Changing User Role Interface Policies
Changing User Role Interface Policies
You can change a user role interface policy to limit the interfaces that the user can access. Specify a list of
interfaces that the role can access. You can specify it for as many interfaces as needed.
Procedure
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
The following example shows how to change a user role interface policy to limit the interfaces that the user
can access:
switch# configure terminal
switch(config)# role name UserB
switch(config-role)# interface policy deny
switch(config-role-interface)# permit interface ethernet 2/1
switch(config-role-interface)# permit interface vfc 30/1
Changing User Role VLAN Policies
You can change a user role VLAN policy to limit the VLANs that the user can access.
Cisco Nexus 5600 Series NX-OS System Management Configuration Guide, Release 7.x
80
Command or Action
switch# configure terminal
switch(config) # role name role-name
switch(config-role) # interface policy
deny
switch(config-role-interface) # permit
interface interface-list
switch(config-role-interface) # exit
switch(config-role) # show role
switch(config-role) # copy
running-config startup-config
Configuring User Accounts and RBAC
Purpose
Enters global configuration mode.
Specifies a user role and enters role configuration
mode.
Enters role interface policy configuration mode.
Specifies a list of interfaces that the role can access.
Repeat this command for as many interfaces as
needed.
For this command, you can specify Ethernet or
virtual Fibre Channel interfaces.
Exits role interface policy configuration mode.
(Optional)
Displays the role configuration.
(Optional)
Copies the running configuration to the startup
configuration.
OL-31641-01