security login rest-role create

Add an access control REST role

Availability: This command is available to cluster administrators at the admin privilege level.


The security login rest-role create command creates an access-control role. An access-control role consists of a role name and a api to which the role has access. It optionally includes an access level (none, readonly, or all) for api. After you create an access-control role, you can apply it to a management-utility login account by using the security login modify or security login create commands.


-vserver <Vserver Name> - Vserver
This optionally specifies the Vserver name associated with the role.
-role <text> - Role Name
This specifies the role that is to be created.
-api <text> - api path
This specifies the api to which the role has access.
-access {none|readonly|all} - Access Level
This optionally specifies an access level for the role. Possible access level settings are none, readonly, and all. The default setting is all.


The following command creates an access-control role named "admin" for the Vserver. The role has all access to the api "/api/storage/volume" but only within the "aggr0" aggregate.
cluster1::> security login rest-role create -role admin -api /api/storage/volume  -access all -vserver