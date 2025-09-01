On This Page
Role Based Access Control Commands
nv show system aaa role
Displays list of roles (user capabilities) and their groups.
Syntax Description
Default
History
25.02.3000
Example
GET https://<ip>/nvue_v1/system/aaa/role
nv show system aaa role monitor
nv show system aaa role <role-id>
nv set system aaa role <role-id> class <class-id>
nv show system aaa role <role-id>
Displays configuration of a role.
Syntax Description
role-id
The name of the role (i.e., admin, monitor)
Default
History
25.02.3000
Example
GET https://<ip>/nvue_v1/system/aaa/role/{role-id}
nv show system aaa role
nv set system aaa role <role-id> class <class-id>
admin—full administrative capabilities
monitor—read only capabilities, cannot change the running configuration
nv show system aaa class
Display all Classes configuration and state.
Syntax Description
Default
History
25.02.3000
Example
GET https://<ip>/nvue_v1/system/aaa/class
nv set system aaa class <class-id> command-path <command-path-id>
nv set system aaa class <class-id> action <arg>
nv show system aaa class <class-id>
Display configuration and state of a class.
Syntax description
class-id
The name of the class.
Default
History
25.02.3000
Example
GET https://<ip>/nvue_v1/system/aaa/class/{class-id}
nv set system aaa class <class-id> command-path <command-path-id>
nv set system aaa class <class-id> action <arg>
nv show system aaa class
nv show system aaa class <class-id> command-path [<command-path-id>]
Display configuration and state of a class command-paths.
Syntax description
class-id
The name of the class
command-path-id
The command path (e.g., /interface/eth0)
Default
History
25.02.3000
Example
GET https://<ip>/nvue_v1/system/aaa/class/{class-id}/command-path/{command-path-id}
nv set system aaa class <class-id> command-path <command-path-id>
nv set system aaa class <class-id> action <arg>
nv show system aaa class
nv set system aaa class <class-id> action <arg>
nv unset system aaa class <class-id> action
Set the action to be taken upon getting a match on the command paths.
Unset the action to be taken upon getting a match on the command paths.
Syntax Description
class-id
The name of the class
arg
The action to be taken upon getting a match on the command paths
enum: allow, deny
Default
action: allow
History
25.02.3000
Example
REST API
nv set system aaa class <class-id> command-path [<command-path-id>] [permission <permission>]
nv unset system aaa class <class-id> command-path [<command-path-id>] [permission]
Configure command paths for classes.
The unset form of the command clears command paths under classes.
Syntax Description
class-id
The name of the class
command-path-id
The command path (e.g., /interface/eth0)
permission
The permissions on the command path
enum: ro, rw, act, all
Default
permission: all
History
25.02.3000
Example
PATCH https://<ip>/nvue_v1/system/aaa/class/{class-id}/command-path/{command-path-id}
nv set system aaa class <class-id> action <arg>
nv unset system aaa class [<class-id>]
Clear class configuration.
Syntax Description
class-id
The name of the class
Default
History
25.02.3000
Example
PATCH https://<ip>/nvue_v1/system/aaa/class/{class-id}
nv set system aaa class <class-id> command-path <command-path-id>
nv set system aaa class <class-id> action
A class cannot be unset if it is a part of a role.
nv set system aaa role {<role-id> class <class-id>}
nv unset system aaa role {<role-id> class [<class-id>]}
Configure classes under role.
The unset form of the command clears classes under role.
Syntax Description
role-id
The name of the role
class-id
The name of the class
Default
History
25.02.3000
Example
PATCH https://<ip>/nvue_v1/system/aaa/role/{role-id}/class/{class-id}
nv set system aaa class <class-id> action <arg>
nv set system aaa class <class-id> command-path <command-path-id>
nv unset system aaa role <role-id>
Clear role's configuration.
Syntax Description
role-id
The name of the role
Default
History
25.02.3000
Example
PATCH https://<ip>/nvue_v1/system/aaa/role/{role-id}/
nv set system aaa role <role-id> class <class-id>
A role cannot be unset if it is a part of a user.