Retrieve an FPolicy configuration for an SVM

05/08/2024 Contributors

GET /protocols/fpolicy/{svm.uuid}/policies

Introduced In: 9.6

Retrieves the FPolicy policy configuration of an SVM. ONTAP allows the creation of a cluster level FPolicy policy that acts as a template for all the data SVMs belonging to the cluster. This cluster level FPolicy policy is also retrieved for the specified SVM.

fpolicy policy show
fpolicy policy scope show

Learn more

DOC /protocols/fpolicy/{svm.uuid}/policies

Parameters

Name	Type	In	Required	Description
mandatory	boolean	query	False	Filter by mandatory
events.name	string	query	False	Filter by events.name
enabled	boolean	query	False	Filter by enabled
scope.check_extensions_on_directories	boolean	query	False	Filter by scope.check_extensions_on_directories Introduced in: 9.11
scope.include_volumes	string	query	False	Filter by scope.include_volumes
scope.exclude_shares	string	query	False	Filter by scope.exclude_shares
scope.exclude_volumes	string	query	False	Filter by scope.exclude_volumes
scope.include_extension	string	query	False	Filter by scope.include_extension
scope.include_export_policies	string	query	False	Filter by scope.include_export_policies
scope.object_monitoring_with_no_extension	boolean	query	False	Filter by scope.object_monitoring_with_no_extension Introduced in: 9.11
scope.exclude_export_policies	string	query	False	Filter by scope.exclude_export_policies
scope.include_shares	string	query	False	Filter by scope.include_shares
scope.exclude_extension	string	query	False	Filter by scope.exclude_extension
name	string	query	False	Filter by name
passthrough_read	boolean	query	False	Filter by passthrough_read Introduced in: 9.10
engine.name	string	query	False	Filter by engine.name
privileged_user	string	query	False	Filter by privileged_user Introduced in: 9.10
priority	integer	query	False	Filter by priority Max value: 10 Min value: 1
svm.uuid	string	path	True	UUID of the SVM to which this object belongs.
fields	array[string]	query	False	Specify the fields to return.
max_records	integer	query	False	Limit the number of records returned.
return_records	boolean	query	False	The default is true for GET calls. When set to false, only the number of records is returned. Default value: 1
return_timeout	integer	query	False	The number of seconds to allow the call to execute before returning. When iterating over a collection, the default is 15 seconds. ONTAP returns earlier if either max records or the end of the collection is reached. Max value: 120 Min value: 0 Default value: 1
order_by	array[string]	query	False	Order results by specified fields and optional [asc

Name

Type

Required

Description

mandatory

boolean

query

False

Filter by mandatory

events.name

string

query

False

Filter by events.name

enabled

boolean

query

False

Filter by enabled

scope.check_extensions_on_directories

boolean

query

False

Filter by scope.check_extensions_on_directories

Introduced in: 9.11

scope.include_volumes

string

query

False

Filter by scope.include_volumes

scope.exclude_shares

string

query

False

Filter by scope.exclude_shares

scope.exclude_volumes

string

query

False

Filter by scope.exclude_volumes

scope.include_extension

string

query

False

Filter by scope.include_extension

scope.include_export_policies

string

query

False

Filter by scope.include_export_policies

scope.object_monitoring_with_no_extension

boolean

query

False

Filter by scope.object_monitoring_with_no_extension

Introduced in: 9.11

scope.exclude_export_policies

string

query

False

Filter by scope.exclude_export_policies

scope.include_shares

string

query

False

Filter by scope.include_shares

scope.exclude_extension

string

query

False

Filter by scope.exclude_extension

name

string

query

False

Filter by name

passthrough_read

boolean

query

False

Filter by passthrough_read

Introduced in: 9.10

engine.name

string

query

False

Filter by engine.name

privileged_user

string

query

False

Filter by privileged_user

Introduced in: 9.10

priority

integer

query

False

Filter by priority

Max value: 10
Min value: 1

svm.uuid

string

path

True

UUID of the SVM to which this object belongs.

fields

array[string]

query

False

Specify the fields to return.

max_records

integer

query

False

Limit the number of records returned.

return_records

boolean

query

False

The default is true for GET calls. When set to false, only the number of records is returned.

Default value: 1

return_timeout

integer

query

False

The number of seconds to allow the call to execute before returning. When iterating over a collection, the default is 15 seconds. ONTAP returns earlier if either max records or the end of the collection is reached.

Max value: 120
Min value: 0
Default value: 1

order_by

array[string]

query

False

Order results by specified fields and optional [asc

Response

Status: 200, Ok

Name	Type	Description
_links	_links
num_records	integer	Number of Records
records	array[fpolicy_policy]

Name

Type

Description

_links

num_records

integer

Number of Records

records

array[fpolicy_policy]

Example response

{
  "_links": {
    "next": {
      "href": "/api/resourcelink"
    },
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "records": {
    "engine": {
      "_links": {
        "self": {
          "href": "/api/resourcelink"
        }
      }
    },
    "events": [
      "event_nfs_close",
      "event_open"
    ],
    "name": "fp_policy_1",
    "privileged_user": "mydomain\\testuser",
    "scope": {
      "exclude_export_policies": {
      },
      "exclude_extension": {
      },
      "exclude_shares": {
      },
      "exclude_volumes": [
        "vol1",
        "vol_svm1",
        "*"
      ],
      "include_export_policies": {
      },
      "include_extension": {
      },
      "include_shares": [
        "sh1",
        "share_cifs"
      ],
      "include_volumes": [
        "vol1",
        "vol_svm1"
      ]
    },
    "svm": {
      "uuid": "string"
    }
  }
}

