Bamboo Permissions Audit Report

I tried looking through the REST API Browser (and I unchecked public api only) for a way to expose the permissions given to a particular plan and could not find one. Not sure if there is a JSON-RPC api available to let me get this information or not...

Management wants me to make a spreadsheet of all IDs that have access to Bamboo, what role each ID has on each priviledged resource - and they also want to know the last login time (which I am not sure I can even get).

I know that there are cases where the permission is based on a group, and I can query Jira to get the group members... but I just dont want to go through thousands of plans individually on the web interface, that would take me a month to do.

Looking to see if anyone else had to do something similar and can share.

2 answers

1 accepted

web scraping is icky... but if worse comes to worse, I do have....

curl -k -u 'ausername:somepassword' https://my.bamboo.url/chain/admin/config/editChainPermissions.action?buildKey=MYBUILD-KEY | awk -F\" '/bambooPermission_/{ print $(NF - 1) }'

I don't want this to be the accepted answer... but just in case there is no better answer I wanted to put it out there for everyone else.

Currently scraping...

As a 3-year late suggestion - I'd add a 

| grep " checked "

before the awk to your solution.  Also, don't forget the Deploy side, too...

:) way to necromance :)  but yes, thats a valid comment

0 vote

I don't think this is exposed through REST. You could write a plugin for it but it might be kinda hairy...

There are 2 rest end points that can give you the projects/plans that you could always pipe into the above( https://docs.atlassian.com/bamboo/REST/5.0-SNAPSHOT/#d2e41). If this is going to be a one-off - it might just be worth it go for the ugly...

Yeah, I saw it wasnt in rest, but that doesn't mean we cant use JSON-RPC... I learned at Summit 2013 that theres still a lot of things you can do with JSON-RPC that isnt in REST yet.

Suggest an answer

Log in or Join to answer
Community showcase
Renan Battaglin
Published May 18, 2017 in Bamboo

FAQ: How to Upgrade Bamboo Server

Bamboo 5.9 will no longer be supported after June 12, 2017. What does this mean? As part of our End of Life policy, Atlassian supports major versions for two years after the first major iteratio...

1,096 views 0 5
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot