Managing Resource

All the devices and objects that are configured within AppViewX are termed as Resources. The resource allows you to specify access at a granular level across all the devices and modules of AppViewX. Resources can be assigned to a user group. Users within a user group will inherit resources assigned to that group. User groups can be assigned more than a resource. To enforce authorization policies on object levels such as for devices, certificates, and sub-objects such as wide-IP, virtual server, and so on users can configure resources and restrict user access to specific resources by mapping the resources to the respective user groups.

Accessing the Resource Page

New Menu Old Menu
In the Platform module, from the navigation pane on the left, under IDENTITY, select Resource.

The Resource page is displayed, with all the resource listed with their Name, Description, and Status.

 From the main navigation menu, select Account > Resource.

The Resource page is displayed, with all the resource listed with their Name, Description, and Status.
For more information on how to switch between menus, click here.
Note: In the Resource Inventory for Device, Certificate, Workflow Studio, Workflow Request:
  • Delegated admins can view and manage only those resources created within their boundary.
  • Resources from other delegated groups or superior levels are not listed or accessible.
  • Resources assigned to the delegated admin can be shown as read only (to view and understand the permissions)
For more information, see RBAC Delegation.

Create a Resource

To create a resource:
  1. On the Resource page, from the top right corner of the screen, click (Add) icon.
    The Add page is displayed.
  2. The following table describes the options available on the Add page:
    Field Description
    * Name Enter the name of the resource.
    Description Enter a brief description of the resource and granular-level access associated with the resource. (You can enter a maximum of 255 words in the field.)
    *: Mandatory fields
  3. Click Save.
    The pop-up message is displayed as Resource added successfully.
  4. Click Access control to associate the required resources and to provide permission.
    The Access control tab lists the categories that can be controlled by RBAC using resources.
  5. From the List pane, select one of the required resources. The available resources are,
    1. Device (to filter and select the devices that need to be assigned to a resource, click the icon.)
    2. Code Signing
    3. Cloud
    4. ADC (to filter the ADC objects that need to be assigned to the resource, click the icon.)
    5. Workflow Studio
    6. Workflow Requests
    7. Reports
    8. Proxy List
    9. Application Security Policy
    10. SSH Infra Access Groups
    11. Certificate
    12. SSH Key Groups
    13. Credential Store
    14. Kube (To define consistent access control for your Kubernetes environment by tagging group clusters, namespaces, and permitted actions, click the icon.)
    Note: AppViewX is packaged with default certificate groups (Certificate-Gateway and Default).
    Attention: Administrators can create and manage ACLs for each PAM entry and assign the resources to necessary user groups. It allows for the creation of custom user resources with tailored permissions for PAM entries. Existing resources can be modified to include or exclude access to specific PAM entries. Permissions can be added from Menu > Platform > IDENTITY > Resource > +Add.
    The items of the selected resource is displayed on the right with a checkbox for each.
  6. To associate the items to the resource and assign permission, first select the checkbox, then
    1. Click R (Read-only) to assign read-only permissions.
    2. Click RW (Read and Write) to assign read and write permissions.
    Note: On clicking R or RW the item is associated with the resource. Provide RW (Read and Write) permission for the resource associate with the root user and R (Read-only) for others.
  7. Use regular expression (regex) to identify and associate the items to the resource:
    1. Enter the regex in the Search field. For example, enter CA in the search field and click R or RW to assign Read-only or Read and Write permission respectively.
    2. Click the Add as regex button. All the certificate groups that match the regex will auto associate to the resource with the relevant permission. For example, all the certificate groups with CA in their name, such as CA-Digicert, CA-Entrust, CA-Sectigo will auto associate to the resource with R read permission.
    3. One or more than one regex can be added.
      Note: The purpose of the regex is, the search string continues to work in the background and auto-associate all the new certificate groups to the resource when the certificate group matches the regex you created.
  8. Click Save.

Modify a Resource

To modify Read (R) and Read/Write (R/W) permissions of devices, device objects, certificate groups, provisioning requests, or provisioning templates associated with a resource, modify a resource.
  1. In the resource inventory, select the check box against the resource you want to modify.
    The options on the top menu are enabled.
  2. Click (Modify) icon.
    The Information tab is displayed.
  3. Click the Access control tab to add/ remove the items from the resource.
  4. Click the respective resource in the left pane.
    The list of items is displayed on the right with the checkboxes and the R or RW options enabled/disabled for the items .
    Note: You can also modify Read (R) and Read/Write (RW) permissions associated with a resource.
    Attention: Administrators can create and manage ACLs for each PAM entry and assign the resources to necessary user groups. It allows for the creation of custom user resources with tailored permissions for PAM entries. Existing resources can be modified to include or exclude access to specific PAM entries. Permissions can be added from Menu > Platform > IDENTITY > Resource > Click the resource name to modify it. .
  5. Select the check box against the items you want to add to associate the items to the resource OR if the checkbox is already selected, uncheck the item to remove the association.
    1. Click R (Read-only) to assign read-only permissions.
    2. Click RW (Read and Write) to assign read and write permissions.
  6. Click Save.

Delete a Resource

  1. In the resource inventory, select the check box against the resource you want to delete.
    The options on the top menu are enabled.
  2. Click the (Delete) icon.
    A confirmation pop-up window is displayed with Are you sure you want to delete? with the Yes and No buttons.
  3. Click Yes.
    The resource is deleted and a pop-up message is displayed Operation performed successfully.

Clone a Resource

Clone allows you to create an exact copy of an existing resource with all the access control permissions.
  1. In the resource inventory, select the check box against the resource you want to clone.
    The options on the top menu are enabled.
  2. Click the (Clone) icon.
    The Information tab is displayed.
  3. The following table describes the options available on the Cloning page:
    Field Description
    *Name Enter the name of the resource.
    Description Enter a brief description of the resource and granular-level access associated with the resource. (You can enter a maximum of 255 words in the field.)
    Note: The asterisk (*) symbol indicates a mandatory field.
  4. Click Save.
    The resource is cloned and a pop-up message is displayed as Resources has been cloned successfully.
  5. Click the Access control tab to add/remove the items from the resource.
  6. Click the respective resource in the left pane.
    The list of items is displayed on the right with the checkboxes and the R or RW options enabled/disabled for the items .
  7. Select the check box against the items you want to add to associate the items to the resource OR if the checkbox is already selected, uncheck the item to remove the association.
    1. Click R (Read-only) to assign read-only permissions.
    2. Click RW (Read and Write) to assign read and write permissions.
  8. Click Save.

Enable a Resource

  1. In the resource inventory, select the check box against the resource with Status as Disabled.
    The options on the top menu are enabled.
  2. Click the (Enable) icon.
    A confirmation pop-up window is displayed with Confirm enable with the Yes and No buttons.
  3. Click Yes.
    The resource is enabled and a confirmation message displays as Operation performed successfully.

Disable a Resource

  1. In the resource inventory, select the check box against the resource with Status as Enabled.
    The options on the top menu are enabled.
  2. Click the (Disable) icon.
    A confirmation pop-up window is displayed with Confirm disable with the Yes and No buttons.
  3. Click Yes.
    The resource is disabled and a confirmation message displays as Operation performed successfully.