Index  |  Top  -  Up Data ONTAP 8.3

security login role create

Add an access control role

Availability: This command is available to cluster administrators at the admin privilege level.

Description

The security login role create command creates an access-control role. An access-control role consists of a role name and a command or directory to which the role has access. It optionally includes an access level (none, readonly, or all) and a query that applies to the specified command or command directory. After you create an access-control role, you can apply it to a management-utility login account by using the security login modify or security login create commands.

Parameters

-vserver <vserver name> - Vserver

This optionally specifies the Vserver name associated with the role.

-role <text> - Role Name

This specifies the role that is to be created.

-cmddirname <text> - Command / Directory

This specifies the command or command directory to which the role has access. To specify the default setting, use the special value "DEFAULT".

[-access <Access>] - Access Level

This optionally specifies an access level for the role. Possible access level settings are none, readonly, and all. The default setting is all.

[-query <query>] - Query

This optionally specifies the object that the role is allowed to access. The query object must be applicable to the command or directory name specified by -cmddirname. The query object must be enclosed in double quotation marks (""), and it must be a valid field name.

Examples

The following command creates an access-control role named "admin" for the vs1.example.com Vserver. The role has all access to the "volume" command but only within the "aggr0" aggregate.
cluster1::> security login role create -role admin -cmddirname volume -query "-aggr aggr0" -access all -vserver vs1.example.com

See Also

security login modify   security login create  
Index  |  Top  -  Up Data ONTAP 8.3

Copyright © 1994-2015 NetApp, Inc. Legal Information