Jenkins Security

In Jenkins, you have the strength to set up users and their proper authorities on the Jenkins instance. By default, you will not want everyone to be able to define jobs or other administrative tasks in Jenkins. So Jenkins has the strength to have a defense contour in place.

To configure Security in Jenkins, follow the steps given below.

Step 1 − Click on Manage Jenkins and choose the ‘Configure Global Security’ option.

Configure Global Security

Step 2 − Click on Enable Security option. As an example, let’s assume that we want Jenkins to maintain its own database of users, so in the Security Realm, choose the option of ‘Jenkins’ own user database’.

By default you would want a central controller to define users in the system, hence ensure the ‘Allow users to sign up’ option is unselected. You can leave the rest as it is for now and click the Save button.
Enable Security Option

Step 3 − You will be prompted to add your first user. As an example, we are setting up an admin user for the system.

Admin User

Step 4 − It’s now time to set up your users in the system. Now when you go to Manage Jenkins and scroll down, you will see a ‘Manage Users’ option. Click this option.

Manage User

Step 5 − Just like you defined your admin user, start creating other users for the system. As an example, we are just creating another user called ‘user’.

User

Step 6 − Now it’s time to set up your authorizations, basically who has access to what. Go to Manage Jenkins → Configure Global Security.

Now in the Authorization section, click on ‘Matrix-based security’

Authorization Section

Step 7 − If you don’t see the user in the user group list, enter the user name and add it to the list. Then give the appropriate permissions to the user.

Click on the Save button once you have defined the relevant authorizations.

Your Jenkins security is now set up.

Note − For Windows AD authentication, one has to add the Active Directory plugin to Jenkins.