Error

Status: Default, Error

Name	Type	Description
error	error

Name

Type

Description

error

Example error

{
  "error": {
    "arguments": {
      "code": "string",
      "message": "string"
    },
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name	Type	Description
href	string

Name

Type

Description

href

string

_links

Name	Type	Description
next	href
self	href

Name

Type

Description

href

self

href

_links

Name	Type	Description
self	href

Name

Type

Description

self

href

fpolicy_engine_reference

FPolicy external engine

Name	Type	Description
_links	_links
name	string	The name of the FPolicy external engine.

Name

Type

Description

_links

name

string

The name of the FPolicy external engine.

fpolicy_event_reference

FPolicy events

Name	Type	Description
_links	_links
name	string

Name

Type

Description

_links

name

string

scope

Name	Type	Description
check_extensions_on_directories	boolean	Specifies whether the file name extension checks also apply to directory objects. If this parameter is set to true, the directory objects are subjected to the same extension checks as regular files. If this parameter is set to false, the directory names are not matched for extensions and notifications are sent for directories even if their name extensions do not match. Default is false.
exclude_export_policies	array[string]
exclude_extension	array[string]
exclude_shares	array[string]
exclude_volumes	array[string]
include_export_policies	array[string]
include_extension	array[string]
include_shares	array[string]
include_volumes	array[string]
object_monitoring_with_no_extension	boolean	Specifies whether the extension checks also apply to objects with no extension. If this parameter is set to true, all objects with or without extensions are monitored. Default is false.

Name

Type

Description

check_extensions_on_directories

boolean

Specifies whether the file name extension checks also apply to directory objects. If this parameter is set to true, the directory objects are subjected to the same extension checks as regular files. If this parameter is set to false, the directory names are not matched for extensions and notifications are sent for directories even if their name extensions do not match. Default is false.

exclude_export_policies

array[string]

exclude_extension

array[string]

exclude_shares

array[string]

exclude_volumes

array[string]

include_export_policies

array[string]

include_extension

array[string]

include_shares

array[string]

include_volumes

array[string]

object_monitoring_with_no_extension

boolean

Specifies whether the extension checks also apply to objects with no extension. If this parameter is set to true, all objects with or without extensions are monitored. Default is false.

svm

Name	Type	Description
uuid	string	SVM UUID

Name

Type

Description

uuid

string

SVM UUID

fpolicy_policy

Name	Type	Description
enabled	boolean	Specifies if the policy is enabled on the SVM or not. If no value is mentioned for this field but priority is set, then this policy will be enabled.
engine	fpolicy_engine_reference	FPolicy external engine
events	array[fpolicy_event_reference]
mandatory	boolean	Specifies what action to take on a file access event in a case when all primary and secondary servers are down or no response is received from the FPolicy servers within a given timeout period. When this parameter is set to true, file access events will be denied under these circumstances.
name	string	Specifies the name of the policy.
passthrough_read	boolean	Specifies whether passthrough-read should be allowed for FPolicy servers registered for the policy. Passthrough-read is a way to read data for offline files without restoring the files to primary storage. Offline files are files that have been moved to secondary storage.
priority	integer	Specifies the priority that is assigned to this policy.
privileged_user	string	Specifies the privileged user name for accessing files on the cluster using a separate data channel with privileged access. The input for this field should be in "domain\username" format.
scope	scope
svm	svm

Name

Type

Description

enabled

boolean

Specifies if the policy is enabled on the SVM or not. If no value is mentioned for this field but priority is set, then this policy will be enabled.

engine

fpolicy_engine_reference

FPolicy external engine

events

array[fpolicy_event_reference]

mandatory

boolean

Specifies what action to take on a file access event in a case when all primary and secondary servers are down or no response is received from the FPolicy servers within a given timeout period. When this parameter is set to true, file access events will be denied under these circumstances.

name

string

Specifies the name of the policy.

passthrough_read

boolean

Specifies whether passthrough-read should be allowed for FPolicy servers registered for the policy. Passthrough-read is a way to read data for offline files without restoring the files to primary storage. Offline files are files that have been moved to secondary storage.

priority

integer

Specifies the priority that is assigned to this policy.

privileged_user

string

Specifies the privileged user name for accessing files on the cluster using a separate data channel with privileged access. The input for this field should be in "domain\username" format.

scope

svm

error_arguments

Name	Type	Description
code	string	Argument code
message	string	Message argument

Name

Type

Description

code

string

Argument code

message

string

Message argument

error

Name	Type	Description
arguments	array[error_arguments]	Message arguments
code	string	Error code
message	string	Error message
target	string	The target parameter that caused the error.

Name

Type

Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.

Retrieve an FPolicy configuration for an SVM

Creating your file...

Related ONTAP commands

Learn more

Parameters

Response

Error

Definitions