Rundeck Police User access only Project

ProjectPolicy.yml

description: Admin project level access control. Applies to resources within a specific project.
context:
  project: 'MyProjectName' # all projects
for:
  resource:
    - equals:
        kind: job
      allow: [run] # allow create jobs
    - equals:
        kind: node
      allow: [read,update,refresh] # allow refresh node sources
    - equals:
        kind: event
      allow: [read] # allow read/create events
  adhoc:
    - allow: [read,run,runAs,kill,killAs] # allow running/killing adhoc jobs
  job:
    - allow: [read,update,run,runAs,kill,killAs] # allow create/read/write/delete/run/kill of all jobs
  node:
    - allow: [read,run] # allow read/run for nodes
by:
  group: gmygroupname
  
---
description: Admin Application level access control, applies to creating/deleting projects, admin of user profiles, viewing projects and reading system information.
context:
  application: 'rundeck'
for:
  resource:
    - equals:
        kind: system
      allow: [read] # allow read of system info, enable/disable all executions
    - equals:
        kind: system_acl
      allow: [read] # allow modifying system ACL files
    - equals:
        kind: user
      allow: [admin] # allow modify user profiles
  project:
    - match:
        name: '.*'
      allow: [read] # allow full access of all projects or use 'admin'
  project_acl:
    - match:
        name: '.*'
      allow: [read] # allow modifying project-specific ACL files
  storage:
    - allow: [read] # allow access for /ssh-key/* storage content

by:
  group: gmygroupname