The cluster administrator can restrict a user's access to only a specified set of commands by creating a restricted access-control role and assigning it to a user.
You can manage access-control roles in the following ways:
- Creating an access-control role and specifying the command or command directory that the role's users can access.
- Controlling the level of access the role has for the command or command directory and specifying a query that applies to the command or command directory.
- Modifying an access-control role's access to a command or command directory.
- Displaying information about access-control roles, such as the role name, the command, or command directory that a role can access, the access level, and the query.
- Deleting an access-control role.
- Restricting a user's access to only a specified set of commands.
- Displaying Data ONTAP APIs and their corresponding CLI commands.