From e49930a831e27e8c1a7af0dd166958ad6d08d1f9 Mon Sep 17 00:00:00 2001
From: Keith Cantrell <kcantrel@gmail.com>
Date: Wed, 11 Feb 2026 15:47:51 -0600
Subject: [PATCH 1/2] Added volume_cifs_share_create

---
 .../volume_cifs_share_create                  | 128 ++++++++++++++++++
 .../Workload-Factory-API-Samples/wf_utils     |   2 +-
 2 files changed, 129 insertions(+), 1 deletion(-)
 create mode 100755 Management-Utilities/Workload-Factory-API-Samples/volume_cifs_share_create

diff --git a/Management-Utilities/Workload-Factory-API-Samples/volume_cifs_share_create b/Management-Utilities/Workload-Factory-API-Samples/volume_cifs_share_create
new file mode 100755
index 0000000..6a72245
--- /dev/null
+++ b/Management-Utilities/Workload-Factory-API-Samples/volume_cifs_share_create
@@ -0,0 +1,128 @@
+#!/bin/bash
+#
+################################################################################
+# This script is used to create a cifs share in a volume in a FSx for ONTAP
+# file system. It will assume that the path is /cifs_share_name and will give
+# it full control permissions for everyone.
+#
+# It is dependent on the 'wf_utils' file that is included in this repo. That
+# file contains the 'get_token' function that is used to obtain a valid
+# access token that is needed to run the Workload Factory APIs. The file needs
+# to either be in the command search path or in the current directory.
+################################################################################
+
+################################################################################
+# This function just prints the usage of this script and exits the program.
+################################################################################
+usage() {
+  cat >&2 <<EOF
+This script is used to create a cifs share in a volume in a FSx for ONTAP
+file system. It will assume that the path is /cifs_share_name and will give
+it full control permissions for everyone.
+
+Usage: $(basename $0) -t refresh_token -a blueXP_account_ID -c credentials_ID -r aws_region -f filesystem_ID -v volume_ID -s cifs_share_name
+
+Where: refresh_token - Is a refresh token used to obtain an access token needed
+                       to run the Workload Factory APIs. You can obtain a refresh
+                       token by going to https://services.cloud.netapp.com/refresh-token
+       blueXP_account_ID - is the BlueXP account ID. Run 'list_bluexp_accts' to get a
+                           list of accounts you have access to
+       credentials_ID    - is the Workload Factory credentials ID for the AWS account. Run
+                           'list_credentials' to get a list of credentials you have access to
+       aws_region        - is the AWS region where the FSx file systems are located
+       filesystem_id     - is the AWS file system ID of the FSx file system where the volume resides
+       volume_ID         - is the AWS volume ID of the volume where you want to create the cifs share.
+       cifs_share_name  - is the name of the share to create
+
+Instead of passing parameters on the command line, you can set the
+following environment variables:
+
+    export REFRESH_TOKEN=<refresh_token>
+    export BLUEXP_ACCOUNT_ID=<blueXP_account_ID>
+    export CREDENTIALS_ID=<credentials_ID>
+    export AWS_REGION=<aws_region>
+EOF
+  exit 1
+}
+
+################################################################################
+# Main logic starts here.
+################################################################################
+tmpout=$(mktemp /tmp/create_share-out.XXXXXX)
+tmperr=$(mktemp /tmp/create_share-err.XXXXXX)
+trap 'rm -f $tmpout $tmperr' exit
+#
+# Source the wf_utils file.
+wf_utils=$(command -v wf_utils)
+if [ -z "$wf_utils" ]; then
+  if [ ! -x "./wf_utils" ]; then
+    cat >&2 <<EOF
+Error: The 'wf_utils' script was not found in the current directory or in the command search path.
+It is required to run this script. You can download it from:
