Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Maarten_Sjouw
Champion
Champion

Read-Only account for Gaia API?

For the GAIA API we are trying to create a role that allows the users to only use show commands, but currently all we can get working is a user with the full admin role. In our case we are using TacAcs authentication and the role associated to this also needs to be assigned otherwise it will not work.

Any idea how to configure the role for a Read-Only API user?

Regards, Maarten
0 Kudos
7 Replies
Martin_Valenta
Advisor

MonitorRole doesn't work when attached to that user?
0 Kudos
Maarten_Sjouw
Champion
Champion

Nope.
Regards, Maarten
0 Kudos
Martin_Valenta
Advisor

Did you got some answer from TAC?
0 Kudos
Maarten_Sjouw
Champion
Champion

Did not open a case yet.
Regards, Maarten
0 Kudos
Maarten_Sjouw
Champion
Champion

@Tal_Martsiano would you like to comment on this?
Regards, Maarten
0 Kudos
Nick_Doropoulos
Advisor

Have you got a solution for this yet? I am very interested in setting up a similar account too.

Thanks.

0 Kudos
JozkoMrkvicka
Authority
Authority

You can create a new RBA role where only "show configuration" will be allowed. This is not related to API, but for GAIA permissions only.

 

add rba role show_only domain-type System readonly-features configuration
add rba user <AFFECTED_USER> roles show_only

 

Try to play with webUI and Roles there. Specify only commands you want to allow and simply flag it as "read only".

Kind regards,
Jozko Mrkvicka
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events