Cisco Catalyst SD-WAN User Management Guide, Releases 26.x and Later

PDF

RBAC for policies

Want to summarize with AI?

Log in

Guides users through managing RBAC for policies, covering concepts, configuration steps, and methods for modifying policy assignments to achieve granular access control.



RBAC for policies

RBAC for policies allows a user or user group to have selective read and write (RW) access to Cisco SD-WAN Manager policies.

From Cisco IOS XE Catalyst SD-WAN Release 17.6.1a and Cisco vManage Release 20.6.1, a user can perform these actions with read and write access:

  • For Cflowd policy: Configure Cflowd policy, but cannot configure application-aware routing policy.

  • For application aware routing (AAR) policy: Configure application-aware routing policy, but cannot configure other policies.

Note

This feature is only supported for centralized and localized policies, but not supported for security policies.


Configure RBAC for policies

From Cisco IOS XE Catalyst SD-WAN Release 17.6.1a and Cisco vManage Release 20.6.1, you can configure required access for policies.

Procedure

1.

Create user groups with required read or write access to selected control or data policies.

For information about managing user group permissions, refer to Manage user group permissions.

2.

Create users and assign them to required user groups. .

Refer to Add user.
3.

Create or modify or view policy configurations as required.

For information about configuring policies, see Configure Centralized Policies Using Cisco SD-WAN Manager.


Modify policy configurations

FromCisco IOS XE Catalyst SD-WAN Release 17.6.1a and Cisco vManage Release 20.6.1, you can modify or update policy configurations as per your requirement.

Simply log in to Cisco SD-WAN Manager to view the user group components that are assigned to you and you can modify the policy configurations. For more details on configuring policies, see Cisco Catalyst SD-WAN Policies Configuration Guide