UserLevel
Less than 1 minute
Syntax
UserLevel:<level>
- The
levelhas to be a valid integer number (typically between 0 - 10)
Actions
List: Allows the current user to view or manage all users with specified access level.Edit: Allows the current user to edit all users with specified access level.Delete: Allows the current user to delete all users with specified access level.ChangePassword: Allows the current user to change or reset passwords for all users with specified access level.ChangeRoleorPromote: Allows the current user to change roles for all users with specified access level.
Example
The following policy restricts the ability to delete users that have access level 7:
{
"Statement": {
"Effect": "deny",
"Resource": "UserLevel:7",
"Action": [
"Delete"
]
}
}
Definition
The UserLevel resource is useful for defining access controls for certain user access level. For example, you may want to prevent privileged admin user from the ability to reset or change password for all users that have user access level 7 (typically users with the "Editor" role).
{
"Statement": {
"Effect": "deny",
"Resource": "UserLevel:7",
"Action": [
"ChangePassword"
]
}
}