Sonarqube Read Only Administrator

Hi,

I am using SonarQube Server Enterprise 10.8 in a Kubernetes cluster deployed via Helm Charts. It seems that administrator-level information, such as Users, Groups, Global Permissions, and User-Group associations, is only accessible to accounts with “Administer System” Permission. Additionally, there doesn’t seem to be a way to grant a user a specific combination of permissions that would allow them to have “Read-Only Admin” access. If an account is given Administrator privileges, it automatically has both read and write access to all information typically available to an Administrator. Is this correct?

Hey there.

This kind of permission doesn’t exist in SonarQube. An admin is an admin is an admin – although it should be noted that project permissions can be restricted from global admins (of course, they have the rights to restore those permissions).

However, it’s not possible to have an global admin user that can read Users, Groups, Global Permissions, and User-Group associations, but not alter them.