Access control

2 minute read

CloudBees Release Orchestration SaaS enables you to assign access controls or privileges to each user in the platform, based on the assigned role. Certain aspects of the CloudBees Release Orchestration SaaS UI are under access control.

There are five pre-defined roles: Admin, DevOps, Developer, Manager, and QA.

When role-based access control (RBAC) is disabled, all users have access to all groups and pipelines. When RBAC is enabled, you can create custom roles with unique access controls, and Admin users have access to all groups and pipelines.

Table 1. CloudBees Release Orchestration SaaS pre-defined roles
Name Definition

Admin

Manages user accounts, access control, settings, and pipeline definitions.

DevOps

Understands the software development lifecycle and uses various tools and scripts to automate the process.

Developer

Develops and tests software. Commits code to source control management, which triggers a pipeline execution.

QA

Ensures the quality of the product by performing regular audits and automated and manual tests.

Manager

Oversees team performance, product development, and releases. Usually provides approvals.
You must have the Admin role to configure access controls, add new custom roles, or delete custom roles.

Configuring access controls

You can edit the pre-defined roles.

You cannot edit the Admin role.

To configure access controls:

  1. From the CloudBees Release Orchestration SaaS Home page, select Admin  User Management.

  2. Select Access Control from the left pane. The role name and number of users are listed.

    Roles and users
    Figure 1. An example of roles and numbers of users

  3. Select a role.

  4. Select the edit icon.

  5. Select the permissions you want the role to have, and deselect any you do not want the role to have.

  6. Select SAVE.

Your access control configuration is saved.

Creating a custom role

When RBAC is enabled, you can create a new role with custom access controls.

To create a custom role:

  1. From the CloudBees Release Orchestration SaaS Home page, select Admin  User Management.

  2. Select Access Control from the left pane.

  3. Select Add Role.

  4. Select the permissions you want the role to have, and deselect any you do not want the role to have.

  5. Select SAVE.

    Granting permissions
    Figure 2. Selecting the permissions for a custom role

Your custom role is saved and listed in the role options. You can create new users with this role, or update any user account to have this role.

Deleting a custom role

  • You cannot delete any pre-defined roles.

  • If there is an existing user with a custom role, that custom role cannot be deleted.

To delete a custom role:

  1. From the CloudBees Release Orchestration SaaS Home page, select Admin  User Management.

  2. Select Access Control from the left pane.

  3. Select the role to delete.

  4. Select the trash can icon.

  5. Select DELETE.

Your custom role is deleted.

To learn more about user accounts, refer to User accounts.
Introduction
User accounts