role-modify

This command modifies roles and access controls for a switch.

Syntax   role-modify

name name-string

Specify a name for the role.

scope [local|fabric]

Specify a scope for the role, either local or fabric.

Specify any of the following options:

access read-only|read-write

Specify the access type for the role. The default role is read-write.

running-config|no-running-config

Specify if a user with this the role can use the running-config-show command. You may want to limit which users can use running-config-show because the command can expose sensitive password information.

shell|no-shell

Specify if the user can access the shell.

sudo|no-sudo

Specify if the user can execute the sudo command from the shell.

Defaults   None.

Access   CLI

History   

Version 2.0

Command introduced.

Version 2.1

The parameter, name, added.

Version 2.6.0

The parameters, shell|no-shell, and sudo|no-sudo added.

Usage   In a multi-tenant environment, a switch or fabric can be divided into smaller logical segments known as virtual networks (VNETs) using role-based access control (RBAC). This command allows you to modify roles and access controls for the local switch or fabric.

Examples  To modify a role, from read-write to read-only, use the following command:

CLI network-admin@switch > role-modify local-admin access read-only

north
    keyboard_arrow_up
    keyboard_arrow_down
    description
    print
    feedback
    support
    business
    rss_feed
    south