Skip to main content
REST API reference
A newer release of this product is available.

Retrieve the FPolicy configuration for an SVM

PDFs

GET /protocols/fpolicy/{svm.uuid}

Retrieves an FPolicy configuration of an SVM.

  • fpolicy show

  • fpolicy policy show

  • fpolicy policy scope show

  • fpolicy policy event show

  • fpolicy policy external-engine show

Learn more

Parameters

Name Type In Required Description

svm.uuid

string

path

True

UUID of the SVM to which this object belongs.

fields

array[string]

query

False

Specify the fields to return.

Response

Status: 200, Ok
Name Type Description

_links

_links

engines

array[fpolicy_engine]

events

array[fpolicy_event]

policies

array[fpolicy_policy]

svm

svm

SVM, applies only to SVM-scoped objects.
Example response 
{
  "_links": {
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "engines": [
    {
      "name": "fp_ex_eng",
      "port": 9876,
      "primary_servers": [
        "10.132.145.20",
        "10.140.101.109"
      ],
      "secondary_servers": [
        "10.132.145.20",
        "10.132.145.21"
      ],
      "type": "string"
    }
  ],
  "events": [
    {
      "name": "event_nfs_close",
      "protocol": "string"
    }
  ],
  "policies": [
    {
      "engine": {
        "_links": {
          "self": {
            "href": "/api/resourcelink"
          }
        },
        "name": "string"
      },
      "events": [
        "event_nfs_close",
        "event_open"
      ],
      "name": "fp_policy_1",
      "scope": {
        "exclude_export_policies": [
          "string"
        ],
        "exclude_extension": [
          "string"
        ],
        "exclude_shares": [
          "string"
        ],
        "exclude_volumes": [
          "vol1",
          "vol_svm1",
          "*"
        ],
        "include_export_policies": [
          "string"
        ],
        "include_extension": [
          "string"
        ],
        "include_shares": [
          "sh1",
          "share_cifs"
        ],
        "include_volumes": [
          "vol1",
          "vol_svm1"
        ]
      }
    }
  ],
  "svm": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "svm1",
    "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
  }
}

Error

Status: Default, Error
Name Type Description

error

error
Example error 
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name Type Description

href

string

_links

Name Type Description

self

href

fpolicy_engine

The engine defines how ONTAP makes and manages connections to external FPolicy servers.

Name Type Description

name

string

Specifies the name to assign to the external server configuration.

port

integer

Port number of the FPolicy server application.

primary_servers

array[string]

secondary_servers

array[string]

type

string

The notification mode determines what ONTAP does after sending notifications to FPolicy servers. The possible values are:

  • synchronous - After sending a notification, wait for a response from the FPolicy server.

  • asynchronous - After sending a notification, file request processing continues.

    • Default value: 1

    • enum: ["synchronous", "asynchronous"]

file_operations

Specifies the file operations for the FPolicy event. You must specify a valid protocol in the protocol parameter. The event will check the operations specified from all client requests using the protocol.

Name Type Description

close

boolean

File close operations

create

boolean

File create operations

create_dir

boolean

Directory create operations

delete

boolean

File delete operations

delete_dir

boolean

Directory delete operations

getattr

boolean

Get attribute operations

link

boolean

Link operations

lookup

boolean

Lookup operations

open

boolean

File open operations

read

boolean

File read operations

rename

boolean

File rename operations

rename_dir

boolean

Directory rename operations

setattr

boolean

Set attribute operations

symlink

boolean

Symbolic link operations

write

boolean

File write operations

filters

Specifies the list of filters for a given file operation for the specified protocol. When you specify the filters, you must specify the valid protocols and a valid file operations.

Name Type Description

close_with_modification

boolean

Filter the client request for close with modification.

close_with_read

boolean

Filter the client request for close with read.

close_without_modification

boolean

Filter the client request for close without modification.

exclude_directory

boolean

Filter the client requests for directory operations. When this filter is specified directory operations are not monitored.

first_read

boolean

Filter the client requests for the first-read.

first_write

boolean

Filter the client requests for the first-write.

monitor_ads

boolean

Filter the client request for alternate data stream.

offline_bit

boolean

Filter the client request for offline bit set. FPolicy server receives notification only when offline files are accessed.

open_with_delete_intent

boolean

Filter the client request for open with delete intent.

open_with_write_intent

boolean

Filter the client request for open with write intent.

setattr_with_access_time_change

boolean

Filter the client setattr requests for changing the access time of a file or directory.

setattr_with_allocation_size_change

boolean

Filter the client setattr requests for changing the allocation size of a file.

setattr_with_creation_time_change

boolean

Filter the client setattr requests for changing the creation time of a file or directory.

setattr_with_dacl_change

boolean

Filter the client setattr requests for changing dacl on a file or directory.

setattr_with_group_change

boolean

Filter the client setattr requests for changing group of a file or directory.

setattr_with_mode_change

boolean

Filter the client setattr requests for changing the mode bits on a file or directory.

setattr_with_modify_time_change

boolean

Filter the client setattr requests for changing the modification time of a file or directory.

setattr_with_owner_change

boolean

Filter the client setattr requests for changing owner of a file or directory.

setattr_with_sacl_change

boolean

Filter the client setattr requests for changing sacl on a file or directory.

setattr_with_size_change

boolean

Filter the client setattr requests for changing the size of a file.

write_with_size_change

boolean

Filter the client request for write with size change.

fpolicy_event

The information that a FPolicy process needs to determine what file access operations to monitor and for which of the monitored events notifications should be sent to the external FPolicy server.

Name Type Description

file_operations

file_operations

Specifies the file operations for the FPolicy event. You must specify a valid protocol in the protocol parameter. The event will check the operations specified from all client requests using the protocol.

filters

filters

Specifies the list of filters for a given file operation for the specified protocol. When you specify the filters, you must specify the valid protocols and a valid file operations.

name

string

Specifies the name of the FPolicy event.

protocol

string

Protocol for which event is created. If you specify protocol, then you must also specify a valid value for the file operation parameters. The value of this parameter must be one of the following:

  • cifs - for the CIFS protocol.

  • nfsv3 - for the NFSv3 protocol.

  • nfsv4 - for the NFSv4 protocol.

volume_monitoring

boolean

Specifies whether volume operation monitoring is required.

fpolicy_engine_reference

FPolicy external engine

Name Type Description

_links

_links

name

string

The name of the FPolicy external engine.

fpolicy_event_reference

FPolicy events

Name Type Description

_links

_links

name

string

scope

Name Type Description

exclude_export_policies

array[string]

exclude_extension

array[string]

exclude_shares

array[string]

exclude_volumes

array[string]

include_export_policies

array[string]

include_extension

array[string]

include_shares

array[string]

include_volumes

array[string]

fpolicy_policy

Name Type Description

enabled

boolean

Specifies if the policy is enabled on the SVM or not. If no value is mentioned for this field but priority is set, then this policy will be enabled.

engine

fpolicy_engine_reference

FPolicy external engine

events

array[fpolicy_event_reference]

mandatory

boolean

Specifies what action to take on a file access event in a case when all primary and secondary servers are down or no response is received from the FPolicy servers within a given timeout period. When this parameter is set to true, file access events will be denied under these circumstances.

name

string

Specifies the name of the policy.

priority

integer

Specifies the priority that is assigned to this policy.

scope

scope

svm

SVM, applies only to SVM-scoped objects.

Name Type Description

_links

_links

name

string

The name of the SVM.

uuid

string

The unique identifier of the SVM.

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.