Pipeline Security
- Blake Westmoreland
Pipelines can define their own security model to allow fine-grained control over your Pipeline library
Global Permissions
Pipelines have 3 Global Permissions available:
Read - If a user has Read permission on a Pipeline they will be able to view all aspects of the Pipeline in the UI, including the Pipeline info, definition, roles, properties, variables, project groups, and security model.
Create - Create permission allows the user to create new Pipelines in FlexDeploy
Update/Delete - All aspects of the Pipeline can be updated. This includes the Pipeline definition, roles, properties, variables, project groups, and security. Users will also be able to delete Pipelines provided they are not in use.
Automatic Update Permission
Assigning Create permission will automatically apply Update/Delete permission.
Override Pipeline Permissions
When a new Pipeline is created, it will use the Global Permissions for Pipelines by default. Each Pipeline can define its own permissions by navigating to the Security tab of the Pipeline details and checking Override Global Read and Update Permissions.
Both Read and Update permissions can now be updated and saved as needed.
Overriding Permissions
When overriding permissions, note that you are fully overriding the Global Permissions for Read and Update. Should you override permissions and remove all Read groups then no groups (other than admins) will be able to view the Pipeline regardless of Global Permissions.
Bulk Updating Permissions
Should you wish to update the security of multiple Pipelines at once, you can do so via the Bulk Update Permissions menu item on the Pipeline List page.
This will launch a popup where you can select multiple Pipelines and apply the same permission changes across all of them.
- style