Modify an existing Access Control Policy

To modify an existing API Access Control policy with the local management interface, use the API Access Control policies page.

Steps

1. In the appliance top menu, Web > API Access Control > Policies

2. Select the policy to edit from the list of displayed policies and click Edit.

3. Enter the name for the new policy in the Name field.

4. Add any new groups to the policy criteria by clicking the Add button in the groups toolbar. A new dialog box is shown.

   1. Select the new group from the drop-down list of all available groups.

   2. Click Save.

5. Click the Remove button to remove any groups by selecting the group in the groups list.

6. Add any new attributes to the policy criteria by clicking the Add button is the attributes toolbar. A new dialog is shown.

   1. Enter the attribute name in the Name field.

   2. Enter the attribute value in the Value field
   3. Multiple attributes can be combined together as a single attribute definition. They are combined using an OR condition.

      1. To add more attributes click the Add button.

      2. To delete an attribute click the Delete button.

   4. Once the attribute definition is correct, click the Save button.

7. Click the Remove button to remove any attributes by selecting the attribute in the attribute grids.

8. Click Save.
   • For the policy to allow access the user must be in at least one of the groups.
   • For the policy to allow access all of the separate attribute definitions must be met.

   • To view a list of all of the internal Verify Access operations that are run to create a new policy see the api_access_control.log as described in Audit the Verify Access operations performed when managing API Access Control components.

Parent topic: Manage Access Control Policies