ConfD User Community

[NACM] Restrict access of list element

I would like to restrict the access of a list element if one of its non-key parameter has a specific value. Is this possible with NACM rules?

I tried with the following aaa config and it wasn’t worked for me.

Example aaa config part:

          <access-operations>create read update delete</access-operations>
          <access-operations>create read update delete</access-operations>

Corresponding YANG part:

      container list {
          list list-elem {
              key key-param;
              leaf key-param {
                  type string;
              leaf non-key-param {
                  type enumeration {
                      enum allowed;
                      enum restricted;

In the path element of the rule list, you can only use the key parameters to specify the specific instance of a list.

Thanks for the clarification!

Is there any other way to achieve the same ?

Hello, were you able to achieve this?
I’ve a similar requirement, where I want to restrict access to only one element of the list.
Say, in above data-model there are three list elements with key-param as abc, xyz, 123.
I want to write rule to give access only to element xyz and deny access to abc and 123.
Is this possible?
Appreciate any thoughts.