Skip to main content

Update a cloud target

Contributors

PATCH /cloud/targets/{uuid}

Introduced In: 9.6

Updates the cloud target specified by the UUID with the fields in the body. This request starts a job and returns a link to that job.

  • storage aggregate object-store config modify

Parameters

Name Type In Required Description

uuid

string

path

True

Cloud target UUID

ignore_warnings

boolean

query

False

Specifies whether or not warnings should be ignored.

check_only

boolean

query

False

Do not modify the configuration, only check that the PATCH request succeeds.

return_timeout

integer

query

False

The number of seconds to allow the call to execute before returning. When doing a POST, PATCH, or DELETE operation on a single record, the default is 0 seconds. This means that if an asynchronous operation is started, the server immediately returns HTTP code 202 (Accepted) along with a link to the job. If a non-zero value is specified for POST, PATCH, or DELETE operations, ONTAP waits that length of time to see if the job completes so it can return something other than 202.

  • Default value: 1

  • Max value: 120

  • Min value: 0

Request Body

Name Type Description

_links

_links

access_key

string

Access key ID for AWS_S3 and other S3 compatible provider types.

authentication_type

string

Authentication used to access the target. SnapMirror does not yet support CAP. Required in POST.

azure_account

string

Azure account

azure_private_key

string

Azure access key

azure_sas_token

string

Shared access signature token to access Azure containers and blobs.

cap_url

string

This parameter is available only when auth-type is CAP. It specifies a full URL of the request to a CAP server for retrieving temporary credentials (access-key, secret-pasword, and session token) for accessing the object store.

certificate_validation_enabled

boolean

Is SSL/TLS certificate validation enabled? The default value is true. This can only be modified for SGWS, IBM_COS, and ONTAP_S3 provider types.

  • Introduced in: 9.6

  • x-nullable: true

cluster

cluster

container

string

Data bucket/container name. For FabricLink, a wildcard character "*" can also be specified to indicate that all the buckets in an SVM can use the same target information. However, for containers other than ONTAP, an exact name should be specified.

  • example: bucket1

  • Introduced in: 9.6

  • readCreate: 1

  • x-nullable: true

ipspace

ipspace

IPspace to use in order to reach the cloud target.

name

string

Cloud target name

owner

string

Owner of the target. Allowed values are FabricPool, SnapMirror or S3_SnapMirror. A target can be used by only one feature.

port

integer

Port number of the object store that ONTAP uses when establishing a connection. Required in POST.

  • Introduced in: 9.6

  • x-nullable: true

provider_type

string

Type of cloud provider. Allowed values depend on owner type. For FabricPool, AliCloud, AWS_S3, Azure_Cloud, GoogleCloud, IBM_COS, SGWS, and ONTAP_S3 are allowed. For SnapMirror, the valid values are AWS_S3 or SGWS. For FabricLink, AWS_S3, SGWS, S3_Compatible, S3EMU, LOOPBACK and ONTAP_S3 are allowed.

  • Introduced in: 9.6

  • readCreate: 1

  • x-nullable: true

read_latency_warning_threshold

integer

The warning threshold for read latency that is used to determine when an alert ems for a read operation from an object store should be issued.

scope

string

If the cloud target is owned by a data SVM, then the scope is set to svm. Otherwise it will be set to cluster.

secret_password

string

Secret access key for AWS_S3 and other S3 compatible provider types.

server

string

Fully qualified domain name of the object store server. Required on POST. For Amazon S3, server name must be an AWS regional endpoint in the format s3.amazonaws.com or s3-.amazonaws.com, for example, s3-us-west-2.amazonaws.com. The region of the server and the bucket must match. For Azure, if the server is a "blob.core.windows.net" or a "blob.core.usgovcloudapi.net", then a value of azure-account followed by a period is added in front of the server.

server_side_encryption

string

Encryption of data at rest by the object store server for AWS_S3 and other S3 compatible provider types. This is an advanced property. In most cases it is best not to change default value of "sse_s3" for object store servers which support SSE-S3 encryption. The encryption is in addition to any encryption done by ONTAP at a volume or at an aggregate level. Note that changing this option does not change encryption of data which already exist in the object store.

  • enum: ["none", "sse_s3"]

  • Introduced in: 9.7

  • x-nullable: true

snapmirror_use

string

Use of the cloud target by SnapMirror.

ssl_enabled

boolean

SSL/HTTPS enabled or not

svm

svm

This field is only applicable when used for SnapMirror and FabricLink. For POST and PATCH, SVM information is required for SnapMirror and FabricLink targets and not allowed for FabricPool targets.

url_style

string

URL style used to access S3 bucket.

use_http_proxy

boolean

Use HTTP proxy when connecting to the object store.

used

integer

The amount of cloud space used by all the aggregates attached to the target, in bytes. This field is only populated for FabricPool targets. The value is recalculated once every 5 minutes.

uuid

string

Cloud target UUID

Example request
{
  "_links": {
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "access_key": "string",
  "authentication_type": "string",
  "azure_account": "string",
  "azure_private_key": "string",
  "azure_sas_token": "string",
  "cap_url": "https://123.45.67.89:1234/CAP/api/v1/credentials?agency=myagency&mission=mymission&role=myrole",
  "cluster": {
    "name": "string",
    "uuid": "string"
  },
  "container": "bucket1",
  "ipspace": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "Default",
    "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
  },
  "name": "string",
  "owner": "string",
  "provider_type": "string",
  "scope": "string",
  "secret_password": "string",
  "server": "string",
  "server_side_encryption": "string",
  "snapmirror_use": "string",
  "svm": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "svm1",
    "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
  },
  "url_style": "string",
  "used": 0,
  "uuid": "string"
}

Response

Status: 200, Ok
Name Type Description

job

job_link

Example response
{
  "job": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "uuid": "string"
  }
}

Response

Status: 202, Accepted

Error

Status: Default

ONTAP Error Response Codes

Error Code Description

786436

VLDB is not running.

786908

Capability check failed.

787016

An object store configuration with the same combination of server and container name already exists.

787036

Server name is invalid. A valid server name must be a fully qualified domain name.

787038

Object store provider type requires a FabricPool license.

787039

Failed to retrieve FabricPool capacity license information.

787054

An object store configuration with the same combination of server, azure account and container name already exists.

787064

Object store server provider type does not match object store provider type. Use the provider type that matches the server.

787065

Certificate validation must be enabled for the object store provider.

787066

Certificate validation cannot be specified when the "-is-ssl-enabled" parameter is false.

787068

Disabling certificate validation requires an effective cluster version of ONTAP 9.4.0 or later.

787089

The object store provider supports the virtual hosted-style, and the specified "-server" contains the container name. The container specified in the "-server" parameter must be the same as the name of the container specified in the "-container" parameter.

787133

Could not retrieve temporary credentials from the CAP server.

787134

Could not retrieve temporary credentials from the CAP server due to an unexpected response.

787136

Specifying "CAP" as the "-auth-type" requires an effective cluster version of ONTAP 9.5.0 or later.

787148

The clock on the node is behind by more than the maximum of 5 minutes.

787149

The clock on the node is ahead by more than the maximum of 5 minutes.

787184

Using HTTP proxies with FabricPool requires an effective cluster version of ONTAP 9.7.0 or later.

787185

There is no HTTP proxy for IPspace. Refer to the "vserver http-proxy" man page for details.

787188

Object store configuration belongs to cluster and cannot be modified from the local cluster, unless the cluster is in switchover mode.

787209

Object store is not accessible from the partner cluster in a MetroCluster configuration.

787216

Cannot perform object store configuration operations on a cluster that is waiting for switchback.

787223

Specifying "GCP_SA" as the "-auth-type" requires an effective cluster version of ONTAP 9.7.0 or later.

787227

Specifying "Azure_MSI" as the "-auth-type" requires an effective cluster version of ONTAP 9.7 or later.

787228

SSL is required for this configuration.

787229

Cannot perform operation as URL style is not supported with object store provider type.

787233

The hash key for enabling this FabricPool feature is not present on the cluster.

787234

The hash key provided for the node to enable this FabricPool feature is not valid.

787254

The parameter is not supported on this system.

787257

The parameter "-encryption-context" is only applicable for AWS object store provider.

787301

ONTAP S3 Bucket is of type NAS and is not supported as a target for FabricPool.

787302

Cannot use HTTP port with "-is-ssl-enabled" set to true.

787303

Cannot use HTTPS port with "-is-ssl-enabled" set to false.

787306

Object store is not accessible from the partner cluster in a MetroCluster configuration.

45940761

Hostname cannot be resolved. Check the spelling of the hostname and check the system DNS availability using the "vserver services name-service dns check" command.

45940778

Bucket already exists.

Also see the table of common errors in the Response body overview section of this documentation.

Name Type Description

error

returned_error

Example error
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name Type Description

href

string

Name Type Description

self

href

cluster

Name Type Description

name

string

The name of the cluster that owns the cloud target. For POST, this accepts the name of the peer cluster only if the cluster is in switchover state.

uuid

string

The UUID of the cluster that owns the cloud target. For POST, this accepts the UUID of the peer cluster only if the cluster is in switchover state.

ipspace

IPspace to use in order to reach the cloud target.

Name Type Description

_links

_links

name

string

IPspace name

uuid

string

IPspace UUID

svm

This field is only applicable when used for SnapMirror and FabricLink. For POST and PATCH, SVM information is required for SnapMirror and FabricLink targets and not allowed for FabricPool targets.

Name Type Description

_links

_links

name

string

The name of the SVM. This field cannot be specified in a PATCH method.

uuid

string

The unique identifier of the SVM. This field cannot be specified in a PATCH method.

cloud_target

Name Type Description

_links

_links

access_key

string

Access key ID for AWS_S3 and other S3 compatible provider types.

authentication_type

string

Authentication used to access the target. SnapMirror does not yet support CAP. Required in POST.

azure_account

string

Azure account

azure_private_key

string

Azure access key

azure_sas_token

string

Shared access signature token to access Azure containers and blobs.

cap_url

string

This parameter is available only when auth-type is CAP. It specifies a full URL of the request to a CAP server for retrieving temporary credentials (access-key, secret-pasword, and session token) for accessing the object store.

certificate_validation_enabled

boolean

Is SSL/TLS certificate validation enabled? The default value is true. This can only be modified for SGWS, IBM_COS, and ONTAP_S3 provider types.

  • Introduced in: 9.6

  • x-nullable: true

cluster

cluster

container

string

Data bucket/container name. For FabricLink, a wildcard character "*" can also be specified to indicate that all the buckets in an SVM can use the same target information. However, for containers other than ONTAP, an exact name should be specified.

  • example: bucket1

  • Introduced in: 9.6

  • readCreate: 1

  • x-nullable: true

ipspace

ipspace

IPspace to use in order to reach the cloud target.

name

string

Cloud target name

owner

string

Owner of the target. Allowed values are FabricPool, SnapMirror or S3_SnapMirror. A target can be used by only one feature.

port

integer

Port number of the object store that ONTAP uses when establishing a connection. Required in POST.

  • Introduced in: 9.6

  • x-nullable: true

provider_type

string

Type of cloud provider. Allowed values depend on owner type. For FabricPool, AliCloud, AWS_S3, Azure_Cloud, GoogleCloud, IBM_COS, SGWS, and ONTAP_S3 are allowed. For SnapMirror, the valid values are AWS_S3 or SGWS. For FabricLink, AWS_S3, SGWS, S3_Compatible, S3EMU, LOOPBACK and ONTAP_S3 are allowed.

  • Introduced in: 9.6

  • readCreate: 1

  • x-nullable: true

read_latency_warning_threshold

integer

The warning threshold for read latency that is used to determine when an alert ems for a read operation from an object store should be issued.

scope

string

If the cloud target is owned by a data SVM, then the scope is set to svm. Otherwise it will be set to cluster.

secret_password

string

Secret access key for AWS_S3 and other S3 compatible provider types.

server

string

Fully qualified domain name of the object store server. Required on POST. For Amazon S3, server name must be an AWS regional endpoint in the format s3.amazonaws.com or s3-.amazonaws.com, for example, s3-us-west-2.amazonaws.com. The region of the server and the bucket must match. For Azure, if the server is a "blob.core.windows.net" or a "blob.core.usgovcloudapi.net", then a value of azure-account followed by a period is added in front of the server.

server_side_encryption

string

Encryption of data at rest by the object store server for AWS_S3 and other S3 compatible provider types. This is an advanced property. In most cases it is best not to change default value of "sse_s3" for object store servers which support SSE-S3 encryption. The encryption is in addition to any encryption done by ONTAP at a volume or at an aggregate level. Note that changing this option does not change encryption of data which already exist in the object store.

  • enum: ["none", "sse_s3"]

  • Introduced in: 9.7

  • x-nullable: true

snapmirror_use

string

Use of the cloud target by SnapMirror.

ssl_enabled

boolean

SSL/HTTPS enabled or not

svm

svm

This field is only applicable when used for SnapMirror and FabricLink. For POST and PATCH, SVM information is required for SnapMirror and FabricLink targets and not allowed for FabricPool targets.

url_style

string

URL style used to access S3 bucket.

use_http_proxy

boolean

Use HTTP proxy when connecting to the object store.

used

integer

The amount of cloud space used by all the aggregates attached to the target, in bytes. This field is only populated for FabricPool targets. The value is recalculated once every 5 minutes.

uuid

string

Cloud target UUID

Name Type Description

_links

_links

uuid

string

The UUID of the asynchronous job that is triggered by a POST, PATCH, or DELETE operation.

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

returned_error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.