Try SpotterNetApp ONTAP manage export policy rules
| "added in version" 2.6 of ansible.builtin"
Authors: NetApp Ansible Team (@carchi8py) <ng-ansibleteam@netapp.com>
preview | supported by certified
pipInstall with pip install ansible==2.9.26
Create or delete or modify export rules in ONTAP
- name: Create ExportPolicyRule
na_ontap_export_policy_rule:
state: present
name: default123
vserver: ci_dev
client_match: 0.0.0.0/0,1.1.1.0/24
ro_rule: krb5,krb5i
rw_rule: any
protocol: nfs,nfs3
super_user_security: any
allow_suid: true
hostname: "{{ netapp_hostname }}"
username: "{{ netapp_username }}"
password: "{{ netapp_password }}"
- name: Modify ExportPolicyRule
na_ontap_export_policy_rule:
state: present
name: default123
rule_index: 100
client_match: 0.0.0.0/0
ro_rule: ntlm
rw_rule: any
protocol: any
allow_suid: false
hostname: "{{ netapp_hostname }}"
username: "{{ netapp_username }}"
password: "{{ netapp_password }}"
- name: Delete ExportPolicyRule
na_ontap_export_policy_rule:
state: absent
name: default123
rule_index: 100
vserver: ci_dev
hostname: "{{ netapp_hostname }}"
username: "{{ netapp_username }}"
password: "{{ netapp_password }}"
name:
aliases:
- policy_name
description:
- The name of the export rule to manage.
required: true
https:
default: false
description:
- Enable and disable https.
- Ignored when using REST as only https is supported.
- Ignored when using SSL certificate authentication as it requires SSL.
type: bool
state:
choices:
- present
- absent
default: present
description:
- Whether the specified export policy rule should exist or not.
required: false
ontapi:
description:
- The ontap api version to use
type: int
ro_rule:
choices:
- any
- none
- never
- krb5
- krb5i
- krb5p
- ntlm
- sys
description:
- List of Read only access specifications for the rule
rw_rule:
choices:
- any
- none
- never
- krb5
- krb5i
- krb5p
- ntlm
- sys
description:
- List of Read Write access specifications for the rule
vserver:
description:
- Name of the vserver to use.
required: true
hostname:
description:
- The hostname or IP address of the ONTAP instance.
required: true
type: str
password:
aliases:
- pass
description:
- Password for the specified user.
type: str
protocol:
choices:
- any
- nfs
- nfs3
- nfs4
- cifs
- flexcache
description:
- List of Client access protocols.
- Default value is set to 'any' during create.
use_rest:
choices:
- Never
- Always
- Auto
default: Auto
description:
- REST API if supported by the target system for all the resources and attributes
the module requires. Otherwise will revert to ZAPI.
- Always -- will always use the REST API
- Never -- will always use the ZAPI
- Auto -- will try to use the REST Api
type: str
username:
aliases:
- user
description:
- This can be a Cluster-scoped or SVM-scoped account, depending on whether a Cluster-level
or SVM-level API is required.
- For more information, please read the documentation U(https://mysupport.netapp.com/NOW/download/software/nmsdk/9.4/).
- Two authentication methods are supported
- 1. basic authentication, using username and password,
- 2. SSL certificate authentication, using a ssl client cert file, and optionally
a private key file.
- To use a certificate, the certificate must have been installed in the ONTAP cluster,
and cert authentication must have been enabled.
type: str
http_port:
description:
- Override the default port (80 or 443) with this port
type: int
allow_suid:
description:
- If 'true', NFS server will honor SetUID bits in SETATTR operation. Default value
on creation is 'true'
type: bool
rule_index:
description:
- rule index of the export policy
client_match:
description:
- List of Client Match host names, IP Addresses, Netgroups, or Domains
- If rule_index is not provided, client_match is used as a key to fetch current rule
to determine create,delete,modify actions. If a rule with provided client_match
exists, a new rule will not be created, but the existing rule will be modified or
deleted. If a rule with provided client_match doesn't exist, a new rule will be
created if state is present.
key_filepath:
description:
- path to SSL client key file.
type: str
version_added: 20.6.0
version_added_collection: netapp.ontap
cert_filepath:
description:
- path to SSL client cert file (.pem).
- not supported with python 2.6.
type: str
version_added: 20.6.0
version_added_collection: netapp.ontap
feature_flags:
description:
- Enable or disable a new feature.
- This can be used to enable an experimental feature or disable a new feature that
breaks backward compatibility.
- Supported keys and values are subject to change without notice. Unknown keys are
ignored.
type: dict
version_added: 20.5.0
version_added_collection: netapp.ontap
validate_certs:
default: true
description:
- If set to C(no), the SSL certificates will not be validated.
- This should only set to C(False) used on personally controlled sites using self-signed
certificates.
type: bool
super_user_security:
choices:
- any
- none
- never
- krb5
- krb5i
- krb5p
- ntlm
- sys
description:
- List of Read Write access specifications for the rule