na_ontap_vscan_on_access_policy – NetApp ONTAP Vscan on access policy configuration¶
New in version 2.8.
Synopsis¶
Configure on access policy for Vscan (virus scan)
Requirements¶
The below requirements are needed on the host that executes this module.
A physical or virtual clustered Data ONTAP system. The modules support Data ONTAP 9.1 and onward
Ansible 2.6
Python2 netapp-lib (2017.10.30) or later. Install using ‘pip install netapp-lib’
Python3 netapp-lib (2018.11.13) or later. Install using ‘pip install netapp-lib’
To enable http on the cluster you must run the following commands ‘set -privilege advanced;’ ‘system services web modify -http-enabled true;’
Parameters¶
| Parameter | Choices/Defaults | Comments |
|---|---|---|
|
file_ext_to_exclude
-
|
File extensions for which On-Access scanning must not be performed.
|
|
|
file_ext_to_include
-
|
File extensions for which On-Access scanning is considered. The default value is '*', which means that all files are considered for scanning except
those which are excluded from scanning.
|
|
|
filters
-
|
A list of filters which can be used to define the scope of the On-Access policy more precisely. The filters can be added in any order. Possible values
scan_ro_volume Enable scans for read-only volume,
scan_execute_access Scan only files opened with execute-access (CIFS only)
|
|
|
hostname
string
/ required
|
The hostname or IP address of the ONTAP instance.
|
|
|
http_port
integer
|
Override the default port (80 or 443) with this port
|
|
|
https
boolean
|
|
Enable and disable https
|
|
is_scan_mandatory
boolean
|
|
Specifies whether access to a file is allowed if there are no external virus-scanning servers available for virus scanning. It is true if not provided at the time of creating a policy.
|
|
max_file_size
-
|
Max file-size (in bytes) allowed for scanning. The default value of 2147483648 (2GB) is taken if not provided at the time of creating a policy.
|
|
|
ontapi
integer
|
The ontap api version to use
|
|
|
password
string
/ required
|
Password for the specified user.
aliases: pass |
|
|
paths_to_exclude
-
|
File paths for which On-Access scanning must not be performed.
|
|
|
policy_name
-
/ required
|
The name of the policy
|
|
|
scan_files_with_no_ext
-
|
Default: "yes"
|
Specifies whether files without any extension are considered for scanning or not.
|
|
state
-
|
|
Whether a Vscan on Access policy is present or not
|
|
username
string
/ required
|
This can be a Cluster-scoped or SVM-scoped account, depending on whether a Cluster-level or SVM-level API is required. For more information, please read the documentation https://mysupport.netapp.com/NOW/download/software/nmsdk/9.4/.
aliases: user |
|
|
validate_certs
boolean
|
|
If set to
no, the SSL certificates will not be validated.This should only set to
False used on personally controlled sites using self-signed certificates. |
|
vserver
-
/ required
|
the name of the data vserver to use.
|
Notes¶
Note
The modules prefixed with na\_ontap are built to support the ONTAP storage platform.
Examples¶
- name: Create Vscan On Access Policy
na_ontap_vscan_on_access_policy:
state: present
username: '{{ netapp_username }}'
password: '{{ netapp_password }}'
hostname: '{{ netapp_hostname }}'
vserver: carchi-vsim2
policy_name: carchi_policy
file_ext_to_exclude: ['exe', 'yml']
- name: modify Vscan on Access Policy
na_ontap_vscan_on_access_policy:
state: present
username: '{{ netapp_username }}'
password: '{{ netapp_password }}'
hostname: '{{ netapp_hostname }}'
vserver: carchi-vsim2
policy_name: carchi_policy
file_ext_to_exclude: ['exe', 'yml', 'py']
- name: Delete On Access Policy
na_ontap_vscan_on_access_policy:
state: absent
username: '{{ netapp_username }}'
password: '{{ netapp_password }}'
hostname: '{{ netapp_hostname }}'
vserver: carchi-vsim2
policy_name: carchi_policy
Status¶
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by an Ansible Partner. [certified]