Bug ID 809429: Network_Security_Manager and Network_Security_Viewer roles don't have access to view Application Service on DDOS Protection Summary page

Last Modified: Aug 02, 2019

Bug Tracker

Affected Product:  See more info
BIG-IQ Monitoring - Dashboards & Reports(all modules)

Opened: Jul 25, 2019
Severity: 3-Major

Symptoms

If you grant a user the Network_Security_Manager or Network_Security_Viewer role, the user gets an access denied message when they try to view an application service.

Impact

User receives an access denied message, and is unable to view the details of the Application Service.

Conditions

User has access to Network_Security_Manager or Network_Security_Viewer roles, but not the underlying Application Service with AFM objects, and they try to view the Application Service under the DDoS Protection Summary page (Monitoring > DASHBOARDS > DDoS > Protection Summary > Protected Objects, then click on the Application Service).

Workaround

If you grant either <ApplicationService>_Viewer or <ApplicationService>_Manager role to the user, along with the Network_Security_Manager or Network_Security_Viewer role, they will be able to view the Application Service under the DDoS Protection Summary page.

Fix Information

None

Behavior Change