Forum Discussion

MW1's avatar
MW1
Icon for Cirrus rankCirrus
Apr 01, 2014

Limit icontrol/user access to specific virtual servers, pools

All, I ma sure this has been asked previously just I seem to be unable to locate a matching post.

 

Is there anyway to limit icontrol and/or user account access so it only has administrative access to specific virtual servers or pools?

 

The F5 is a shared resource amongst many different application teams, and we constantly asked to provide access for the application teams to be able to control pool membership (i.e. disable/re-enable members in a pool) however we do not want team A to be able to accidentally affect team B's pools/virtual servers.

 

APM
application delivery
devops
iControl
LTM
management
security

5 Replies

Sort By
  • John_Dunn_14596's avatar
    John_Dunn_14596
    Icon for Nimbostratus rankNimbostratus
    Aug 17, 2014

    If I may piggy back off this question. When using the REST interface, the only way to pass discovery is by using an administrative user account. This account type is not able to be tied to a specific administrative partition. Does iControl through REST support reduced permission access and partitioning?

     

  • IheartF5_45022's avatar
    IheartF5_45022
    Icon for Nacreous rankNacreous
    Aug 18, 2014

    Doh!! jdunn1000 I think you have resolved a problem I had been having with altering a datagroup via REST using a non-admin user - that explains it. Definitely this is something required!!

     

    • IheartF5_45022's avatar
      IheartF5_45022
      Icon for Nacreous rankNacreous
      Aug 18, 2014
      It might be worth starting a new thread for this so it goes to the top of the Ask page.