Skip to main content
A newer release of this product is available.

Protocols fpolicy svm.uuid policies endpoint overview

Contributors

Overview

The FPolicy policy acts as a container for different constituents of the FPolicy such as FPolicy events and the FPolicy engine. It also provides a platform for policy management functions, such as policy enabling and disabling. As part of FPolicy policy configuration, you can specifiy the name of policy, the SVM to which it belongs, the FPolicy events to monitor, the FPolicy engine to which the generated notifications are sent and the policy priority. FPolicy policy configuration also allows to you to configure the file access behaviour when the primary and secondary servers are down. Under such circumstances, if the "mandatory" field is set to true, file access is denied.

Each FPolicy policy is associated with a scope which allows you to restrain the scope of the policy to specified storage objects such as volume, shares and export or to a set of file extensions such as .txt, .jpeg. An FPolicy policy can be configured to send notifications, to the FPolicy server or for native file blocking which uses the file extension specified in the policy scope. An SVM can have multiple FPolicy policies which can be enabled or disabled independently of each other.

Examples

Creating an FPolicy policy

Use the following API to create an FPolicy policy configuration. Note that the return_records=true query parameter used to obtain the newly created entry in the response.


# The API:
POST /protocols/fpolicy/{svm.uuid}/policies

# The call:
curl -X POST "https://<mgmt-ip>/api/protocols/fpolicy/a00fac5d-0164-11e9-b64a-0050568eeb34/policies?return_records=true" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"engine\": { \"name\": \"engine1\" }, \"events\": [ { \"name\": \"cifs\" }, { \"name\": \"nfs\" } ], \"mandatory\": true, \"name\": \"FPolicy_policy_0\", \"scope\": { \"exclude_export_policies\": [ \"export_pol1\" ], \"exclude_extension\": [ \"txt\", \"png\" ], \"exclude_shares\": [ \"sh1\" ], \"exclude_volumes\": [ \"vol0\" ], \"include_export_policies\": [ \"export_pol10\" ], \"include_extension\": [ \"pdf\" ], \"include_shares\": [ \"sh2\", \"sh3\" ], \"include_volumes\": [ \"vol1\", \"vol2\" ] }}"

# The response:
{
"num_records": 1,
"records": [
  {
    "name": "FPolicy_policy_0",
    "events": [
      {
        "name": "cifs"
      },
      {
        "name": "nfs"
      }
      ],
    "engine": {
      "name": "engine1"
    },
    "scope": {
      "include_shares": [
        "sh2",
        "sh3"
      ],
      "exclude_shares": [
        "sh1"
      ],
      "include_volumes": [
        "vol1",
        "vol2"
      ],
      "exclude_volumes": [
        "vol0"
      ],
      "include_export_policies": [
        "export_pol10"
      ],
      "exclude_export_policies": [
        "export_pol1"
      ],
      "include_extension": [
        "pdf"
      ],
      "exclude_extension": [
        "txt",
        "png"
      ]
    },
    "mandatory": true
  }
]
}

Creating and enable an FPolicy policy


# The API:
POST /protocols/fpolicy/{svm.uuid}/policies

# The call:
curl -X POST "https://<mgmt-ip>/api/protocols/fpolicy/a00fac5d-0164-11e9-b64a-0050568eeb34/policies?return_records=true" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"priority\": 1, \"engine\": { \"name\": \"engine1\" }, \"events\": [ { \"name\": \"cifs\" }, { \"name\": \"nfs\" } ], \"mandatory\": true, \"name\": \"FPolicy_policy_on\", \"scope\": { \"exclude_export_policies\": [ \"export_pol1\" ], \"exclude_extension\": [ \"txt\", \"png\" ], \"exclude_shares\": [ \"sh1\" ], \"exclude_volumes\": [ \"vol0\" ], \"include_export_policies\": [ \"export_pol10\" ], \"include_extension\": [ \"pdf\" ], \"include_shares\": [ \"sh2\", \"sh3\" ], \"include_volumes\": [ \"vol1\", \"vol2\" ] }}"

