Edit-Only Role
Users with the Edit-Only role can do the following:
Edit and save device configurations, including but not limited to objects, policies, rulesets, interfaces, VPN, etc.
Allow configuration changes that are made through the Read Configuration action.
Utilize the Change Request Management action.
Edit-Only users cannot do the following:
Deploy changes to a device or to multiple devices.
Discard staged changes or changes that are detected through OOB.
Upload AnyConnect Packages, or configure these settings.
Schedule or manually start image upgrades for devices.
Schedule or manually start a security database upgrade.
Manually switch between Snort 2 and Snort 3 versions.
Create a template.
Change the existing OOB Change settings.
Edit System Management settings.
Onboard devices.
Delete devices.
Delete VPN sessions or user sessions.
Create Security Cloud Control user records.
Change user role.