Skip to main content

RoleLevel

Vasyl MartyniukLess than 1 minute

RoleLevel

Syntax

RoleLevel:<level>

  • The level must be a valid integer, typically between 0 and 10, however, you can define as many levels as needed.

Actions

  • List: Allows the current user to view roles with the highest level_n capability equal to the specified level.

Example

This policy will hide all roles where the highest level_n capability is 10 (usually the Administrator role).

{
    "Statement": {
        "Effect": "deny",
        "Resource": "RoleLevel:10",
        "Action": "List"
    }
}

Definition

Introduced in AAM 6.9.28, this resource replaces features from the deprecated "User Level Filter" service. It allows filtering out roles based on their highest assigned level_n capability.

The RoleLevel resource supports only the List action. If the effect is set to deny, roles with the highest level_n capability equal to the specified level will be hidden. For instance, the "Author" role with capabilities level_0, level_1, and level_2 has a highest access level of 2. The following policy will hide the "Author" role from the current user.

{
    "Statement": {
        "Effect": "deny",
        "Resource": "RoleLevel:2",
        "Action": "List"
    }
}
Virtual Assistant