F5 Roles required for Catalog Items

Cirrus

Aug 07, 2025

Below is a list of all roles on our XC instance but its not always clear on which of these you need to be a member of for each tile

Web App & API Protection (my assumption is)

f5xc-waap (admin,user,monitor,report)

Multi-Cloud Network Connect (my assumption is)

f5xc-multi-cloud-network-connect (admin,user,monitor)

Multi-Cloud App Connect (my assumption is)

f5xc-multi-cloud-app-connect (admin,user,monitor)

Distributed Apps

f5xc-distributed-apps (admin,user,monitor)

DNS Management

f5xc-dns-management (admin,user,monitor)

Bot Defense

f5xc-bot-defense (admin,user,monitor,report)

Data Intelligence

f5xc-data-intelligence (admin,user,monitor)

Web App Scanning

f5xc-web-app-scanning (admin,user,monitor)

NGINX One

f5xc-nginx-one (admin,user,monitor)

BIG-IP Utilities

f5xc-big-ip-utilities (admin,user,monitor)

Content Delivery Network

f5xc-content-delivery-network (admin,user,monitor)

Universal ZTNA

f5xc-universal-ztna (admin,user,monitor)

Delegated Access

f5xc-delegated-access (admin,user,monitor)

Shared Configuration

not clear

Audit Logs & Alerts

not clear

Billing

not clear

Administration

not clear

So if the above is correct, then the following roles I'm not sure what they are for

f5xc-account-protection (admin,user,monitor)
f5xc-ai-assistant (monitor)
f5xc-aip (admin,user,monitor) (Disabled)
f5xc-all-ns-dashboard
f5xc-application-traffic-insight (admin,user,monitor)
f5xc-authentication-intelligence (admin,user,monitor)
f5xc-big-ip-apm (admin,user,monitor)
f5xc-client-side-defense (admin,user,monitor)
f5xc-console (admin,user,monitor)
f5xc-ddos-transit-services (admin,user,monitor)
f5xc-flow-collection (monitor)
f5xc-global-log-receiver (admin,user,monitor)
f5xc-managed-service-provider (admin,user,monitor)
f5xc-mobile-app-shield (admin,user,monitor)
f5xc-mobile-integrator (admin,user,monitor)
f5xc-msp-support (admin,user,monitor)
f5xc-observability (admin,user,monitor)
f5xc-scim (admin,user,monitor)
f5xc-synthetic-monitor (admin,user,monitor)
ves-io-billing-role
ves-io-default-role
ves-io-developer-monitor-role (Disabled)
ves-io-developer-role (Disabled)
ves-io-infra-admin-role (Disabled)
ves-io-monitor-role
ves-io-network-admin-role (Disabled)
ves-io-power-developer-role
ves-io-uam-admin-role
ves-io-uam-role (Disabled)
ves-io-volt-share-admin-role (Disabled)

Forum Discussion

F5 Roles required for Catalog Items

Recent Discussions

Help Needed: Tracking Unreachable Traffic and Public IPs in F5 XC

Two load balancers with one public IP + two types of SSL certificates (custom and automatic)

Question about healthchecks

High Availability and Load Balancing for Single-Node CE with multiple ISP uplinks

CORS with API calls

Related Content

Ansible - Upload Certificates requires Administrator Role?

Future-Proofing Kubernetes Routing: From Standard Ingress to Role-Based CRDs

iControl REST Fine-Grained Role Based Access Control

BIG-IQ Tenant Catalog Test

TACACS+ Remote Role Configuration for BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS