Editing Authorizations for a Role (CLI)

A role is a collection of authorizations that can be assigned to a user. Use this procedure to add and delete authorizations for a role.

1. Go to configuration roles.
2. Enter select followed by the role name.
3. Enter authorizations.
4. Optional: Add authorizations for this role.

   See "Scopes, Filters, and Authorizations Available for Users and Roles" in User Authorizations.

   Iterate the following steps until you have added all of the authorizations that you want this role to have:

   1. Enter create.
   2. Enter set scope= followed by the scope name. Use tab-completion to see the list.
   3. Enter show to see available filters, if any, and authorizations.
   4. If a filter is available, set the filter value.

      Use tab-completion to see the list of possible filter values.

   5. Set to true all authorizations that you want to include in this role.
   6. Enter commit.
5. Optional: Delete authorizations for this role.

   For each authorization that you want to remove for this role, enter destroy and the name of the authorization.

   hostname:configuration roles rolename authorizations> destroy auth-001
   This will destroy "auth-001". Are you sure? (Y/N) y

6. Enter done and then enter done again.

Related Topics

• Understanding Users and Roles

• User Authorizations

• Managing User Properties