Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

big-IQ custom role-type for web application firewall

Mollusk7796
Nimbostratus
Nimbostratus

‎17-May-2023 05:17

Dear all,

We want to allow our users to review, modify and deploy their web application firewall policy on the big-IQ.
The default roles do not allow for this; because they also allow the users to create and delete policy's.

I think this can be done by creating a custom Role Type, combined with the `Resource Group deployer` and a resource group containing only the WAF policy's they have access too.

I have created this role type:

Mollusk7796_0-1684325570854.png

Which does nearly everything I need, except that i get the following error when deploying:

Mollusk7796_1-1684325652267.png

Deployment does work when I combine the `Web App Security Manager` role with the `resource group deployer`. But then the user is also allowed to create new waf policies.


Does anybody know which permissions I am missing from the role type?

 

Labels:
0 Kudos
0 REPLIES 0
Copyright © 2023 Khoros, LLC