions assigned by the administrator. Resources define the scope of a permission to the release bundles and destinations.

Distribution supports three types of resources:

  • Admin - manages creating admin, release bundle and destination permissions
  • Release Bundle - viewing, creating, deleting and distributing release bundles
  • Destination - distributing to Artifactory edge node destinations

Users and Groups

Once the scope of a permission is specified, you can specify the users and groups to which the permission applies. Distribution will work with the users and groups defined in the Authentication Provider.

Page Contents

Actions

Once you have defined the resources and users/groups to which a permission applies, you can specify the actions that those users/groups can perform on the specified resources. The table below describes the actions you can specify for Release Bundle permissions.

ActionDescription
Read Release Bundle
Allows the specified users/groups to view release bundles.
Write Release Bundle
Allows the specified users/groups to create release bundles.
Delete Release Bundle
Allows the specified users/groups to delete release bundles.
Distribute Release Bundle
Allows the specified users/groups to distribute release bundles. Users/Groups can distribute according to their destination permissions.

 


Managing Permissions

You can access the list of Permissions defined in Distribution from the Admin module under Security | Permissions.

Double-click a Permission Name to edit an existing Permission, or click "New Permission" to create a new "Destination" or "Release Bundle" one.

Creating and editing a permission is done in three steps.

  1. Specifying Resources
  2. Specifying Groups and Actions
  3. Specifying Users and Actions

After completing these steps, make sure to click "Save & Finish" to save your changes.


Creating Release Bundle Permissions

Specifying Resources

Specify the Release Bundles for this permission.

Name
A logical name for this permission.
All Release Bundles
If selected, this permission applies to all release bundles available. When selected, the rest of this form is disabled since there is nothing more to specify.
Selected Resources
If selected, you need to specify the resources (Artifactory instances, repositories and/or builds) to which this permission applies.
Include Patterns
Specifies an include pattern for selection of release bundles

Once you have specified the resources for this permissions, select the Groups tab to specify the groups on which to apply it.

Specifying Groups and Actions

The Groups tab displays groups defined in the Artifactory instance specified as your authentication provider.

Using the arrow, or by dragging, add the Groups for which you want to define actions and then specify the actions allowed.

Once you have specified Groups and their allowed actions for this permission, select the Users tab to specify additional users on which to apply it.

Specifying Users and Actions

The Users tab displays users defined in the Artifactory instance specified as your authentication provider.

Using the arrow, or by dragging, add the users for which you want to define actions and then specify the actions allowed.


Creating Destination Permissions

Specifying Resources

Specify the Artifactory Edge Node destination for this permission.

Name
A logical name for this permission.
All Destinations
If selected, this permission applies to all destinations available. When selected, the rest of this form is disabled since there is nothing more to specify.
Site Name
The Artifactory Edge Node site name specified with a wildcard pattern.
Country Codes
The Artifactory Edge Node country codes.
City Name
The Artifactory Edge Node city name with a wildcard pattern.
Service Name
The Artifactory Edge Node service name with a wildcard pattern.

Specifying Groups and Actions

The Groups tab displays groups defined in the Artifactory instance specified as your authentication provider.

Using the arrow, or by dragging, add the Groups for which you want to define actions and then specify the actions allowed.

Once you have specified Groups and their allowed actions for this permission, select the Users tab to specify additional users on which to apply it.

Specifying Users and Actions

The Users tab displays users defined in the Artifactory instance specified as your authentication provider.

Using the arrow, or by dragging, add the users for which you want to define actions and then specify the actions allowed.

 

  • No labels