Create Policy Rules (v3.1)
Create a policy rule of a tenant.
Path Parameters
- tenant_id string required
The tenant ID.
- policy_set_id string required
The policy set ID.
- application/json
Request Body
Details of the policy to be created
- app_def_id string required
The app definition ID that have applied policy rules. The number of applications for a policy rule is limited to 256.
- description
The description of the policy rule. Max size = 256.
- id string
The policy rule ID.
- name string required
The name of the policy rule. Max size = 128.
- network_context_id string
The network context applied to the policy rule. Network context segments network traffic for the purpose of applying different policy rules for the same application.
paths_allowed PathsAllowed required
The paths allowed for the application.
active_paths WANPath[] required
The configured active path for the rule.
Array [label stringThe label to identify the path.
path_type string requiredPossible values: [
vpn
,direct
,servicelink
]The path type.
]backup_paths WANPath[]
The configured backup path for the rule.
Array [label stringThe label to identify the path.
path_type string requiredPossible values: [
vpn
,direct
,servicelink
]The path type.
]l3_failure_paths WANPath[]
The configured l3 failure path for the rule.
Array [label stringThe label to identify the path.
path_type string requiredPossible values: [
vpn
,direct
,servicelink
]The path type.
]- priority_num integer
The priority number.
service_context ServiceContext[]
Information on the service context.
Array [active_service_label_id string requiredThe configured active service label ID.
active_service_label_type stringPossible values: [
CG_TRANSIT
,NON_CG_TRANSIT
,SASE
]The configured active service label type.
backup_service_label_id stringThe configured backup service label ID.
backup_service_label_type stringPossible values: [
CG_TRANSIT
,NON_CG_TRANSIT
,SASE
]The configured backup service label type.
type string requiredPossible values: [
ALLOWED_TRANSIT
,REQUIRED_TRANSIT
]The type of service context.
]
- 200
- 400
Successful Operation
- application/json
- Schema
- Example (from schema)
Schema
- app_def_id string required
The app definition ID that have applied policy rules. The number of applications for a policy rule is limited to 256.
- app_def_name string
The app definition name.
- default_rule boolean
The default policy rule.
- description
The policy rule description. Max size = 256.
- disabled boolean
Lists if the policy rule is disabled.
- disabled_reason string
Reason the policy rule is disabled.
- id string
The policy rule ID.
- inactive boolean
Lists if the policy rule is inactive.
- inactive_reason string
Reason the policy rule is inactive.
- lan_network_ids string[]
The LAN network IDs.
- name string required
The name of the policy rule. Max size = 128.
- network_context_id string
The network context applied to the policy rule. Network context segments network traffic for the purpose of applying different policy rules for the same application.
paths_allowed PathsAllowed required
The paths allowed for the application.
active_paths WANPath[] required
The configured active path for the rule.
Array [label stringThe label to identify the path.
path_type string requiredPossible values: [
vpn
,direct
,servicelink
]The path type.
]backup_paths WANPath[]
The configured backup path for the rule.
Array [label stringThe label to identify the path.
path_type string requiredPossible values: [
vpn
,direct
,servicelink
]The path type.
]l3_failure_paths WANPath[]
The configured l3 failure path for the rule.
Array [label stringThe label to identify the path.
path_type string requiredPossible values: [
vpn
,direct
,servicelink
]The path type.
]- policy_set_id string
Policy Set Id
- priority_num int32
The priority number.
- region string
The region of the site.
service_context ServiceContext[]
Information on the service context.
Array [active_service_label_id string requiredThe configured active service label ID.
active_service_label_type stringPossible values: [
CG_TRANSIT
,NON_CG_TRANSIT
,SASE
]The configured active service label type.
backup_service_label_id stringThe configured backup service label ID.
backup_service_label_type stringPossible values: [
CG_TRANSIT
,NON_CG_TRANSIT
,SASE
]The configured backup service label type.
type string requiredPossible values: [
ALLOWED_TRANSIT
,REQUIRED_TRANSIT
]The type of service context.
]site_paths_allowed SiteWanPath[]
The paths allowed for a site.
Array [wn_name stringWn Name
wp_type stringPossible values: [
DIRECT_PUBLIC_WAN
,DIRECT_PRIVATE_WAN
,VPN_ON_PUBLIC_WAN
,VPN_ON_PRIVATE_WAN
]Wp Type
]- tenant_id string required
Tenant Id: NotNull Digits(fraction = 0, integer = 20, TENANT_ID_INVALID_0001)
{
"app_def_id": "string",
"app_def_name": "string",
"default_rule": true,
"disabled": true,
"disabled_reason": "string",
"id": "string",
"inactive": true,
"inactive_reason": "string",
"lan_network_ids": [
"string"
],
"name": "string",
"network_context_id": "string",
"paths_allowed": {
"active_paths": [
{
"label": "string",
"path_type": "vpn"
}
],
"backup_paths": [
{
"label": "string",
"path_type": "vpn"
}
],
"l3_failure_paths": [
{
"label": "string",
"path_type": "vpn"
}
]
},
"policy_set_id": "string",
"priority_num": 0,
"region": "string",
"service_context": [
{
"active_service_label_id": "string",
"active_service_label_type": "CG_TRANSIT",
"backup_service_label_id": "string",
"backup_service_label_type": "CG_TRANSIT",
"type": "ALLOWED_TRANSIT"
}
],
"site_paths_allowed": [
{
"wn_name": "string",
"wp_type": "DIRECT_PUBLIC_WAN"
}
],
"tenant_id": "string"
}
Bad Request
- application/json
- Schema
- Example (from schema)
- Example
Schema
_error ErrorResponse[]
Array [code stringmessage string]
{
"_error": [
{
"code": "string",
"message": "string"
}
]
}
{
"value": {
"_error": [
{
"code": "INVALID_LAN_SEGMENTID"
},
{
"code": "ID_HAS_INVALID_CHARS"
},
{
"code": "POLICY_RULE_NAME_EXCEEDS_LIMIT"
},
{
"code": "APP_DEF_ID_REQD"
},
{
"code": "POLICY_RULE_DESCRIPTION_EXCEEDS_LIMIT"
},
{
"code": "SERVICECONTEXT_SIZE_EXCEEDED"
},
{
"code": "APP_DEF_ID_EXCEEDS_LIMIT"
},
{
"code": "PATHS_ALLOWED_REQUIRED"
},
{
"code": "POLICY_RULE_NAME_REQD"
},
{
"code": "NETWORK_CONTEXT_ID_EXCEEDS_LIMIT"
}
]
}
}