Limitations
A user can only be configured to one role.
You can give access to the
"command:write memory" deny
rule by saving your changes when logging out of your session.You cannot add the
default-security-group
rules to any other group.The command strings are not validated. You must provide a valid command string.
If you configure multiple interface policy rules, only the last entry is taken into effect. All other interface policy rules are ignored.
If you configure multiple VLAN policy rules, only the last entry is taken into effect. All other VLAN policy rules are ignored.
RBAC supports a maximum of 1000 rules per role, which equals to 64000 rules per system (1000 rules x 64 roles).