I would like to create a custom role on my ontap cluster so that that bringing offline or deleting volumes/luns will only be able to those who contain the words "clone" or "restore" (or both).
I started with the volume offline with restore combination - security login role create -role test -cmd "volume offline" -query "-volume *restore*"
I created a local user and assigned him this role, however when I log in the cluster shell I'm able to bring down any volume, whether it contains "restore" or not.
Any idea what am I missing?
In addition, what's the scope of the "query" parameter? what can it be used for?
there are a few examples on the internet but not enough.
can I use to limit every command?
NetApp Wins One Silver and One Bronze Stevie® Award in 2022 Stevie Awards for Sales and Customer Service
Live Chat, Watch Parties, and More!
Engage digitally throughout the sales process, from product discovery to conﬁguration, and handle all your post-purchase needs.