Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-15143

New permissions options: separate user management and artifactory management

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Normal
    • Resolution: Unresolved
    • Affects Version/s: 5.5.1
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      Due to compliance requirements, there is a request have additional segregated management accounts.
      There is a request for new permissions that expand on and are selected instead of admin:

      • User management: Users with this permission can manage users and permissions+permission targets, but are unable to make administrative changes to Artifactory (create repos, replication, backup, etc)
      • Service Management: Users with this permission can manage repositories and other aspects of artifactory services (backup, replication, etc) but cannot manage users.

      This use case comes from a security standpoint as to limit the risk that comes from an admin role having more permissions than some users need (e.g. LDAP admin who also manages artifactory only needs to manage users, and locking him out of other admin functions reduces risk should his account be compromised, etc.)

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              davidx David Xu
            • Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: