Product Documentation

Configure roles

May 24, 2018

In NetScaler MAS, each role is bound to one or more access policies. You can define one-to-one, one-to-many, and many-to-many relationships between policies and roles. You can bind one role to multiple policies, and you can bind multiple roles to one policy.

For example, a role might be bound to two policies, with one policy defining access permissions for one feature and the other policy defining access permissions for another feature. One policy might grant permission to add NetScaler instances in NetScaler MAS, and the other policy might grant permission to create and deploy StyleBooks and to configure NetScaler instances.

When multiple policies define edit and read-only permissions for a single feature, the edit permissions have priority.

NetScaler MAS provides four predefined roles:

  • admin. Has access to all NetScaler MAS features. (This role is bound to adminpolicy.)
  • readonly. Has read-only access. (This role is bound to readonlypolicy.)
  • appAdmin. Has administrative access to only the application features in NetScaler MAS. (This role is bound to appAdminPolicy).
  • appReadonly.  Has read-only access to the application features. (This role is bound to appReadOnlyPolicy.)

Note: The predefined roles cannot be edited.

You can also create your own (user-defined) roles.

To create roles and assign policies to them

  1. In NetScaler MAS, navigate to System > User Administration > Roles.
  2. Click Add.
  3. In the Role Name field, enter the name of the role, and provide the description in the Role Description field (optional.)
  4. In the Policies section, add move one or more policies to the Configured list.
localized image

       5.  Click Create.