A user is an individual to whom you provide resources. You provide access to users for specific BIG-IQ® system functionality through authentication. You can associate a user with a specific role, or associate a user with a user group and then associate the group with a role.
A role is defined by its specific privileges. A user group is a group of individuals that have access to the same resources. When you associate a role with a user or user group, that user or user group is granted all of the role's corresponding privileges.
By default, the BIG-IQ® system provides the following default user types:
|Default user type||Default password||Access rights|
|admin||admin||This user type can access all aspects of the BIG-IQ system from the system's user interface.|
|root||default||This user has access to all aspects of the BIG-IQ system from the system's console command line.|
User types persist and are available after a BIG-IQ system failover.
When you initially license the BIG-IQ® system, it creates the following administrative roles with a default password.
As a system manager, you need a way to differentiate between users and to limit user privileges based on their responsibilities. To assist you, the BIG-IQ® system has created a default set of roles you can assign to a user. Roles persist and are available after a BIG-IQ system failover.
BIG-IQ® system ships with several standard roles, which you can assign to individual users.
|Administrator||Responsible for overall administration of all licensed aspects of the BIG-IQ system. These responsibilities include adding individual users, assigning roles, discovering BIG-IP® systems, installing updates, activating licenses, and configuring a BIG-IQ high availability (HA) configuration.|
|Tenant||A tenant is an entity that can consist of one or more users accessing resources
provided by an administrator. Responsibilities include: customizing and deploying
application templates, and monitoring the health statistics and performance of
applications and servers.
Note: The BIG-IQ system creates a new role when an administrator creates a new tenant. The connectors each tenant can access are specified when the tenant is created. The name of the new role is based on the tenant name. For example, creating a new tenant named headquarters-user, produces a new role named headquarters-user (Cloud Tenant).