18-26
User
Guide

for

the

Cisco

Application

Networking

Manager

5.2
OL-26572-01
Chapter
18






Administering

the

Cisco

Application

Networking

Manager
Managing
User

Roles
Understanding
Predefined

Roles
You
must

have

one

of

the

predefined

roles

in

the

Admin

context

in

order

to

use

the

changeto

command,
which
allows

users

to

visit

other

contexts.

Non-admin/user

contexts

do

not

have

access

to

the

changeto
command;
they

can

only

visit

their

home

context.

Context

administrators,

who

have

access

to

multiple
contexts,
must

explicitly

log

in

to

other

contexts

to

which

they

have

access.
The
predefined

roles

and

their

default

privileges

are

defined

in

Ta

b

l

e


18-8 .

For

information

about
viewing
user

role

details,

see

the

“Displaying

User

Roles

and

Associated

Tasks

and

ANM

Menu
Privileges”
section

on

page

18-28 .

For

detailed

information

on

RBAC,

see

either

the

Cisco

Application
Control
Engine

Module

Virtualization

Configuration

Guide

or


the

Cisco

4700

Series

Application
Control
Engine

Appliance

Virtualization

Configuration

Guide.
Ta
b

l

e


18-8
ANM
Predefined

Role

Tasks
Predefined
Role
Description
Role
Tasks/Operation

Privileges
1
ACE-
A

d

m

i

n


Access
to

create

virtual

contexts

and

monitor

threshold
information.


View
Threshold


Create
Device

Events


Create
Virtual

Context+
ANM-Admin
Access
to

create

virtual

contexts

and

monitor

threshold
information.
Provides

access

to

all

features

and
functions.


Create
ANM

System


Create
ANM

User

Access


Create
VM

Mapping


Create
ANM

Inventory+
Network-Admin
Admin
for

L3

(I

P

and

Routes)

and

L4

VIPs


View
Threshold


Create
Device

Events


Create
Switch


Create
Routing


Create
Interface


Create
NAT


Create
Connection
Network-Monitor
Monitoring
for

all

features


View
ANM

Inventory+
Org-Admin
Access
to

create

role-based

access

control

and

import
and
update

device

data.


Create
ANM

User


Create
VM

Mapping


Create
ANM

Inventory+
Security-Admin
Security
features


Create
AAA


Modify
Int

erface


Create
NAT


Create
Inspect


Create
Connection