iControl REST Fine-Grained Role Based Access Control

Introduction F5's role based access control (RBAC) mechanism allows a BIG-IP administrator to assign appropriate access privileges to the users (see Manual Chapter: User Roles). For example, with ...
Updated Jun 06, 2023
Version 2.0
BIG-IP
devops
iControlREST
Super-NetOps
StephanManthey's avatar
StephanManthey
Icon for MVP rankMVP
Jul 11, 2018

Hi Steve, what TMOS version are you testing on now? There are syntax errors in your user reference and in the resource section. The trailing semicolon after the link in "userReference" will probably result in a malformed JSON body error message. There is another trailing semicolon behind the selfLink in the resources of your role which should cause errors as well. When testing versus your defined role please make sure to use the exact same path syntax. Your role will allow to send a 

GET
request for 
/mgmt/tm/ltm/virtual/DVWA-master-vip
only. It´s confusing me, that your role contains both references for 
localhost
and a specific IP host of 
192.168.203.11
. My list of steps as described above can be executed remotely (including the setup for the user) completely and so I did. You are using local authentication? Cheers, Stephan