description: 'Given user in group "ops" and for adhoc commands and jobs matching "web/.*", then allow action [read,run] on nodes tagged 'www'.
context:
project: 'guitars-production'
for:
resource:
- allow: read
job:
- match:
group: 'web'
name: '.*'
allow: [run,read]
adhoc:
- allow: [read,run,kill]
node:
- match:
nodename: '.*'
allow: [read]
- contains:
tags: www
allow: [read,run]
by:
group: ops
---
description: Allow read access for guitars-production project.
context:
application: 'rundeck'
for:
resource:
- allow: [read]
project:
- match:
name: 'guitars-production'
allow: [read]
by:
group: ops