1 Reply Latest reply: Oct 31, 2016 7:30 AM by Ryan Malmberg RSS

    List SAN volumes without encryption

    Chad Renstrom Newbie
    Visibility: Open to anyone

      Needed to report which volumes are not configured with encryption on an array. I found a few ideas using REST on nimblestorage.com, however I couldn't get them to work without modifications. I'm new to REST, comfortable but not great at PowerShell so I'm thankful to Raja, Julian, and Paul (sources in script notes) who provided info to the community which got me this far.  This is the script that works for me, perhaps it'll save someone else some time... or add to the confusion:


          Lists volumes on a Nimble Array which are not encrypted.
          Uses REST API to connect to a Nimble Array and provide details on volumes which are not encrypted.
          Warning: This script has no error handling, for limited use, and may not provide useful results. Proceed at your own risk.
          .PARAMETER nsarray
          Provide the DNS name or IP of the Nimble Array.
          #Sorting by volume size
          get-nsvolne | sort-object size | select name,size,encryption_cipher | format-table -autosize  
          #Create an array of volume names and exclude them
          $exclude = @("vol1","vol2","vol3")
          get-nsvolne | sort-object name | select name,size,encryption_cipher | where {$_.name -notin $exclude} | ft -autosize
          Name:    get-nsvolne.ps1
          Sources: https://connect.nimblestorage.com/thread/2346
      $nscreds = Get-Credential
      #token connection function
      function get-token {
          $nsuser = $nscreds.UserName
          $nspass = $nscreds.GetNetworkCredential().Password
          $data = @{
              username = $nsuser
           password = $nspass
          $body = convertto-json (@{ data = $data })
          $uri = "https://" + $nsarray + ":5392/v1/tokens"
          $token = Invoke-RestMethod -Uri $uri -Method Post -Body $body
          $global:token = $token.data.session_token
      } #end function
      #open up cert validation, needed for self-signed cert validation
      [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }
      #Connect and list volumes
      $header = @{ "X-Auth-Token" = $token }  
      $uri = "https://" + $nsarray + ":5392/v1/volumes?encryption_cipher=none"  
      $volume_list = Invoke-RestMethod -Uri $uri -Method Get -Header $header  
      $vol_array = @();  
      foreach ($volume_id in $volume_list.data.id){  
            $uri = "https://" + $nsarray + ":5392/v1/volumes/" + $volume_id  
            $volume = Invoke-RestMethod  -Uri $uri -Method Get -Header $header  
            $vol_array += $volume.data  
      #put Cert validation back to normal
      [System.Net.ServicePointManager]::ServerCertificateValidationCallback = $null
      #return volumes without encryption
      return $vol_array