Can we restrict the access to the "Manage Plugins" section in Manage Jenkins to certain people?

I want to restrict the access to “Manage Plugins” section without revoking the access to “Manage Jenkins” section in my team so that certain people are able to install plugins not all.

Is there any way I can do that?

I know that restricting the access to Manage Jenkins section could be a solution but other features wouldn’t be accessible in this way. So I am just looking for a way so that everyone’s not able to install plugins.

afaik there’s only 2 options

  1. Block it at the http level (use a reverse proxy between people <=> jenkins)
  2. Don’t give everyone admin access

Admins can do everything. The function is literrally hasPermission(perm) => isAdmin || user.hasPermission(perm)

I highly recommend configuration as code anyways, would allow you to make all your config editable, but only via SCM then people won’t need to access manage directly, and it’ll be auditable.


There’s a permission called ‘Manage’ which allows some configuration to be done on the system page and not plugins

1 Like