For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Philip_Street_2's avatar
Philip_Street_2
Icon for Nimbostratus rankNimbostratus
Feb 10, 2016

Read-only access to iControl REST API

We would like to have a scheduled background process to "scrape" configuration detail for all pools, nodes, monitors, virtual servers and iRules, into a structured format to be made available to our ...
devops
iControlREST
security
brad_11480's avatar
brad_11480
Icon for Nimbostratus rankNimbostratus
Jul 18, 2017

Do things change or get any better with version 12.x? Is it really that nearly impossible to setup a read-only user for the iControl REST API? Our users, other than the main admin account, are not local accounts. They are authenticated on a remote (ACS) server.

 

We need to provide API access for some groups who would like to check the status of resources. I know this will grow to providing users update access to certain objects, but starting with read-only would help a lot.

 

I defined a user as 'guest' role. I look at the structures and it appears to be defined like other accounts-- which seem to be full access.. But perhaps it is no access as that is how it seems to behave.

 

I would want to generate a token for this read-only user that could then be used.