we have a requirement where i have an default acl to be configured and further user shouldn’t be allowed to to modify or delete default acl.
if we using *init.xml it also calls the same hook where we are supposed to put restriction of modification .
we tried cdb apis , but cdb apis are not allowing to write data to CDB_RUNNING.
You have initial configuration with ACL in some init xml file.
You want to prevent user to delete this initial ACL configuration, is ti correct?
I think you may check NACM access rules or ConfD authorization callbacks (should be used only on limited set of configuration). See 14.6. Authorization in ConfD User guide.