Skip to main content

UserLevel

Vasyl MartyniukLess than 1 minute

Syntax

UserLevel:<level>

  • The level has to be a valid integer number (typically between 0 - 10)

Actions

  • List: Allows the current user to view or manage all users with specified access level.
  • Edit: Allows the current user to edit all users with specified access level.
  • Delete: Allows the current user to delete all users with specified access level.
  • ChangePassword: Allows the current user to change or reset passwords for all users with specified access level.
  • ChangeRole or Promote: Allows the current user to change roles for all users with specified access level.

Example

The following policy restricts the ability to delete users that have access level 7:

{
    "Statement": {
        "Effect": "deny",
        "Resource": "UserLevel:7",
        "Action": [
            "Delete"
        ]
    }
}

Definition

The UserLevel resource is useful for defining access controls for certain user access level. For example, you may want to prevent privileged admin user from the ability to reset or change password for all users that have user access level 7 (typically users with the "Editor" role).

{
    "Statement": {
        "Effect": "deny",
        "Resource": "UserLevel:7",
        "Action": [
            "ChangePassword"
        ]
    }
}
Virtual Assistant