Create Security Policy Rules under Policy Set (v2.0)
POST/v2.0/api/tenants/:tenant_id/ngfwsecuritypolicysets/:policy_set_id/ngfwsecuritypolicyrules
Create a security policy V2 rule under a policy set.
Request
Path Parameters
The tenant ID.
ID of the security policy v2 set.
- application/json
Body
- Array [
- Array [
- ]
- Array [
- ]
- ]
The action taken for traffic matching this rule. It determine how the traffic from the specified source zone to the specified destination zone should respond.
The number of app definition IDs that have applied security policy rules. Maximum 16 applications can be specified in a rule.
The description of the security policy rule. Max size = 256.
The destination prefix IDs. Max list of prefix IDs is 16.
The destination zone IDs. Max list of zone IDs is 16.
The security policy rules based on rules that are enabled.
The security policy rule ID.
The name of the security policy rule. Max size = 128.
services Service[]
The details of the source and destination ports along with the protocol used..
destination_ports PortRange[]
The start and end port for Port Ranges. A maximum of 16 port ranges is allowed, and port ranges can only be added for TCP or UDP protocols.
The start port of the destination/source port range.
The end port of the destination/source port range.
The protocol type (TCP, or UDP, or TLS).
source_ports PortRange[]
The start value of the port range. A maximum of 16 port ranges are allowed, and port ranges can only be added for TCP or UDP protocols.
The start port of the destination/source port range.
The end port of the destination/source port range.
The source prefix IDs. Max list of IDs is 16.
The source zone IDs. Max list of IDs is 16.
A information field that can be added to identify the security policy rule. Maximum 10 unique tags of length 1024 each are allowed.
Responses
- 200
- 400
Successful Operation
- application/json
- Schema
- Example (from schema)
Schema
- Array [
- Array [
- ]
- Array [
- ]
- ]
The action taken for traffic matching this rule. It determine how the traffic from the specified source zone to the specified destination zone should respond.
The number of app definition IDs that have applied security policy rules. Maximum 16 applications can be specified in a rule.
The description of the security policy rule. Max size = 256.
The destination prefix IDs. Max list of prefix IDs is 16.
The destination zone IDs. Max list of zone IDs is 16.
The security policy rules based on rules that are enabled.
The security policy rule ID.
The name of the security policy rule. Max size = 128.
services Service[]
The details of the source and destination ports along with the protocol used..
destination_ports PortRange[]
The start and end port for Port Ranges. A maximum of 16 port ranges is allowed, and port ranges can only be added for TCP or UDP protocols.
The start port of the destination/source port range.
The end port of the destination/source port range.
The protocol type (TCP, or UDP, or TLS).
source_ports PortRange[]
The start value of the port range. A maximum of 16 port ranges are allowed, and port ranges can only be added for TCP or UDP protocols.
The start port of the destination/source port range.
The end port of the destination/source port range.
The source prefix IDs. Max list of IDs is 16.
The source zone IDs. Max list of IDs is 16.
A information field that can be added to identify the security policy rule. Maximum 10 unique tags of length 1024 each are allowed.
{
"action": "string",
"app_def_ids": [
"string"
],
"destination_prefix_ids": [
"string"
],
"destination_zone_ids": [
"string"
],
"enabled": true,
"id": "string",
"name": "string",
"services": [
{
"destination_ports": [
{
"from": 0,
"to": 0
}
],
"protocol": 0,
"source_ports": [
{
"from": 0,
"to": 0
}
]
}
],
"source_prefix_ids": [
"string"
],
"source_zone_ids": [
"string"
],
"tags": [
"string"
]
}
Bad Request
- application/json
- Schema
- Example (from schema)
- Example
Schema
- Array [
- ]
_error ErrorResponse[]
The error code.
The error message.
{
"_error": [
{
"code": "string",
"message": "string"
}
]
}
{
"value": {
"_error": [
{
"code": "INVALID_JSON_INPUT"
},
{
"code": "INVALID_JSON_EXTRA_ATTRIBUTE"
}
]
}
}