This topic reviews the different types of users who may install, configure, or use JFrog products in your organization. Various users may be involved in working with JFrog Artifactory and its suite of products.
User Types and Company Structure
There are many different types of users (personas) that install, interact with, and use Artifactory. However, its important to note that every company is unique in its architecture and these users may play different roles in installing and configuring Artifactory. For example, small startups only have a handful of employees. In this case, they may have a singe user that fulfills the range of roles, from DevOps responsible for installation and configuration to a developer who needs to connect their package manager to Artifactory, and even a security officer responsible for plugging Frogbot into the CI to scan builds for security issues.
On the other side of the spectrum you may work at a large enterprise, where instead of a single person fulfilling a single role like DevOps engineer, you may have an entire team, or even teams fulfilling that single role, being extremely specialized in what they do. So for example, you may have an entire team of DevOps engineers.
As a result, roles may overlap. The following table reviews the main user types of Artifactory:
User | Description |
|---|---|
DevOps | DevOps engineers are typically responsible for installing and configuring Artifactory. They may use the CLI to figure out what needs to be done, then wrap commands in scripts to make things more efficient both for their own operations and for the benefit of other users. |
Developer | Developers need to connect to Artifactory as part of their day-to-day work. Using Set me up to reconfigure their package manager to point to Artifactory after setup. Then JFrog scans both source code and packages, looking for vulnerabilities and then permitting or denying their ability to add a package to the code based on if its secure or not. |
Security Engineers | Security engineers may need to set up Frogbot (a Git bot) that scans Git repositories for security vulnerabilities. It scans both upon pull request to the specific repository as well as may run a periodic scan of the entire repository. It can additionally check license dependencies and handle secret detection. DevOps will typically help security engineers with initial installation/set up. |
CI/SDK DevOps | These are specialist DevOps engineers who work with the CI and may use the JFrog SDK to integrate Artifactory into the CI/CD process. |
Data Scientist | Data scientists are typically involved in the development and maintenance of machine learning models. JFrog Artifactory has built-in machine learning model management as part of package management in the software development lifecycle. |
Other - for example Compliance Officer, Technical Writer | There can be a variety of other Artifactory users. For example, you may need to provide limited access to a compliance officer as the result of an audit with an external agency that requires reviewing the audit trail of releases. Alternatively, your technical writer may review the results of Xray release bundle scans to confirm a specific CVE is fully resolved and can be reported as fixed in the release notes. |