Forum Discussion
NimbostratusIs there anyway to create F5 User with only ASM module read-only access?
Dears,
I need to customize the Application Security Editor role to be read-only, i am wondering if this can customized locally or through remote authorization?
Please let me know if this is feasible?
Regards, Muhannad
Simon_BlakelyEmployee
You cannot customize user roles.
The closest option would be the Auditor role, which provides Read-Only access to all configuration options.
Muhannad_64809Dear Blakely,
Thanks for you answer, this role don't meet my requirements since it will have access to all partitions.
In my case i need to restrict the access to ASM only in specific partition, can this be implemented if i have used remote authorization?
Regards, Muhannad
- Simon_Blakely
Muhannad,
No - remote authorization just assigns a specific user role once the user is authenticated. It does not provide additional scope for more restrictive access controls.
samstepCirrocumulus
create a user with role: Guest and grant permissions to one partition only. The guest user will have read-only access to /Common and your chosen partition. There is no way of limiting that user to ASM menus only unfortunately.
- nathe
One option would be to make use of BIG-IQ. This has a Web App Security Viewer role. Also, in the latest version (5.4) F5 have introduced fine grained RBAC so you can select particular objects and assign particular rights.
N