Configure Jenkins matrix authorization
NOTE: Matrix authorization is enabled by default for Bitnami Jenkins v2.57 and higher. The steps below need to be manually performed for versions prior to v2.57.
The Bitnami Jenkins Multi-Tier solution on Microsoft Azure now uses the Jenkins swarm plugin (and/or Jenkins matrix authorization) for connecting the slaves to the master. This improves the security of the Jenkins slave configuration.
Current installations of the Bitnami Jenkins Multi-Tier solution on Microsoft Azure can be updated by taking the following actions
- Create a new user account that can be used for administrative operations.
- Enable Jenkins matrix authorization
- Restrict the privileges for the existing administrative user account.
Follow the steps below:
Log in to Jenkins using the existing administrative user account credentials.
Navigate to the “Manage Jenkins -> Manage Users” page.
Select the “Create User” option.
Enter a username, password, name and email address to create a new user. This will become the new administrative user. In the image below, the user is named admin.
Save the new account.
Navigate to the “Manage Jenkins -> Configure Global Security” page.
In the “Access Control -> Authorization” section, select “Matrix-based security”.
In the “User/group to add” field below the matrix, enter the existing administrative user account and click “Add”.
Ensure that all privileges are disabled for this user except Overall (Read) and Agent (Build, Configure, Connect, Create, Delete, Disconnect).
In the “User/group to add” field below the matrix, enter the new administrative user account created above (in this example, admin).
Ensure that all privileges are enabled for this user.
The end result should look like the image below:
Click “Save” to save and apply the changes.
To verify your changes, log out of Jenkins and log back in as the newly-created administrative user. Run a job in a slave to ensure that everything is working correctly.