JFrog Platform Permission Migration

JFrog Platform Administration Documentation

Content Type
Administration / Platform
ft:sourceType
Paligo

JFrog Access is the service that manages all aspects of authentication and authorization for all JFrog services under the hood. It stores all users, groups, permissions and Access tokens generated by any connected JFrog service.

As part of the upgrade to the JFrog Platform, several changes were made to the permissions handled by Access. This document provides a detailed explanation of the permission migrations for the JFrog products in the JFrog Platform.

JFrog Artifactory Migration

Permissions for Artifactory in Access did not change in the move from 6.x to 7.x.

JFrog Xray Migration

The following permissions changed in Xray.

Previous Permission

New Permission

“Admins”

“old-xray-admins”.

“Global”

The new permissions are created for each resource type (repo, build) on any resource.

“Resources”

  • If the “resources” permission contains repositories, a new permission will be created with the resource type “repo” including the repositories' names.

  • If the “resources” permission contains builds, a new permission will be created with the resource type “build” including the build's names.

The following Xray actions changed.

Old Action

New Action

Description

View_watch_issues

read

Read performs the following actions:

  • Downloads artifacts and reads the metadata

  • Views and downloads build info artifacts from the artifactory-build-info a default repository and reads the corresponding build in the Builds page

  • Views and downloads Release Bundle artifacts from the relevant Release Bundle repository and reads the corresponding Release Bundles in the Distribution page

View_component

read

See above

manage_component

mxm (manage_xray_metadata)

Permission to trigger Xray scans on artifacts in repositories, creates and delete custom issues and license

manage_policies

policy_manager role (user/group custom data)

Permission to create , edit and view Policies

manage_watch_issues

removed

view_reports

removed

The Xray 2.0 Reports functionality was deprecated in 3.0.

The Xray 3.0 Reports, which are new a functionality, require new permissions.Xray Reports

admin

policy_manager role + mxm + read

Permission to create , edit and view Policies, triggers Xray scans + perform the read actions above

JFrog Distribution Migration

The following resource types changed in Distribution.

Old Resource Type

New Resource Type

RELEASE_BUNDLES

release_bundle

DISTRIBUTION_SITES

destination

The following Distribution actions changed.

Old Action

Action Description

New Action

a

admin

"r", "w", "x", "d"

w

write/create/edit

“r”, “w”

d

delete

“r”, “d”

x

distribute

“r”, “x”

r

read

“r”

JFrog Mission Control Migration

All permissions have been deleted.

Migration Conflicts

In cases of conflicts in the display name, an index (1,2...) will be added to the display name.