Create an export policy rule
POST /protocols/nfs/export-policies/{policy.id}/rules
Introduced In: 9.6
Creates an export policy rule.
Required properties
-
policy.id
- Existing export policy for which to create an export rule. -
clients.match
- List of clients (hostnames, ipaddresses, netgroups, domains) to which the export rule applies. -
ro_rule
- Used to specify the security type for read-only access to volumes that use the export rule. -
rw_rule
- Used to specify the security type for read-write access to volumes that use the export rule.
Default property values
If not specified in POST, the following default property values are assigned:
-
protocols
- any -
anonymous_user
- none -
superuser
- any -
allow_device_creation
- true -
ntfs_unix_security
- fail -
chown_mode
- restricted -
allow_suid
- true
Related ONTAP commands
-
vserver export-policy rule create
Learn more
Parameters
Name | Type | In | Required | Description |
---|---|---|---|---|
policy.id |
integer |
path |
True |
Export Policy ID |
return_records |
boolean |
query |
False |
The default is false. If set to true, the records are returned.
|
Request Body
Name | Type | Description |
---|---|---|
_links |
||
allow_device_creation |
boolean |
Specifies whether or not device creation is allowed. |
allow_suid |
boolean |
Specifies whether or not SetUID bits in SETATTR Op is to be honored. |
anonymous_user |
string |
User ID To Which Anonymous Users Are Mapped. |
chown_mode |
string |
Specifies who is authorized to change the ownership mode of a file. |
clients |
array[export_clients] |
Array of client matches |
index |
integer |
Index of the rule within the export policy. |
ntfs_unix_security |
string |
NTFS export UNIX security options. |
policy |
||
protocols |
array[string] |
|
ro_rule |
array[string] |
Authentication flavors that the read-only access rule governs |
rw_rule |
array[string] |
Authentication flavors that the read/write access rule governs |
superuser |
array[string] |
Authentication flavors that the superuser security type governs |
svm |
Example request
{
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"anonymous_user": "string",
"chown_mode": "string",
"clients": [
{
"match": "0.0.0.0/0"
}
],
"index": 0,
"ntfs_unix_security": "string",
"policy": {
"name": "string"
},
"protocols": [
"string"
],
"ro_rule": [
"string"
],
"rw_rule": [
"string"
],
"superuser": [
"string"
],
"svm": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
}
}
Response
Status: 201, Created
Name | Type | Description |
---|---|---|
_links |
||
num_records |
integer |
Number of Export Rule records |
records |
array[export_rule] |
Example response
{
"_links": {
"next": {
"href": "/api/resourcelink"
},
"self": {
"href": "/api/resourcelink"
}
},
"num_records": 1,
"records": [
{
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"anonymous_user": "string",
"chown_mode": "string",
"clients": [
{
"match": "0.0.0.0/0"
}
],
"index": 0,
"ntfs_unix_security": "string",
"policy": {
"name": "string"
},
"protocols": [
"string"
],
"ro_rule": [
"string"
],
"rw_rule": [
"string"
],
"superuser": [
"string"
],
"svm": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
}
}
]
}
Headers
Name | Description | Type |
---|---|---|
Location |
Useful for tracking the resource location |
string |
Error
Status: Default
ONTAP Error Response Codes
Error Code | Description |
---|---|
1703954 |
Export policy does not exist |
1704036 |
Invalid clientmatch: missing domain name |
1704037 |
Invalid clientmatch: missing network name |
1704038 |
Invalid clientmatch: missing netgroup name |
1704039 |
Invalid clientmatch |
1704040 |
Invalid clientmatch: address bytes masked out by netmask are non-zero |
1704041 |
Invalid clientmatch: address bytes masked to zero by netmask |
1704042 |
Invalid clientmatch: too many bits in netmask |
1704043 |
Invalid clientmatch: invalid netmask |
1704044 |
Invalid clientmatch: invalid characters in host name |
1704045 |
Invalid clientmatch: invalid characters in domain name |
1704050 |
Invalid clientmatch: clientmatch list contains a duplicate string. Duplicate strings in a clientmatch list are not supported |
1704051 |
Warning: Not adding any new strings to the clientmatch field for ruleindex. All of the match strings are already in the clientmatch list |
1704054 |
Invalid clientmatch: invalid characters in netgroup name. Valid characters for a netgroup name are 0-9, A-Z, a-z, ".", "_" and "-" |
1704064 |
Clientmatch host name too long |
1704065 |
Clientmatch domain name too long |
3277000 |
Upgrade all nodes to Data ONTAP 9.0.0 or above to use krb5p as a security flavor in export-policy rules |
3277083 |
User ID is not valid. Enter a value for User ID from 0 to 4294967295 |
Name | Type | Description |
---|---|---|
error |
Example error
{
"error": {
"arguments": [
{
"code": "string",
"message": "string"
}
],
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}
Definitions
See Definitions
href
Name | Type | Description |
---|---|---|
href |
string |
_links
Name | Type | Description |
---|---|---|
self |
export_clients
Name | Type | Description |
---|---|---|
match |
string |
Client Match Hostname, IP Address, Netgroup, or Domain. You can specify the match as a string value in any of the following formats:
|
policy
Name | Type | Description |
---|---|---|
id |
integer |
Export policy ID |
name |
string |
Export policy name |
svm
Name | Type | Description |
---|---|---|
_links |
||
name |
string |
The name of the SVM. |
uuid |
string |
The unique identifier of the SVM. |
export_rule
Name | Type | Description |
---|---|---|
_links |
||
allow_device_creation |
boolean |
Specifies whether or not device creation is allowed. |
allow_suid |
boolean |
Specifies whether or not SetUID bits in SETATTR Op is to be honored. |
anonymous_user |
string |
User ID To Which Anonymous Users Are Mapped. |
chown_mode |
string |
Specifies who is authorized to change the ownership mode of a file. |
clients |
array[export_clients] |
Array of client matches |
index |
integer |
Index of the rule within the export policy. |
ntfs_unix_security |
string |
NTFS export UNIX security options. |
policy |
||
protocols |
array[string] |
|
ro_rule |
array[string] |
Authentication flavors that the read-only access rule governs |
rw_rule |
array[string] |
Authentication flavors that the read/write access rule governs |
superuser |
array[string] |
Authentication flavors that the superuser security type governs |
svm |
_links
Name | Type | Description |
---|---|---|
next |
||
self |
error_arguments
Name | Type | Description |
---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
error
Name | Type | Description |
---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |