fresh cloak
The old netapp.ontap.na_ontap_file_directory_policy is being deprecated. I am looking for a new way to create these, security descriptors and tasks, and assign ACLs to the specific SD.
I have looked at the REST docs and the new na_ontap_file_security_permissions module and na_ontap_file_security_permissions_acl module. I see these mention slag and file directory types, but I see no options to assign SD or the tasks.
I am still very new to permissions and the roles these steps accomplish. I am trying to understand what each does. and it's role in the overall scheme.
If there is a good article for this that would be great. I am trying to work through some old ansible code and update it to the new REST standard.
I have approximations from the cli for what I am attempting to do.
Create the policy
vserver security file-directory policy create -vserver {{ vserver }} -policy-name {{ vserver }}_pol
Create the SD
vserver security file-directory ntfs create -vserver {{ vserver }} -policy-name {{ vserver }}_sd
Add directory task
vserver security file-directory policy task add -policy-name {{ vserver }}_pol -path /pol -vserver {{ vserver }} -security-type ntfs -ntfs-mode propagate -ntfs-sd {{ vserver }}_sd
Add DACL Using a loop with the group name and the rights
vserver security file-directory ntfs dacl add -ntfs_sd {{ vserver }}_sd -access-type allow -account {{ item.account }} -vserver {{ vserver }} -rights {{ item.rights }} -apply-to this-folder ,sub-folders ,files
snow pond