+https://github.com/NetApp/FSx-ONTAP-samples-scripts/tree/main/Management-Utilities/Workload-Factory-API-Samples
+EOF
+    exit 1
+  else
+    wf_utils=./wf_utils
+  fi
+fi
+. "$wf_utils"
+#
+# Process command line options.
+while getopts "ht:a:c:r:f:v:s:" opt; do
+  case $opt in
+    t) REFRESH_TOKEN="$OPTARG" ;;
+    a) BLUEXP_ACCOUNT_ID="$OPTARG" ;;
+    c) CREDENTIALS_ID="$OPTARG" ;;
+    r) AWS_REGION="$OPTARG" ;;
+    f) FILESYSTEM_ID="$OPTARG" ;;
+    v) VOLUME_ID="$OPTARG" ;;
+    s) CIFS_SHARE_NAME="$OPTARG" ;;
+    *) usage ;;
+  esac
+done
+#
+# Declare an array of required options and the error message to display if they are not set.
+declare -A required_options
+required_options["REFRESH_TOKEN"]='Error: A BlueXP refresh tokon is required to run this script. It can be obtain from this web page:
+  https://services.cloud.netapp.com/refresh-token\n\n'
+required_options["BLUEXP_ACCOUNT_ID"]='Error: A BlueXP account ID is required to run this script.
+You can get the list of accounts you have access to by running the "list_bluexp_accts" script
+found in this GitHub repository: https://github.com/NetApp/FSx-ONTAP-samples-scripts/tree/main/Management-Utilities/Workload-Factory-API-Samples\n\n'
+required_options["CREDENTIALS_ID"]='Error: The ID of the credentials to delete is required.
+You can get a list of credentials by running the "list_credentials" script
+found in this GitHub repository: https://github.com/NetApp/FSx-ONTAP-samples-scripts/tree/main/Management-Utilities/Workload-Factory-API-Samples\n\n'
+required_options["AWS_REGION"]='Error: The AWS region where the file system is located is required.\n\n'
+required_options["FILESYSTEM_ID"]='Error: The ID of the FSxN file system is required.\n\n'
+required_options["VOLUME_ID"]='Error: An AWS Volume ID is required to run this script.
+You can get the list of file systems you have access to by running the "list_volumes" script
+found in this GitHub repository: https://github.com/NetApp/FSx-ONTAP-samples-scripts/tree/main/Management-Utilities/Workload-Factory-API-Samples\n\n'
+required_options["CIFS_SHARE_NAME"]='Error: The name of the cifs share is required.\n\n'
+
+check_required_options
+#
+# Check if the required commands are available.
+for cmd in jq curl; do
+  if ! command -v $cmd &> /dev/null; then
+    echo "Error: The required command '$cmd' was not found. Please install it." >&2
+    exit 1
+  fi
+done
+
+token=$(get_token)
+if [ -z "$token" ]; then
+  echo "Error: Failed to obtain an access token. Exiting." >&2
+  exit 1
+fi
+#
+# Get the existing shares.
+run_curl GET "$token" "https://api.workloads.netapp.com/accounts/${BLUEXP_ACCOUNT_ID}/fsx/v2/credentials/${CREDENTIALS_ID}/regions/${AWS_REGION}/file-systems/${FILESYSTEM_ID}/volumes/${VOLUME_ID}?include=cifsShares" $tmpout $tmperr
+cifsShares=$(jq -r '.cifsShares' $tmpout)
+#
+# Create a new share definition.
+newShare='{"name":"'$CIFS_SHARE_NAME'","path":"'/$CIFS_SHARE_NAME'","acls":[{"userOrGroup":"Everyone","permission":"full_control","type":"windows"}]}'
+#
+# Add the new share to the existing ones.
+cifsShares=$(echo "$cifsShares" | jq -r '. += ['$newShare']')
+cifsShares="{\"cifsShares\": $cifsShares}"
+run_curl PATCH "$token" "https://api.workloads.netapp.com/accounts/${BLUEXP_ACCOUNT_ID}/fsx/v2/credentials/${CREDENTIALS_ID}/regions/${AWS_REGION}/file-systems/${FILESYSTEM_ID}/volumes/${VOLUME_ID}" $tmpout $tmperr "$cifsShares"
diff --git a/Management-Utilities/Workload-Factory-API-Samples/wf_utils b/Management-Utilities/Workload-Factory-API-Samples/wf_utils
index c4de022..b477375 100755
--- a/Management-Utilities/Workload-Factory-API-Samples/wf_utils
+++ b/Management-Utilities/Workload-Factory-API-Samples/wf_utils
@@ -129,7 +129,7 @@ run_curl () {
          -H "Authorization: Bearer $token" -o $output > $errorOutput
       exitCode=$?
       ;;
-    POST|PUT)
+    POST|PUT|PATCH)
       curl -X "$method" -sw "%{http_code},%{errormsg}" "$url" \
          -H "Accept: $accept" "${extraHeaders[@]}" \
          -H "Content-Type:application/json" \

