Bamboo Permissions Audit Report

I tried looking through the REST API Browser (and I unchecked public api only) for a way to expose the permissions given to a particular plan and could not find one. Not sure if there is a JSON-RPC api available to let me get this information or not...

Management wants me to make a spreadsheet of all IDs that have access to Bamboo, what role each ID has on each priviledged resource - and they also want to know the last login time (which I am not sure I can even get).

I know that there are cases where the permission is based on a group, and I can query Jira to get the group members... but I just dont want to go through thousands of plans individually on the web interface, that would take me a month to do.

Looking to see if anyone else had to do something similar and can share.

2 answers

1 accepted

0 votes
Accepted answer

web scraping is icky... but if worse comes to worse, I do have....

curl -k -u 'ausername:somepassword' https://my.bamboo.url/chain/admin/config/editChainPermissions.action?buildKey=MYBUILD-KEY | awk -F\" '/bambooPermission_/{ print $(NF - 1) }'

I don't want this to be the accepted answer... but just in case there is no better answer I wanted to put it out there for everyone else.

Currently scraping...

As a 3-year late suggestion - I'd add a 

| grep " checked "

before the awk to your solution.  Also, don't forget the Deploy side, too...

:) way to necromance :)  but yes, thats a valid comment

0 votes
Daniel Wester Community Champion Mar 03, 2014

I don't think this is exposed through REST. You could write a plugin for it but it might be kinda hairy...

There are 2 rest end points that can give you the projects/plans that you could always pipe into the above( If this is going to be a one-off - it might just be worth it go for the ugly...

Yeah, I saw it wasnt in rest, but that doesn't mean we cant use JSON-RPC... I learned at Summit 2013 that theres still a lot of things you can do with JSON-RPC that isnt in REST yet.

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted Tuesday in Statuspage

Introducing Statuspage Getting Started guides! First up: What is Statuspage?

Over the next several weeks we'll be sharing some of our Getting Started guides here in the community. Throughout this series of posts, we'd love to hear from customers and non-customers ab...

185 views 4 1
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you