When you add a new user to your WAF-as-a-Service account, you assign them an Account Role. This role gives them certain permissions.
There are three default Account Roles. You cannot modify the default Roles.
- Administrator - Full access to all applications, functionality, and administrator management
- Manager - Full access to all applications and functionality, but cannot view or configure administrators or roles
- Executive - Full access to all applications and reports, but cannot configure other components. Users with the executive role can:
- Generate reports for the last 14 days and 30 days.
- Schedule reports, run the report, and download the report in PDF format.
- Read Only - Can view configurations and logs, but cannot make any changes
You can, however, define additional Roles on this page. These can be completely different Roles or can be slight changes to the default Roles. The Roles you create will become choices the Account Role menu when you add a user to your account. See Adding and Removing Users for details.
To create a new Role:
- Log into https://waas.barracudanetworks.com/ with your usual email and password.
- Navigate to Resources > Role Management.
- Click Add Role.
- Provide a Role Name and Description. These values will appear in the Account Role menu when you add a new user.
- Specify permissions that you want to grant or deny:
- Configuration Access – Select whether this Role has FullControl to configure existing applications, Read Only access, or no access.
- Logging and Report Access – Select whether this Role is able to read logs and reports on the Reports and Audit Log pages.
- Account Administration – Select whether this user has permission to create or modify accounts for other users, as described in Adding and Removing Users.
- Configure New Apps – Select whether this user can set up new applications in the system, as described in Getting Started.
- Schedule Reports – Select whether this user can schedule reports to run on the Reports page.
- All Applications – Select whether this Role has access to all applications in the system. If you want to limit access to only some applications, use the Specify Applications field below.
- Specify Applications – Select specific applications you want this user to be able to access. If you do not select an application here, the application will not appear in the Application list for this user.
- Click Add.
The new Role appears in the table on the Role Management page. Under the Actions column, you can edit the settings for that Role or remove a Role entirely. Note that you can view the default Roles, but you cannot edit or delete them.
To assign that Role to a user:
- Navigate to Resources > User Management.
- Follow the instructions described in Adding and Removing Users.
- For new users: Click AddUser and follow the steps described on the page.
- For established users: Locate the appropriate entry in the User Management table, then from the Actions menu, select Edit. Select the appropriate Role. Then click Save.