Hi everyone, I’m John. Today I’d like to introduce the ansible/jewel project.
What is Ansible Jewel?
Ansible Jewel is a centralized authentication, authorization, and proxy layer for Ansible services. Ansible Jewel intercepts user requests, authenticates them, and routes traffic to the appropriate Ansible service.
A brief introduction
Ansible Jewel performs web authentication via a pluggable Django framework (currently provided by the ansible/django-ansible-base project) with a Role-Based Access Control (RBAC) system to grant permissions for web requests.
Ansible Jewel then forwards user requests to Ansible services with signed JSON web tokens (JWT). This allows Ansible services to validate requests and control access based on user permissions that Jewel provides.
Ways to contribute
We’re excited to announce the ansible/jewel project. We welcome contributions of all kinds and have some suggestions for anyone looking to get involved:
- New authentication backends — SAML, OIDC, LDAP, and TACACS+ are some of the supported authentication methods that already exist; we’d love to see more
- Performance optimizations — proxy throughput, JWT validation, cache efficiency
- Documentation and examples — tutorials and deployment guides
- Bug reports and fixes — especially around edge cases in authentication flows
How to contribute
Check out our CONTRIBUTING.md to dive in and join us.
Useful links
- Forum: Jewel topics
- Source: Jewel repository