Enable adminstration of data protection using the ONTAP REST API
Contributors
Suggest changes
PDFs
You can provide a user with limited data protection capabilities.
About this workflow
The traditional role created is defined with the following characteristics:
-
Able to create and delete snapshots as well as update SnapMirror relationships
-
Cannot create or modify higher level objects such as volumes or SVMs
HTTP method and endpoint
This REST API call uses the following method and endpoint.
| HTTP method | Path |
|---|---|
POST |
/api/security/roles |
Curl example
curl --request POST \
--location "https://$FQDN_IP/api/security/roles" \
--include \
--header "Accept: */*" \
--header "Authorization: Basic $BASIC_AUTH" \
--data @JSONinputJSON input example
{
"name": "role1",
"owner": {
"name": "cluster-1",
"uuid": "852d96be-f17c-11ec-9d19-005056bbad91"
},
"privileges": [
{"path": "volume snapshot create", "access": "all"},
{"path": "volume snapshot delete", "access": "all"},
{"path": "volume show", "access": "readonly"},
{"path": "vserver show", "access": "readonly"},
{"path": "snapmirror show", "access": "readonly"},
{"path": "snapmirror update", "access": "all"}
]
}