Hello,
is it possible to create a user role that permits or restricts access to a specific host object or a host object group?
I would be happy if that or a similar feature exists. 
Hi @lobr,
could you explain what exactly do you mean / want to archive?
Restrictions on Icinga2 - to do lookups via Icinga2-CLI (e.g. icinga2 object list)?
=> Mhmm … not really …
=> Edit / Add: Well you could see your usermanagement on your host / os as sort of it … sice you need shell access and rights to perform this kind of commands 
Restictions in Icinga2 by using API?
=> Yes there are: https://icinga.com/docs/icinga-2/latest/doc/12-icinga2-api/#icinga2-api-permissions
Restrictions in your IcingaWeb2 GUI?
=> Yes there are: https://icinga.com/docs/icinga-web-2/latest/doc/06-Security/#roles
BR,
Chris