Configure Role-based Access Control

RBAC users for AmpCon

AmpCon offers role-based access control for various workflows. Roles with the following responsibilities are supported:

• Super User
• • Provides access to all AmpCon functions
  • Only role that can create new users
• Admin
  • Provides access to all AmpCon functions, including creating and maintaining templates
• Operator
  • Cannot change templates or AmpCon global settings
  • Can perform all switch-related config/deployment/lifecycle/SDN functions
• Read Only
  • Access to all display functions, including switch lists, alarms, and configs
  • The following operations are not allowed with Read-Only access:
    • Connect via SSH to switch, or change any AmpCon settings/configurations
    • Run any Lifecycle functions except display and Map View
    • Create/change Configs or Templates
    • Run License Audits

You can create users for performing AmpCon functions using the GUI and assign each user a specific role that provides the least privilege necessary to their job.

The following example shows the necessary steps for creating a Super User role. After you log into the GUI, navigate to Users -> Manage Users and click Add User as shown below:

 Create a new Super Admin user as shown below and click Create:

User login lock function

From v1.12.1, AmpCon support to manually lock user login or automatically lock user login if user failed to login 3 time in 5min with wrong passwords.

Manually lock / unlock user 

In Users > Manage Users, SuperAdmin user can check the lock / unlock status in right side table.

User can click "Unlock" button in right side "Operation" column if a user is locked.

User can click Lock" button in right side "Operation" column if user want to lock the user login for this user.