AOS-CX 10.10 Security Guide Help Center
Local authorization
Authorization controls authenticated users command execution and switch interaction privileges. Local authorization uses role-based access control (RBAC) to provide role-based privilege levels plus optional user-defined local user groups with command execution rules. Authorization occurs only after successful authentication.
- Administrators have full command execution and switch interaction privilege.
- Operators are limited to the use of several nonsensitive show commands.
- Auditors are limited to a few auditing-related commands.
Optional per-command authorization is available through configuration of user-defined local user groups with command authorization rules applied to respective group members. see User-defined user groups .