Uploaded image for project: 'Bamboo'
  1. Bamboo
  2. BAM-14107

Restrict permissions to view artifacts of a build plan

    XMLWordPrintable

    Details

    • UIS:
      0
    • Support reference count:
      1
    • Feedback Policy:

      Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Description

      The context

      We have a large enterprise installation with hundreds of teams.

      It is useful for them to see the activity and details of other teams projects, so we leave the "view" permission active for all authenticated users.

      The Problem

      But now that we are using Bamboo 5 with Releases may teams are exposing full ear/war and properties files needed for deployments. Anyone who can authenticate to bamboo can also download all applications artifacts, some of which may be sensitive.

      The Desire

      Another permission level either globally or plan level (or artifact definition level) that would define additional restrictions to view/download artifacts from a build Plan.

      This would apply whether viewing the build plan, or trying to push a release from the related deployment project.

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            eddiewebb EddieW
            Votes:
            9 Vote for this issue
            Watchers:
            9 Start watching this issue

              Dates

              Created:
              Updated: