We are trying to meet our security recomendations and create roles for scripts that don't need to have super user privs
We created a user with network-operations rights so they could aaa delete users, however we wanted to re-use that user to read show alarms in the system, however it seems that the network-operations role can't run that command
(Controller) #show alarms
You do not have permission to execute this show command show alarms
However if I make a user as read-only they can issue that command but not a aaa delete.
Is there a listing of the rights each of the roles has?
root -- super user role
network-operations - Network operator role
read-only - Read only role
location-api-mgmt - Location API Management Role
I created an enhancement request to add the read rights of the read-only to network-operations role
It is idea number IN-00000529 (no idea how you can find that in the tool to vote on it)