How to assign a permission to a custom role that is not available on the UI
search cancel

How to assign a permission to a custom role that is not available on the UI

book

Article ID: 432450

calendar_today

Updated On:

Products

VMware Avi Load Balancer

Issue/Introduction

Some permissions are not available on the UI to be assigned to a custom role. For Example: 'CSRF Policies', etc

Environment

All Environments

Cause

There are some permissions that cannot be assigned to a custom role from the UI.

For Example: You have created a custom role under the Administration>Accounts>Roles tab called 'CustomRole as shown below.
If you edit that role and scroll down to the 'Templatessection as shown below.

You would not see 'CSRF Policies' listed under the 'Templates' section that you would allow your user assigned this custom role the permission(view/read/write) to the 'CSRF Policies' tab as shown below: 

Resolution

You can add the permission for that particular role from the CLI using the following commands. In the below example, we are assigning csrfpolicy permission with write_access to the role, 'CustomRole'

[admin:10-x-x-x]: > configure role CustomRole
[admin:10-x-x-x]: role> privileges
[admin:10-x-x-x]: role:privileges> resource permission_csrfpolicy
[admin:10-x-x-x]: role:privileges> type write_access
[admin:10-x-x-x]: role:privileges> save
[admin:10-x-x-x]: role> save


You can specify the permission you want to assign to the custom role using the 'resource' option and the type of permission(read_access/write_access) using the 'type' option under the 'privileges' submode. 

Powered by Wolken Software