Getting Started - Access Control Lists

Role Based Access can be managed at the system or project specific level.

In this list of project based ACLs the UserAccess policy governs the rights alice and betty have currently.

In the following Exercise we will allow Alice to also run AdHoc Commands:

Enterprise Exercise:

1. Click Project Settings > Access Control
2. Click + Create ACL Policy button
3. Name: AllowCommands (no spaces)
4. Click + New Rule button
5. Description: Commands for Alice
6. By > User
7. User value: alice
8. Resource: AdHoc
9. Allow option checked
10. Check the first three options (read), (view), and (run)
11. Click Add Rule
12. Click Save

Community Exercise:

1. Click Project Settings > Access Control
2. Click + Create ACL Policy button
3. Name: AllowCommands (no spaces)
4. Paste the following code into the editor

   ---
   by:
     username: alice
   description: Commands for Alice
   for:
     adhoc:
     - allow:
       - read
       - view
       - run

5. Click Save

The code tells Rundeck to Allow Alice to run adhoc commands.

Return to the Alice Incognito window and refresh the browser. A new option for Commands should appear in the left navigation menu.

Since this ACL was scoped to alice, logging out and back in as betty will not have Commands in the Welcome Project.