Security
Security
This guide covers security configuration for Rundeck and Runbook Automation, including authentication, authorization, SSL/TLS, and audit capabilities.
Default Users
Learn about the default admin user account and initial security setup when first installing Rundeck.
Authentication
Configure how users authenticate to Rundeck including LDAP, Active Directory, PAM, and other authentication providers.
Authorization
Set up access control and permissions using Rundeck's Access Control List (ACL) system to control what users can see and do.
ACL Policy Editor
Use the web-based ACL Policy Editor to create and test access control policies with a guided interface.
SSL/TLS Configuration
Configure SSL/TLS encryption for secure HTTPS communication, including certificate setup and cipher configuration.
Single Sign-On (SSO)
Integrate Rundeck with enterprise SSO providers including Azure AD, Okta, and Ping Identity for seamless authentication.
HTTP Security Headers
Configure HTTP security headers to protect against common web vulnerabilities and enhance browser security.
Project-Level ACLs
Configure access control policies at the project level to manage permissions for specific projects.
Password Security
Enhance password security with configuration options for password hashing, encryption, and secure credential handling.
Rate Limiting
Protect your Rundeck instance from abuse by configuring rate limiting for API requests and user actions.
IP Blocklist
Restrict access to Rundeck by blocking specific IP addresses or ranges using the built-in blocklist feature.
Audit Trail
Track user actions and system events with Rundeck's audit logging capabilities for compliance and troubleshooting.
Audit Stream Plugin
Integrate Rundeck's audit events with external logging and SIEM systems using the audit stream plugin framework.