# The response:
{
"num_records": 1,
"records": [
  {
   "name": "FPolicy_policy_0",
   "priority": 1,
   "events": [
     {
       "name": "cifs"
     },
     {
       "name": "nfs"
     }
   ],
   "engine": {
     "name": "engine1"
   },
   "scope": {
     "include_shares": [
       "sh2",
       "sh3"
     ],
     "exclude_shares": [
       "sh1"
     ],
     "include_volumes": [
       "vol1",
       "vol2"
     ],
     "exclude_volumes": [
       "vol0"
     ],
     "include_export_policies": [
       "export_pol10"
     ],
     "exclude_export_policies": [
       "export_pol1"
     ],
     "include_extension": [
       "pdf"
     ],
     "exclude_extension": [
       "txt",
       "png"
     ]
   },
   "mandatory": true
 }
 ]
}

Creating an FPolicy policy with the minimum required fields and a native engine


# The API:
POST /protocols/fpolicy/{svm.uuid}/policies

# The call:
curl -X POST "https://<mgmt-ip>/api/protocols/fpolicy/a00fac5d-0164-11e9-b64a-0050568eeb34/policies?return_records=true" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"events\": [ { \"name\": \"cifs\" }, { \"name\": \"nfs\" } ], \"name\": \"pol_minimum_fields\", \"scope\": { \"include_volumes\": [ \"vol1\", \"vol2\" ] }}"

# The response:
{
"num_records": 1,
"records": [
  {
    "name": "pol_minimum_fields",
    "events": [
      {
        "name": "cifs"
      },
      {
        "name": "nfs"
      }
    ],
    "scope": {
      "include_volumes": [
        "vol1",
        "vol2"
      ]
    }
  }
]
}

Retrieving all the FPolicy policy configurations for an SVM


# The API:
GET /protocols/fpolicy/{svm.uuid}/policies

# The call:
curl -X GET "https://<mgmt-ip>/api/protocols/fpolicy/a00fac5d-0164-11e9-b64a-0050568eeb34/policies?fields=*&return_records=true&return_timeout=15" -H "accept: application/json"

# The response:
{
"records": [
  {
    "svm": {
      "uuid": "a00fac5d-0164-11e9-b64a-0050568eeb34"
    },
    "name": "pol0",
    "enabled": false,
    "events": [
      {
        "name": "cifs"
      },
      {
        "name": "nfs"
      }
    ],
    "engine": {
      "name": "engine1"
    },
    "scope": {
      "include_shares": [
        "sh2",
        "sh3"
      ],
      "exclude_shares": [
        "sh1"
      ],
      "include_volumes": [
        "vol1",
        "vol2"
      ],
      "exclude_volumes": [
        "vol0"
      ],
      "include_export_policies": [
        "export_pol10"
      ],
      "exclude_export_policies": [
        "export_pol1"
      ],
      "include_extension": [
        "pdf"
      ],
      "exclude_extension": [
        "txt",
        "png"
      ]
    },
    "mandatory": true
  },
  {
    "svm": {
      "uuid": "a00fac5d-0164-11e9-b64a-0050568eeb34"
    },
    "name": "FPolicy_policy_on",
    "enabled": true,
    "priority": 1,
    "events": [
      {
        "name": "cifs"
      },
      {
        "name": "nfs"
      }
    ],
    "engine": {
      "name": "engine1"
    },
     "scope": {
      "include_shares": [
        "sh2",
        "sh3"
      ],
      "exclude_shares": [
        "sh1"
      ],
      "include_volumes": [
        "vol1",
        "vol2"
      ],
      "exclude_volumes": [
        "vol0"
      ],
      "include_export_policies": [
        "export_pol10"
      ],
      "exclude_export_policies": [
        "export_pol1"
      ],
      "include_extension": [
        "pdf"
      ],
      "exclude_extension": [
        "txt",
        "png"
      ]
    },
    "mandatory": true
  },
  {
    "svm": {
      "uuid": "a00fac5d-0164-11e9-b64a-0050568eeb34"
    },
    "name": "cluster_pol",
    "enabled": false,
    "events": [
      {
        "name": "cluster"
      }
    ],
    "engine": {
      "name": "native"
    },
    "mandatory": true
  },
  {
    "svm": {
      "uuid": "a00fac5d-0164-11e9-b64a-0050568eeb34"
    },
    "name": "pol_minimum_fields",
    "enabled": false,
    "events": [
      {
        "name": "cifs"
      },
      {
        "name": "nfs"
      }
    ],
    "engine": {
      "name": "native"
    },
    "scope": {
      "include_volumes": [
        "vol1",
        "vol2"
      ]
    },
    "mandatory": true
  }
],
"num_records": 4
}

Retrieving all of the FPolicy policy configurations for the FPolicy engine "engine1" for an SVM


# The API:
GET /protocols/fpolicy/{svm.uuid}/policies/{name}

# The call:
curl -X GET "https://<mgmt-ip>/api/protocols/fpolicy/a00fac5d-0164-11e9-b64a-0050568eeb34/policies?engine.name=engine1&fields=*&return_records=true&return_timeout=15" -H "accept: application/json"

# The response:
{
"records": [
  {
    "svm": {
      "uuid": "a00fac5d-0164-11e9-b64a-0050568eeb34"
    },
    "name": "pol0",
    "enabled": false,
    "events": [
      {
        "name": "cifs"
      },
      {
        "name": "nfs"
      }
    ],
    "engine": {
      "name": "engine1"
    },
    "scope": {
      "include_export_policies": [
        "export_pol10"
      ],
      "exclude_export_policies": [
        "export_pol1"
      ],
      "include_extension": [
        "pdf"
      ],
      "exclude_extension": [
        "txt",
        "png"
      ]
    },
    "mandatory": true
  },
  {
    "svm": {
      "uuid": "a00fac5d-0164-11e9-b64a-0050568eeb34"
    },
    "name": "FPolicy_policy_on",
    "enabled": true,
    "priority": 1,
    "events": [
      {
        "name": "cifs"
      },
      {
        "name": "nfs"
      }
    ],
    "engine": {
      "name": "engine1"
    },
    "scope": {
      "include_shares": [
        "sh2",
        "sh3"
      ],
      "exclude_shares": [
        "sh1"
      ],
      "include_volumes": [
        "vol1",
        "vol2"
      ],
      "exclude_volumes": [
        "vol0"
      ],
      "include_export_policies": [
        "export_pol10"
      ],
      "exclude_export_policies": [
        "export_pol1"
      ],
      "include_extension": [
        "pdf"
      ],
      "exclude_extension": [
        "txt",
        "png"
      ]
    },
    "mandatory": true
  }
],
"num_records": 2
}

Retrieving a particular FPolicy policy configuration for an SVM


# The API:
GET /protocols/fpolicy/{svm.uuid}/policies/{name}

# The call:
curl -X GET "https://<mgmt-ip>/api/protocols/fpolicy/a00fac5d-0164-11e9-b64a-0050568eeb34/policies/pol0" -H "accept: application/json"

# The response:
{
"svm": {
  "uuid": "a00fac5d-0164-11e9-b64a-0050568eeb34"
},
"name": "pol0",
"enabled": false,
"events": [
  {
    "name": "cifs"
  },
  {
    "name": "nfs"
  }
],
"engine": {
  "name": "engine1"
},
"scope": {
  "include_shares": [
    "sh2",
    "sh3"
  ],
  "exclude_shares": [
    "sh1"
  ],
  "include_volumes": [
    "vol1",
    "vol2"
  ],
  "exclude_volumes": [
    "vol0"
  ],
  "include_export_policies": [
    "export_pol10"
  ],
  "exclude_export_policies": [
    "export_pol1"
  ],
  "include_extension": [
    "pdf"
  ],
  "exclude_extension": [
    "txt",
    "png"
  ]
},
"mandatory": true
}

Updating a particular FPolicy policy


# The API:
PATCH /protocols/fpolicy/{svm.uuid}/policies/{name}

# The call:
curl -X PATCH "https://<mgmt-ip>/api/protocols/fpolicy/a00fac5d-0164-11e9-b64a-0050568eeb34/policies/pol0" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"engine\": { \"name\": \"native\" }, \"events\": [ { \"name\": \"cifs\" } ], \"mandatory\": false, \"scope\": { \"include_volumes\": [ \"*\" ] }}"

Enabling a particular FPolicy policy


# The API:
PATCH /protocols/fpolicy/{svm.uuid}/policies/{name}

# The call:
curl -X PATCH "https://<mgmt-ip>/api/protocols/fpolicy/a00fac5d-0164-11e9-b64a-0050568eeb34/policies/pol0" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"enabled\": true, \"priority\": 3}"

Disabling a particular FPolicy policy


# The API:
PATCH /protocols/fpolicy/{svm.uuid}/policies/{name}

# The call:
curl -X PATCH "https://<mgmt-ip>/api/protocols/fpolicy/a00fac5d-0164-11e9-b64a-0050568eeb34/policies/pol0" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"enabled\": true }"