security login rest-role modify
Suggest changes
PDFs
Modify a REST access control role
Availability: This command is available to cluster administrators at the admin privilege level.
Description
The security login rest-role modify command modifies a Representational State Transfer (REST) access-control role.
Parameters
-vserver <Vserver Name>- Vserver-
This optionally specifies the Vserver name associated with the REST role.
-role <text>- Role Name-
This specifies the REST role that is to be modified.
-api <text>- API Path-
This specifies the Application Programming Interface (API) to which the REST role has access. This API can be a resource-qualified endpoint. Currently, the only supported resource-qualified endpoints are
/api/storage/volumes/{volume.uuid}/snapshotsand/api/storage/volumes/*/snapshots.*is a wildcard character denotingallvolumes. [-access {none|readonly|all}]- Access Level-
This optionally specifies a new access level for the REST role. Possible access level settings are
none,readonlyandall. The default setting isall.
Examples
The following command modifies a REST access-control role with the role name readonly and the API /api/storage/volumes to have the access level readonly for Vserver vs.example.com :
cluster1::> security login rest-role modify -role readonly -api "/api/storage/volumes" -access readonly -vserver vs.example.com cluster1::>
The following command modifies a REST access-control role with the role name vs1_role and the resource-qualified endpoint /api/storage/volumes/*/snapshots to have the access level readonly for Vserver vs1.example.com :
cluster1::> security login rest-role modify -role vs1_role -api "/api/storage/volumes/*/snapshots" -access readonly -vserver vs1.example.com cluster1::>