Vserver
Role name
Application Programming Interface (API) to which the REST role has access
Access Level (none , readonly , read_create , read_modify , read_create_modify , or all )

Parameters

{ [-fields <fieldname>,…]

If you specify the -fields <fieldname>, … parameter, the command output also includes the specified field or fields. You can use '-fields ?' to display the fields to specify.

| [-instance ] }

If you specify the -instance parameter, the command displays detailed information about all fields.

[-vserver <vserver name>] - Vserver

Selects the REST roles that match this parameter value.

[-role <text>] - Role Name

Selects the REST roles that match this parameter value. If this parameter and the -api parameter are both used, the command displays detailed information about the specified REST access-control role.

[-api <text>] - API Path

Selects the REST roles that match this parameter value. If this parameter and the -role parameter are both used, the command displays detailed information about the specified REST access-control role. This API can be a resource-qualified endpoint. Currently, the only supported resource-qualified endpoints are the following:

Snapshots APIs
/api/storage/volumes/{volume.uuid}/snapshots
File System Analytics APIs
/api/storage/volumes/{volume.uuid}/files
/api/storage/volumes/{volume.uuid}/top-metrics/clients
/api/storage/volumes/{volume.uuid}/top-metrics/directories
/api/storage/volumes/{volume.uuid}/top-metrics/files
/api/storage/volumes/{volume.uuid}/top-metrics/users
/api/svm/svms/{svm.uuid}/top-metrics/clients
/api/svm/svms/{svm.uuid}/top-metrics/directories
/api/svm/svms/{svm.uuid}/top-metrics/files
/api/svm/svms/{svm.uuid}/top-metrics/users

In the above APIs, wildcard character * could be used in place of {volume.uuid} or {svm.uuid} to denote all volumes or all SVMs, depending upon whether the REST endpoint references volumes or SVMs.

[-access {none|readonly|read_create|read_modify|read_create_modify|all}] - Access Level

Selects the roles that match this parameter value.

Examples

The example below displays information about all REST access-control roles:

cluster1::> security login rest-role show
Role                            Access
      Vserver           Name            API             Level
      ----------        -------------   -----------     -----------
      vs                vsrole1         /api            none
      vs                vsrole1         /api/storage/volumes/f8a541b5-b68c-11ea-9581-005056bbabe6/files
                                                        all
      vs                vsrole1         /api/storage/volumes/f8a541b5-b68c-11ea-9581-005056bbabe6/snapshots
                                                        readonly
      vs                vsrole1         /api/storage/volumes/843b87f9-2f5e-11ec-9524-005056bb0bee/snapshots
                                                        read_create
      vs                vsrole1         /api/svm/svms/843b87f9-2f5e-11ec-9524-005056bb0bee/top-metrics/clients
                                                        read_create
      cluster1          readonly        /api/storage    none
      cluster1          custom          /api/cluster    read_modify
      cluster1          custom          /api/security/accounts
                                                        read_create_modify
      cluster1          custom          /api/storage/volumes/*/top-metrics/users
                                                        readonly
      cluster1          custom          /api/storage/volumes/*/snapshots
                                                        all
cluster1::>