Bug ID 1018145: Firewall Manager user role is not allowed to configure/view protocol inspection profiles

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP AFM(all modules)

Fixed In:
16.1.1, 15.1.4

Opened: May 12, 2021

Severity: 3-Major

Symptoms

A user account with the "firewall-manager" role that is assigned permissions only to custom partitions will not be able to configure protocol inspection profiles.

Impact

Any user account without access to "/Common" partition is not allowed to configure protocol inspection profiles.

Conditions

-- A user account is created with the role firewall-manager. -- A custom partition is created. -- The newly created user is given access to the newly created partition.

Workaround

- If the user account is provided access to "/Common" partition as well, the user should be able to configure protocol-inspection profiles in the newly created custom partitions.

Fix Information

The permissions are granted for any non-admin user to configure protocol inspection profiles in a custom partition as long as they have access to "/Common" partition as well.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips