Retrieve information about security configured on the cluster
- PDF of this doc site
Collection of separate PDF docs
Creating your file...
GET /security
Introduced In: 9.7
Retrieves information about the security configured on the cluster.
Parameters
Name | Type | In | Required | Description |
---|---|---|---|---|
max_records |
integer |
query |
False |
Limit the number of records returned. |
return_records |
boolean |
query |
False |
The default is true for GET calls. When set to false, only the number of records is returned.
|
return_timeout |
integer |
query |
False |
The number of seconds to allow the call to execute before returning. When iterating over a collection, the default is 15 seconds. ONTAP returns earlier if either max records or the end of the collection is reached.
|
order_by |
array[string] |
query |
False |
Order results by specified fields and optional [asc |
desc] direction. Default direction is 'asc' for ascending. |
fields |
array[string] |
query |
False |
Response
Status: 200, Ok
Name | Type | Description |
---|---|---|
_links |
||
fips |
Cluster-wide Federal Information Processing Standards (FIPS) mode information. |
|
onboard_key_manager_configurable_status |
Indicates whether the Onboard Key Manager can be configured in the cluster. |
|
software_data_encryption |
Cluster-wide software data encryption related information. |
Example response
{
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"onboard_key_manager_configurable_status": {
"code": "65537300",
"message": "No platform support for volume encryption in following nodes - node1, node2."
}
}
Error
Status: Default, Error
Name | Type | Description |
---|---|---|
error |
Example error
{
"error": {
"arguments": [
{
"code": "string",
"message": "string"
}
],
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}
Definitions
See Definitions
href
Name | Type | Description |
---|---|---|
href |
string |
_links
Name | Type | Description |
---|---|---|
self |
fips
Cluster-wide Federal Information Processing Standards (FIPS) mode information.
Name | Type | Description |
---|---|---|
enabled |
boolean |
Indicates whether or not the software FIPS mode is enabled on the cluster. Our FIPS compliance involves configuring the use of only approved algorithms in applicable contexts (for example TLS), as well as the use of formally validated cryptographic module software implementations, where applicable. The US government documents concerning FIPS 140-2 outline the relevant security policies in detail. |
onboard_key_manager_configurable_status
Indicates whether the Onboard Key Manager can be configured in the cluster.
Name | Type | Description |
---|---|---|
code |
integer |
Code corresponding to the status message. Returns a 0 if the Onboard Key Manager can be configured in the cluster. |
message |
string |
Reason that Onboard Key Manager cannot be configured in the cluster. |
supported |
boolean |
Set to true if the Onboard Key Manager can be configured in the cluster. |
software_data_encryption
Cluster-wide software data encryption related information.
Name | Type | Description |
---|---|---|
conversion_enabled |
boolean |
Indicates whether or not software encryption conversion is enabled on the cluster. A PATCH request initiates the conversion of all non-encrypted metadata volumes in the cluster to encrypted metadata volumes and all non-NAE aggregates to NAE aggregates. For the PATCH request to start, the cluster must have either an Onboard or an external key manager set up and the aggregates should either be empty or have only metadata volumes. No data volumes should be present in any of the aggregates in the cluster. For MetroCluster configurations, a PATCH request enables conversion on all the aggregates and metadata volumes of both local and remote clusters and is not allowed when the MetroCluster is in switchover state. |
disabled_by_default |
boolean |
Indicates whether or not default software data at rest encryption is disabled on the cluster. |
error_arguments
Name | Type | Description |
---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
error
Name | Type | Description |
---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |