IngressAuditACLTemplate

An ingress audit policy is a set of rules defining how network traffic is treated within a domain.

Overview

active boolean filterable   orderable  
allowAddressSpoof boolean filterable   orderable  
associatedLiveEntityID string filterable  
associatedVirtualFirewallPolicyID string read only   autogenerated  
autoGeneratePriority boolean filterable   orderable  
creationDate string read only   autogenerated   orderable  
defaultAllowIP boolean filterable   orderable  
defaultAllowNonIP boolean filterable   orderable  
description string filterable  
embeddedMetadata list read only   autogenerated  
entityScope enum (ENTERPRISE | GLOBAL) autogenerated  
externalID string filterable   orderable   locally unique  
lastUpdatedBy string autogenerated  
lastUpdatedDate string read only   autogenerated   orderable  
name string required   filterable   orderable  
owner string autogenerated  
policyState enum (DRAFT | LIVE) filterable   orderable  
priority integer autogenerated   filterable   orderable   locally unique  
priorityType enum (TOP_AUDIT) autogenerated   filterable   orderable  

API Resource

/ingressauditacltemplates/id
delete get put

Parents

/domains/id/ingressauditacltemplates
get post
/l2domains/id/ingressauditacltemplates
get post

Children

/ingressauditacltemplates/id/permissions
delete get post put
/ingressauditacltemplates/id/metadatas
get post
/ingressauditacltemplates/id/globalmetadatas
get post put
/ingressauditacltemplates/id/ingressauditaclentrytemplates
get post

Members

This object has no members.

Attributes documentation

active boolean filterable   orderable  
Discussion

If enabled, it means that this ACL or QOS entry is active


Charateristics

Format: free
SDK attribute: active

allowAddressSpoof boolean filterable   orderable  
Discussion

If enabled, it will disable the default anti-spoof ACL for this domain that essentially prevents any VM to send packets that do not originate from that particular VM


Charateristics

SDK attribute: allowAddressSpoof

associatedLiveEntityID string filterable  
Discussion

In the draft mode, the ACL entry refers to this LiveEntity. In non-drafted mode, this is null.


Charateristics

Format: free
SDK attribute: associatedLiveEntityID

associatedVirtualFirewallPolicyID string read only   autogenerated  
Discussion

The ID of the Virtual Firewall Policy, if this was created as part of the Virtual Firewall Policy creation


Charateristics

Format: free
SDK attribute: associatedVirtualFirewallPolicyID

autoGeneratePriority boolean filterable   orderable  
Discussion

This option only affects how the children ACL entry priorities of this template/policy are generated when the priority is not specified. If 'false', the priority is generated by incrementing the current highest ACL Entry priority by 100. If 'true', a random priority will be generated, which is advised when creating many entries concurrently without specifying the priority. This will cause the new child ACL entry to get a random, non-predictable, priority. Therefore it is advised to only enable this when allow rules are being created. If any type of ACL entry order is required, keep this value to 'false' and use your own defined priorities, this will make sure there is a clear set of priorities and how traffic is validated against the ACL entries.


Charateristics

SDK attribute: autoGeneratePriority

creationDate string read only   autogenerated   orderable  
Discussion

Time stamp when this object was created.


Charateristics

SDK attribute: creationDate

defaultAllowIP boolean filterable   orderable  
Discussion

If enabled a default ACL of Allow All is added as the last entry in the list of ACL entries


Charateristics

SDK attribute: defaultAllowIP

defaultAllowNonIP boolean filterable   orderable  
Discussion

If enabled, non IP Traffic will be allowed


Charateristics

Default value: true
SDK attribute: defaultAllowNonIP

description string filterable  
Discussion

A description of the entity


Charateristics

Format: free
Max length: 255
SDK attribute: description

embeddedMetadata list read only   autogenerated  
Discussion

Metadata objects associated with this entity. This will contain a list of Metadata objects if the API request is made using the special flag to enable the embedded Metadata feature. Only a maximum of Metadata objects is returned based on the value set in the system configuration.


Charateristics

SDK attribute: embeddedMetadata

entityScope enum autogenerated  
Discussion

Specify if scope of entity is Data center or Enterprise level


Charateristics

Allowed values: ENTERPRISE, GLOBAL
SDK attribute: entityScope

externalID string filterable   orderable   locally unique  
Discussion

External object ID. Used for integration with third party systems


Charateristics

Format: free
SDK attribute: externalID

lastUpdatedBy string autogenerated  
Discussion

ID of the user who last updated the object.


Charateristics

Format: free
SDK attribute: lastUpdatedBy

lastUpdatedDate string read only   autogenerated   orderable  
Discussion

Time stamp when this object was last updated.


Charateristics

SDK attribute: lastUpdatedDate

name string required   filterable   orderable  
Discussion

The name of the entity


Charateristics

Format: free
Min length: 1
Max length: 255
SDK attribute: name

owner string autogenerated  
Discussion

Identifies the user that has created this object.


Charateristics

Format: free
SDK attribute: owner

policyState enum filterable   orderable  
Discussion

None


Charateristics

Allowed values: DRAFT, LIVE
Format: free
SDK attribute: policyState

priority integer autogenerated   filterable   orderable   locally unique  
Discussion

The priority of the ACL entry that determines the order of entries


Charateristics

SDK attribute: priority

priorityType enum autogenerated   filterable   orderable  
Discussion

Possible values: TOP_AUDIT. This policy will be the top most ingress policy


Charateristics

Allowed values: TOP_AUDIT
SDK attribute: priorityType