Update an FPolicy configuration for an SVM
Suggest changes
PDFs
PATCH /protocols/fpolicy/{svm.uuid}/policies/{name}
Updates a particular FPolicy policy configuration for a specified SVM. PATCH can be used to enable or disable the policy. When enabling a policy, you must specify the policy priority. The policy priority of the policy is not required when disabling the policy. If the policy is enabled, the FPolicy policy engine cannot be modified.
Related ONTAP commands
-
fpolicy policy modify -
fpolicy policy scope modify -
fpolicy enable -
fpolicy disable
Learn more
Parameters
| Name | Type | In | Required | Description |
|---|---|---|---|---|
svm.uuid |
string |
path |
True |
UUID of the SVM to which this object belongs. |
name |
string |
path |
True |
Request Body
| Name | Type | Description |
|---|---|---|
enabled |
boolean |
Specifies if the policy is enabled on the SVM or not. If no value is mentioned for this field but priority is set, then this policy will be enabled. |
engine |
FPolicy external engine |
|
events |
array[fpolicy_event_reference] |
|
mandatory |
boolean |
Specifies what action to take on a file access event in a case when all primary and secondary servers are down or no response is received from the FPolicy servers within a given timeout period. When this parameter is set to true, file access events will be denied under these circumstances. |
priority |
integer |
Specifies the priority that is assigned to this policy. |
scope |
Example request
{
"engine": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "string"
},
"events": [
"event_nfs_close",
"event_open"
],
"scope": {
"exclude_export_policies": [
"string"
],
"exclude_extension": [
"string"
],
"exclude_shares": [
"string"
],
"exclude_volumes": [
"vol1",
"vol_svm1",
"*"
],
"include_export_policies": [
"string"
],
"include_extension": [
"string"
],
"include_shares": [
"sh1",
"share_cifs"
],
"include_volumes": [
"vol1",
"vol_svm1"
]
}
}Response
Status: 200, OkError
Status: DefaultONTAP Error Response Codes
| Error Code | Description |
|---|---|
9765026 |
The priority must be specified when enabling the FPolicy policy |
9765025 |
Cannot disable an FPolicy policy when the priority is specified |
9764899 |
Cannot modify an FPolicy engine when the policy is enabled |
9764899 |
Deletion of a cluster policy is not supported |
9764908 |
An FPolicy policy is already enabled |
9764907 |
An FPolicy policy is already disabled |
9765029 |
An FPolicy was modified but disable/enable failed as the policy is already disabled/enabled |
| Name | Type | Description |
|---|---|---|
error |
Example error
{
"error": {
"arguments": [
{
"code": "string",
"message": "string"
}
],
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}Definitions
See Definitions
href
| Name | Type | Description |
|---|---|---|
href |
string |
_links
| Name | Type | Description |
|---|---|---|
self |
fpolicy_engine_reference
FPolicy external engine
| Name | Type | Description |
|---|---|---|
_links |
||
name |
string |
The name of the FPolicy external engine. |
fpolicy_event_reference
FPolicy events
| Name | Type | Description |
|---|---|---|
_links |
||
name |
string |
scope
| Name | Type | Description |
|---|---|---|
exclude_export_policies |
array[string] |
|
exclude_extension |
array[string] |
|
exclude_shares |
array[string] |
|
exclude_volumes |
array[string] |
|
include_export_policies |
array[string] |
|
include_extension |
array[string] |
|
include_shares |
array[string] |
|
include_volumes |
array[string] |
fpolicy_policy
| Name | Type | Description |
|---|---|---|
enabled |
boolean |
Specifies if the policy is enabled on the SVM or not. If no value is mentioned for this field but priority is set, then this policy will be enabled. |
engine |
FPolicy external engine |
|
events |
array[fpolicy_event_reference] |
|
mandatory |
boolean |
Specifies what action to take on a file access event in a case when all primary and secondary servers are down or no response is received from the FPolicy servers within a given timeout period. When this parameter is set to true, file access events will be denied under these circumstances. |
priority |
integer |
Specifies the priority that is assigned to this policy. |
scope |
error_arguments
| Name | Type | Description |
|---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
error
| Name | Type | Description |
|---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |