CnsNFSAccessControlSpec

This class defines vSAN NFS file volume specific access control list spec.

The access contorl spec will be treated as the delta to be added to/removed from the existing access control list.

This structure may be used only with operations rendered under /vsan.

AllOf

This class requires all of the following:

JSON Example

{
    "_typeName": "string",
    "netPermission": {
        "_typeName": "string",
        "ips": "string",
        "permissions": "string",
        "allowRoot": false
    },
    "delete": false
}

netPermission

Required

The permission settings of users based on the network information.

This setting should include the IP information of the users, permission assigned and the user squash information. The accepted IP formats are: 1) Single IP address, e.g., 123.23.23.123; 2) IP addresses with subnet mask, e.g., 123.23.23.0/8; 3) IP address ranges specified with '-', e.g., 123.23.23.123-123.23.23.128; 4) The string '*' implies all clients. Please see VsanFileShareNetPermission.

Note that the permissions will be ignored if the delete flag is set.

boolean

delete

Optional

Whether to delete the access control rules.

If set to true, existing rules whose IP is matched will be deleted. If this is not set or set to false, the net permissions will be added to the existing permission list.

Note that 1) To delete rules from the NFS, the input IP has to exactly match the existing rules' IP in string. Otherwise, it will be ignored; 2) If there are no rules left after rules being deleted, CNS will add the permission {*, NO_ACCESS} as the default rule.

Property Of

ArrayOfCnsNFSAccessControlSpec