netapp.ontap.na_ontap_vscan_on_demand_task module – NetApp ONTAP Vscan on demand task configuration.

Note

This module is part of the netapp.ontap collection (version 22.10.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install netapp.ontap. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: netapp.ontap.na_ontap_vscan_on_demand_task.

New in netapp.ontap 2.8.0

Synopsis

• Configure on demand task for Vscan

Requirements

The below requirements are needed on the host that executes this module.

• Ansible 2.9 or later - 2.12 or later is recommended.

• Python3 - 3.9 or later is recommended.

• When using ZAPI, netapp-lib 2018.11.13 or later (install using ‘pip install netapp-lib’), netapp-lib 2020.3.12 is strongly recommended as it provides better error reporting for connection issues

• a physical or virtual clustered Data ONTAP system, the modules support Data ONTAP 9.1 and onward, REST support requires ONTAP 9.6 or later

Parameters

Parameter	Comments
cert_filepath string added in netapp.ontap 20.6.0	path to SSL client cert file (.pem). not supported with python 2.6.
cross_junction boolean	Specifies whether the On-Demand task is allowed to cross volume junctions This option is not supported with REST. This option defaults to False for ZAPI. Choices: false true
directory_recursion boolean	Specifies whether the On-Demand task is allowed to recursively scan through sub-directories. This option is not supported with REST. This option defaults to False for ZAPI. Choices: false true
feature_flags dictionary added in netapp.ontap 20.5.0	Enable or disable a new feature. This can be used to enable an experimental feature or disable a new feature that breaks backward compatibility. Supported keys and values are subject to change without notice. Unknown keys are ignored.
file_ext_to_exclude list / elements=string	File-Extensions for which scanning must not be performed. File whose extension matches with both inclusion and exclusion list is not considered for scanning.
file_ext_to_include list / elements=string	File extensions for which scanning is considered. The default value is ‘*’, which means that all files are considered for scanning except those which are excluded from scanning. File whose extension matches with both inclusion and exclusion list is not considered for scanning.
force_ontap_version string added in netapp.ontap 21.23.0	Override the cluster ONTAP version when using REST. The behavior is undefined if the version does not match the target cluster. This is provided as a work-around when the cluster version cannot be read because of permission issues. See https://github.com/ansible-collections/netapp.ontap/wiki/Known-issues. This should be in the form 9.10 or 9.10.1 with each element being an integer number. When use_rest is set to auto, this may force a switch to ZAPI based on the version and platform capabilities. Ignored with ZAPI.
hostname string / required	The hostname or IP address of the ONTAP instance.
http_port integer	Override the default port (80 or 443) with this port
https boolean	Enable and disable https. Ignored when using REST as only https is supported. Ignored when using SSL certificate authentication as it requires SSL. Choices: false ← (default) true
key_filepath string added in netapp.ontap 20.6.0	path to SSL client key file.
max_file_size integer	Max file-size (in bytes) allowed for scanning. The default value of 10737418240 (10GB) is taken if not provided at the time of creating a task.
ontapi integer	The ontap api version to use
password aliases: pass string	Password for the specified user.
paths_to_exclude list / elements=string	File-paths for which scanning must not be performed.
report_directory string	Path from the vserver root where task report is created. The path must be a directory and provided in unix-format from the root of the Vserver. Example /vol1/on-demand-reports.
report_log_level string	Log level for the On-Demand report. This option is not supported with REST. This option defaults to ‘error’ for ZAPI. Choices: "verbose" "info" "error"
request_timeout string	Total request-service time-limit in seconds. If the virus-scanner does not respond within the provided time, scan will be timedout. This option is not supported with REST.
scan_files_with_no_ext boolean	Specifies whether files without any extension are considered for scanning or not. Choices: false true ← (default)
scan_paths list / elements=string	List of paths that need to be scanned. The path must be provided in unix-format and from the root of the Vserver. Example /vol1/large_files.
scan_priority string	Priority of the On-Demand scan requests generated by this task. This option is not supported with REST. This option default to ‘low’ for ZAPI Choices: "low" "normal"
schedule string	Schedule of the task. The task will be run as per the schedule. For running the task immediately, vscan-on-demand-task-run api must be used after creating a task.
state string	Whether a Vscan on demand task is present or not Choices: "present" ← (default) "absent"
task_name string / required	Name of the task.
use_rest string	Whether to use REST or ZAPI. always – will always use the REST API if the module supports REST. A warning is issued if the module does not support REST. An error is issued if a module option is not supported in REST. never – will always use ZAPI if the module supports ZAPI. An error may be issued if a REST option is not supported in ZAPI. auto – will try to use the REST API if the module supports REST and modules options are supported. Reverts to ZAPI otherwise. Default: "auto"
username aliases: user string	This can be a Cluster-scoped or SVM-scoped account, depending on whether a Cluster-level or SVM-level API is required. For more information, please read the documentation https://mysupport.netapp.com/NOW/download/software/nmsdk/9.4/. Two authentication methods are supported basic authentication, using username and password, SSL certificate authentication, using a ssl client cert file, and optionally a private key file. To use a certificate, the certificate must have been installed in the ONTAP cluster, and cert authentication must have been enabled.
validate_certs boolean	If set to no, the SSL certificates will not be validated. This should only set to False used on personally controlled sites using self-signed certificates. Choices: false true ← (default)
vserver string / required	the name of the data vserver to use.

Notes

Note

• The modules prefixed with na_ontap are built to support the ONTAP storage platform.

• https is enabled by default and recommended. To enable http on the cluster you must run the following commands ‘set -privilege advanced;’ ‘system services web modify -http-enabled true;’

Examples

- name: Create Vscan On Demand Task
  netapp.ontap.na_ontap_vscan_on_demand_task:
    state: present
    username: '{{ netapp_username }}'
    password: '{{ netapp_password }}'
    hostname: '{{ netapp_hostname }}'
    vserver: carchi-vsim2
    task_name: carchiOnDemand
    scan_paths: /
    report_directory: /
    file_ext_to_exclude: ['py', 'yml']
    max_file_size: 10737418241
    paths_to_exclude: ['/tmp', '/var']
    report_log_level: info
    request_timeout: 60

- name: Delete Vscan On Demand Task
  netapp.ontap.na_ontap_vscan_on_demand_task:
    state: absent
    username: '{{ netapp_username }}'
    password: '{{ netapp_password }}'
    hostname: '{{ netapp_hostname }}'
    vserver: carchi-vsim2
    task_name: carchiOnDemand

Authors

• NetApp Ansible Team (@carchi8py)

Collection links

• Issue Tracker
• Homepage
• Repository (Sources)