APIC-EM 1.3 seems to have introduced a new concept of device groups, illustrated in the attached image.
The default group is "All". Does this have any relationship with the RBAC Scope, the default value for which is also "All". In 1.2, the RABAC scope was not actually implemented for the REST APIs. So, if the device group is the same as the RABAC scope, does this mean that the RBAC scope is now implemented.
Yes it does. This is the start of multi-tenancy. You define a device group and then allocate that device group to a user (Scope) (along with a role). The user can perform the role (POLICY_ADMIN, OBSERVER etc) on that group of devices (scope).
Refer the config guide Cisco Application Policy Infrastructure Controller Enterprise Module Configuration Guide, Release 1.3.x - Managing User…
Please sign in to leave a comment.