From 395f459d970c36ff622139c147710eca381d71af Mon Sep 17 00:00:00 2001
From: Keith Cantrell <kcantrel@gmail.com>
Date: Wed, 4 Mar 2026 11:38:44 -0600
Subject: [PATCH 2/2] Fixes some typos in some messages.

---
 .../volume_cifs_share_create                          | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/Management-Utilities/Workload-Factory-API-Samples/volume_cifs_share_create b/Management-Utilities/Workload-Factory-API-Samples/volume_cifs_share_create
index 6a72245..241f731 100755
--- a/Management-Utilities/Workload-Factory-API-Samples/volume_cifs_share_create
+++ b/Management-Utilities/Workload-Factory-API-Samples/volume_cifs_share_create
@@ -32,7 +32,7 @@ Where: refresh_token - Is a refresh token used to obtain an access token needed
        aws_region        - is the AWS region where the FSx file systems are located
        filesystem_id     - is the AWS file system ID of the FSx file system where the volume resides
        volume_ID         - is the AWS volume ID of the volume where you want to create the cifs share.
-       cifs_share_name  - is the name of the share to create
+       cifs_share_name   - is the name of the share to create. Only alphanumeric characters, underscores and dashes are allowed.
 
 Instead of passing parameters on the command line, you can set the
 following environment variables:
@@ -84,12 +84,12 @@ done
 #
 # Declare an array of required options and the error message to display if they are not set.
 declare -A required_options
-required_options["REFRESH_TOKEN"]='Error: A BlueXP refresh tokon is required to run this script. It can be obtain from this web page:
+required_options["REFRESH_TOKEN"]='Error: A BlueXP refresh token is required to run this script. It can be obtain from this web page:
   https://services.cloud.netapp.com/refresh-token\n\n'
 required_options["BLUEXP_ACCOUNT_ID"]='Error: A BlueXP account ID is required to run this script.
 You can get the list of accounts you have access to by running the "list_bluexp_accts" script
 found in this GitHub repository: https://github.com/NetApp/FSx-ONTAP-samples-scripts/tree/main/Management-Utilities/Workload-Factory-API-Samples\n\n'
-required_options["CREDENTIALS_ID"]='Error: The ID of the credentials to delete is required.
+required_options["CREDENTIALS_ID"]='Error: A Worload Factory Credential ID is required to run this script.
 You can get a list of credentials by running the "list_credentials" script
 found in this GitHub repository: https://github.com/NetApp/FSx-ONTAP-samples-scripts/tree/main/Management-Utilities/Workload-Factory-API-Samples\n\n'
 required_options["AWS_REGION"]='Error: The AWS region where the file system is located is required.\n\n'
@@ -120,6 +120,11 @@ run_curl GET "$token" "https://api.workloads.netapp.com/accounts/${BLUEXP_ACCOUN
 cifsShares=$(jq -r '.cifsShares' $tmpout)
 #
 # Create a new share definition.
+# Check that the CIFS_SHARE_NAME only contains allowed characters (alphanumeric, underscores and dashes).
+if [[ ! "$CIFS_SHARE_NAME" =~ ^[a-zA-Z0-9_-]+$ ]]; then
+  echo "Error: The CIFS share name can only contain alphanumeric characters, underscores and dashes." >&2
+  exit 1
+fi
 newShare='{"name":"'$CIFS_SHARE_NAME'","path":"'/$CIFS_SHARE_NAME'","acls":[{"userOrGroup":"Everyone","permission":"full_control","type":"windows"}]}'
 #
 # Add the new share to the existing ones.