Role-based CLI allows you to configure a user (view) to only have access to particular commands on that device. Role-based CLI gives you more control over allowed commands and interfaces a user has versus Privilege Levels.

Role-based CLI has three different views – Root view, CLI view, and Superview.

Root – only user that can create views
CLI – commands allowed are added to created CLI views. 
•Multiple CLI views can be created for different levels of command access.
•Only commands in the view can be used.
Superview – Consists of CLI views
•You cannot add specific commands to a Superview.
•A CLI view can be a member of multiple Superviews
•When a Superview is deleted its associated CLI view(s) aren’t deleted

Commands to configure Role-based CLI in a Cisco(r) router –
–Create a CLI view

 1.) Enable AAA
◦Aaa new-model  

2.)Login to Root view
◦enable view
◦Enter the privileged exec password  

3.) Create a CLI view
◦parser view view_name  

4.) Create CLI view password
◦secret password

5.) Assign commands to the view
◦Commands parser-mode [include | include-exclusive | exclude] [all] [interface interface_name]
command

Create a Superview

 1.) Create Superview
•Parser view view_name superview
•Secret password

 2.) Add CLI views to Superview
•View view_name