You want to change the privilege level of specific IOS commands

To reduce the privilege level of an enable command from 15 to 1, use the following command:

Router1#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#privilege exec level 1 show startup-config
Router1(config)#end
Router1#

You can also increase the privilege level of a level 1 command:

Router1#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#privilege exec level 15 show ip route
Router1(config)#privilege exec level 1 show ip
Router1(config)#privilege exec level 1 show
Router1(config)#end
Router1#

Notice that raising the privilege level of the show ip route command also increased the level of the show ip set of commands and all of the other show commands in the process. In this example, we lowered the show ip and show commands back to privilege 1 to ensure that all of the other show commands operated normally.

Cisco routers support sixteen privilege levels, ranging from zero to fifteen. By default, Cisco assigns commands to only three of these privilege levels: zero, user, and enable. There are five commands with privilege level zero: disable, enable, exit, help, and logout. The user level (privilege level 1) has a wide variety of commands available that cannot alter the router’s configuration. Enable mode (privilege level 15), by contrast, allows complete access to ...