RoleLevel
Less than 1 minute
RoleLevel
Syntax
RoleLevel:<level>
- The
level
must be a valid integer, typically between 0 and 10, however, you can define as many levels as needed.
Actions
List
: Allows the current user to view roles with the highestlevel_n
capability equal to the specifiedlevel
.
Example
This policy will hide all roles where the highest level_n
capability is 10 (usually the Administrator role).
{
"Statement": {
"Effect": "deny",
"Resource": "RoleLevel:10",
"Action": "List"
}
}
Definition
Introduced in AAM 6.9.28, this resource replaces features from the deprecated "User Level Filter" service. It allows filtering out roles based on their highest assigned level_n
capability.
The RoleLevel
resource supports only the List
action. If the effect is set to deny
, roles with the highest level_n
capability equal to the specified level will be hidden. For instance, the "Author" role with capabilities level_0
, level_1
, and level_2
has a highest access level of 2. The following policy will hide the "Author" role from the current user.
{
"Statement": {
"Effect": "deny",
"Resource": "RoleLevel:2",
"Action": "List"
}
}
Virtual Assistant