Disabling commands

Commands can be disabled on a per-model basis. This is to protect the model from unintentional changes. This is accomplished through the use of the disable-command command with one of three progressively restrictive command groups:

  • destroy-model
  • remove-object
  • all

By disabling the destroy-model group, for instance, users lose the ability to destroy both the model and its controller. Specifying the remove-object group adds to these restrictions by disabling the removal of machines, relations, applications, and units. The all group disables the complete set of commands that can change the configuration of a model.

To give users an idea as to why a command is disabled, an optional message argument can be passed.

For example, to prevent execution of both the destroy-model and destroy-controller commands:

juju disable-command destroy-model "Check with SA before destruction."

If a user now attempts to destroy a protected model, they'd encounter an error similar to the following:

Destroying model
ERROR cannot destroy model: Check with SA before destruction.

destroy-model operation has been disabled for the current model.
To enable the command run

    juju enable-command destroy-model

Important: The --force option supported by some commands overrides disabled commands.

Re-enabling a command

To re-enable a command the enable-command is used.

For example, to restore the commands associated with the 'destroy-model' command group:

juju enable-command destroy-model

As usual, these actions are performed against the currently selected controller and model.

To list which commands have been disabled, use disabled-commands:

juju disabled-commands

This will output will list any group that's currently disabled:

Disabled commands  Message
all

Note: In some cases, the disable command will only take effect after the user has logged out of Juju (juju logout) and logged back in again (juju login).

Commands within each command group

destroy-model remove-object all
destroy-controller destroy-controller add-relation
destroy-model destroy-model add-unit
destroy-machine add-ssh-key
remove-machine add-user
remove-relation change-user-password
remove-application deploy
remove-unit disable-user
destroy-controller
destroy-model
enable-ha
enable-user
expose
import-ssh-key
remove-application
remove-machine
remove-relation
remove-ssh-key
remove-unit
resolved
retry-provisioning
run
config
set-constraints
model-config
sync-agent-binaries
unexpose
upgrade-charm
upgrade-model

© 2018 Canonical Ltd. Ubuntu and Canonical are registered trademarks of Canonical Ltd.