Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

user role with minimum amount of access for creating the icontrol user-id

newbie
Altostratus
Altostratus

‎15-Mar-2021 18:51

Hi,

we need to allow SolarWinds to access an F5 running BigIP version 12.1.3 via REST iControl API and since we don't want to use the admin user-id for that, we were wondering what would be the Role (Operator??) with the least amount of access that we could give to that user?

 

Thanks.

Labels:
0 Kudos
2 REPLIES 2

eey0re
Cirrostratus
Cirrostratus

‎15-Mar-2021 19:23

While iControl REST users have admin privileges by default, you can set up fine grained access control though it is a bit fiddly. You can create a custom "resource group" which defines all the REST endpoints (URIs) which the user will have access to and which operations (GET, POST, etc) which they will be allowed to perform.

 

Instructions for doing this are in the DevCentral article iControl REST Fine-Grained Role Based Access Control.

 

So to answer your question: the least privilege would be GET (read-only) of whichever few REST endpoints the user needs to be able to read from.

 

Going to bite my tongue about SolarWinds 😄

0 Kudos

newbie
Altostratus
Altostratus
In response to eey0re

‎16-Mar-2021 07:20

Thanks for your response...
0 Kudos
Copyright © 2023 Khoros, LLC