1. F5 Distributed Cloud App Infrastructure Protection (AIP) Support
  2. Getting Started
  3. Introduction to Distributed Cloud AIP

Account Roles

Roles in F5 Distributed Cloud Console (F5XC)

To access F5 Distributed Cloud App Infrastructure Protection (AIP) via F5 Distributed Cloud Services (F5XC), you must be a tenant owner of at least one namespace OR have one of the following roles in the system namespace:

  • ves-io-monitor-role
  • ves-io-admin-role
  • ves-io-power-developer-role
  • f5xc-aip-admin
  • f5xc-aip-user
  • f5xc-aip-monitor

If you are not a tenant owner, you must also have one of the following roles in the default namespace OR any namespace associated with Distributed Cloud AIP:

  • f5xc-aip-admin
  • f5xc-aip-user
  • f5xc-aip-monitor

This role determines your role in Distributed Cloud AIP according to the following:

  • f5xc-aip-admin in F5XC becomes Owner in Distributed Cloud AIP

    Note

    Distributed Cloud AIP does not currently support multiple Owners for one organization. If an Owner already exists in your Distributed Cloud AIP organization, Distributed Cloud AIP provisions F5XC Admin accounts with the User role. If you are a tenant owner, then you automatically assume the role of f5xc-aip-admin, but the multiple Owner condition still applies.

    If you need to change the Owner of an organization, contact Support.

  • f5xc-aip-user in F5XC becomes User in Distributed Cloud AIP
  • f5xc-aip-monitor in F5XC becomes Reader in Distributed Cloud AIP

For more information about roles in F5XC, see Roles.

Important

Please ensure one of the above f5xc-aip roles is assigned to the default namespace. An AIP role must be assigned in order to provide access to the AIP application itself. For more information about namespaces, see Namespaces in F5XC and Distributed Cloud AIP.

Roles in Distributed Cloud AIP

Distributed Cloud AIP includes three possible roles for accounts in your organization. The permissions of each role below apply to both the Distributed Cloud AIP user interface (UI) and API:

  • Owner – The Owner role invites new users to your organization, assigns roles to accounts, and can manage, revoke, and remove accounts. The Owner also has the same permissions as the User and the Reader roles.
  • User – The User role can view, search, and edit all data entering Distributed Cloud AIP. The User can invite new users to your organization, but can only assign new users the User or Reader role, and cannot remove existing users' access.
  • Reader – The Reader role can view all data entering Distributed Cloud AIP, but cannot make any changes to the data.
Was this article helpful?
0 out of 0 found this helpful

Table of Contents

Related articles