Profiles are used to deny or allow access to a hierarchical branch or specific commands.
The following example displays a local command authorization profile called ‟ghost” that is associated with a username ‟userA”:
A:ALA-1>config>system>security# info
----------------------------------------------
...
profile "ghost"
default-action permit-all
entry 1
match "configure"
action permit
exit
entry 2
match "configure service vprn <22>"
action read-only
exit
entry 3
match "show"
exit
entry 4
match "exit"
exit
exit
...
----------------------------------------------
A:ALA-1>config>system>security#
A:ALA-1>config>system>security# info
----------------------------------------------
...
user "userA"
...
console
member "ghost"
exit
...