What are the best practices for handling permissions and separating between different dev teams’ access to repositories?

Yonatan Brand
2018-10-18 08:19

Implementing the right and correct approach to handle your teams’ permissions are a must skill to any organization.
Knowing how to handle your teams’ permissions in Artifactory will allow you to:

  1. Restrict access to projects based on relevant teams.
  2. Prevent users from deleting / overwriting other teams files.
  3. Artifactory visibility – Each team see only its projects which prevent from seeing irrelevant projects.

An important key to create and handle permissions in Artifactory is a correct structuring and naming Artifactory repositories.
After implementing the repository naming convention in Artifactory you can start creating and dividing your users to groups in Artifactory.
Creating groups in Artifactory allows you to quickly and efficiently assign permissions to entire teams and save your time by not managing individuals (users).
The last piece of the puzzle, of handling permissions in the right way, is creating permission targets.
The best practice we recommend creating permission targets is for each team on a repository level.

Creating repositories for each team and providing permissions only for the necessary team makes your environment invulnerable and organized.