Limited Access

Question

Is it possible to provide a limited access to a user on LTM. For ex i want to provide application owner full access to there own application pool , they should be able to bring members down , enable , disable .. I think atleast i can make one EXe with icontrol with pool name / user / passwd hard coded and once u execute it u will get access to only that pool .. ?

hoolio · Answer

In 9.4, there is role based administration  You can create a partition and add users, pools, VIPs, etc to the partition.  They wouldn't be able to modify objects outside their partition.  For details you can check the System and Mgmt Guide: 
&nbsp;  
&nbsp; 9.4.0-.1: https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip9_4mgmt/BIG_IP_9_4_nsm_guide-06-1.html?sr=852408 
&nbsp; 9.4.2+: https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip_nsm_guide_943.pdf.html/BIG-IP_Network_and_System_Management_Guide.pdf 
&nbsp;  
&nbsp; Your suggestion of using an iControl application to allow specific functionality against specific a pool would be more granular and locked down. 
&nbsp;  
&nbsp; Aaron

Forum Discussion

Limited Access

Recent Discussions

Big IP DNS Failover

AS3 Limitations

Diameter iRules attachment?

Help needed with iRule (connection closed log )

Use of SSL Decryption.

Related Content

How to limit some snmp mib access

Federated AWS Console Access Made Easy: F5 BIG-IP Access Policy Manager Access Guided Configurations

Rate Limiting based on ACCESS TOKEN (OAuth 2.0)

Access Troubleshooting: BIG-IP APM OIDC integration

F5 BIG-IP APM with Omnissa Workspace ONE Access

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS