Provides step-by-step instructions for configuring RBAC for CFlowd policies, including creating user groups, defining policy users, and modifying CFlowd policy access.
Create a CFlowd user group
From Cisco IOS XE Catalyst SD-WAN Release 17.6.1a and Cisco vManage Release 20.6.1, you can create a CFlowd user group and assign users to modify a CFlowd data policy.
Procedure
| 1. | From Cisco SD-WAN Manager, choose . |
|
| 2. | Click User Groups and Add User Group. |
|
| 3. | Enter User Group Name. For example, cflowd-policy-only. |
|
| 4. | Check the Read or Write check box against the CFlowD Policy feature that you want to assign to a user group. |
|
| 5. | Click Add. You can view the new user group in the left navigation path. |
|
| 6. | Click Edit to edit the existing read or write rules. |
|
| 7. | Click Save. |
Create a CFlowd policy user
To modify a CFlowd policy, create a CFlowd policy user and assign it to the Cflowd policy user group.
Procedure
| 1. | From Cisco SD-WAN Manager menu, choose . |
|
| 2. | Click Users. |
|
| 3. | Click Add User. |
|
| 4. | In the Add New User page, enter Full Name, Username, Password, and Confirm Password details. |
|
| 5. | Choose cflowd-policy-only from the User Groups drop-down list. Allow the Scope to select the default scope. |
|
| 6. | Click Add. You can view the new user in the Users window. |
|
| 7. | To edit the existing read or write rules for a user, click Edit. |
Modify a CFlowd policy
You can modify CFlowd policies associated with the related CFlowd user group.
Procedure
| 1. | Log in to Cisco SD-WAN Manager with the CFlowd user credentials. You can access only CFlowd policies as your login is associated to cflowd-policy-only user group. |
|
| 2. | You can create, modify, or update the configurations based on your requirement. |