VirtualFirewallPolicy

Defines the template for a Virtual Firewall Policy that helps to group a set of rules either based on functions or actions

Overview

active boolean filterable   orderable  
allowAddressSpoof boolean filterable   orderable  
associatedEgressTemplateID string read only   autogenerated  
associatedIngressTemplateID string read only   autogenerated  
associatedLiveEntityID string read only   autogenerated   filterable  
autoGeneratePriority boolean creation only   filterable   orderable  
creationDate string read only   autogenerated   orderable  
defaultAllowIP boolean filterable   orderable  
defaultAllowNonIP boolean filterable   orderable  
defaultInstallACLImplicitRules boolean filterable   orderable  
description string filterable  
embeddedMetadata list read only   autogenerated  
entityScope enum (ENTERPRISE | GLOBAL) autogenerated  
externalID string filterable   orderable   locally unique  
lastUpdatedBy string autogenerated  
lastUpdatedDate string read only   autogenerated   orderable  
name string required   filterable   orderable  
owner string autogenerated  
policyState enum (DRAFT | LIVE) read only   filterable   orderable  
priority integer filterable   orderable  
priorityType enum (BOTTOM | NONE | TOP) filterable   orderable  

API Resource

/virtualfirewallpolicies/id
delete get put

Parents

/virtualfirewallpolicies
get
/domains/id/virtualfirewallpolicies
get post
/l2domains/id/virtualfirewallpolicies
get post
/aggregateddomains/id/virtualfirewallpolicies
get post
/l2domaintemplates/id/virtualfirewallpolicies
get post
/domaintemplates/id/virtualfirewallpolicies
get post

Children

/virtualfirewallpolicies/id/metadatas
get post
/virtualfirewallpolicies/id/virtualfirewallrules
get post
/virtualfirewallpolicies/id/globalmetadatas
get post put

Members

This object has no members.

Attributes documentation

active boolean filterable   orderable  
Discussion

If enabled, it means that this rule is active


Charateristics

Default value: false
SDK attribute: active

allowAddressSpoof boolean filterable   orderable  
Discussion

If enabled, it will disable the default anti-spoof Rule for this domain that essentially prevents any VM to send packets that do not originate from that particular VM


Charateristics

Default value: false
SDK attribute: allowAddressSpoof

associatedEgressTemplateID string read only   autogenerated  
Discussion

The read only id of the auto generated Egress Template


Charateristics

Format: free
SDK attribute: associatedEgressTemplateID

associatedIngressTemplateID string read only   autogenerated  
Discussion

The read only id of the auto generated Ingress Template


Charateristics

Format: free
SDK attribute: associatedIngressTemplateID

associatedLiveEntityID string read only   autogenerated   filterable  
Discussion

In the draft mode, the rule entry refers to this LiveEntity. In non-drafted mode, this is null.


Charateristics

Format: free
SDK attribute: associatedLiveEntityID

autoGeneratePriority boolean creation only   filterable   orderable  
Discussion

This option affects how Rule entry priorities are generated when not specified. If 'false', the priority is generated by incrementing the current highest priority by 100. If 'true', a random priority will be generated, which is advised when creating many entries concurrently without specifying the priority. This will cause the ACL entry to be randomly placed in the existing list of ACL entries. Therefore it is advised to only enable this when allow rules are being created.


Charateristics

Default value: false
SDK attribute: autoGeneratePriority

creationDate string read only   autogenerated   orderable  
Discussion

Time stamp when this object was created.


Charateristics

SDK attribute: creationDate

defaultAllowIP boolean filterable   orderable  
Discussion

If enabled a default RUle of Allow All is added as the last entry in the list of rule entries


Charateristics

Default value: false
SDK attribute: defaultAllowIP

defaultAllowNonIP boolean filterable   orderable  
Discussion

If enabled, non ip traffic will be dropped


Charateristics

Default value: false
SDK attribute: defaultAllowNonIP

defaultInstallACLImplicitRules boolean filterable   orderable  
Discussion

If enabled, implicit rule will allow intra domain traffic by default


Charateristics

Default value: false
SDK attribute: defaultInstallACLImplicitRules

description string filterable  
Discussion

A concise description of the Virtual Firewall Rule Template that gives a small preview of its use.


Charateristics

Format: free
Max length: 255
SDK attribute: description

embeddedMetadata list read only   autogenerated  
Discussion

Metadata objects associated with this entity. This will contain a list of Metadata objects if the API request is made using the special flag to enable the embedded Metadata feature. Only a maximum of Metadata objects is returned based on the value set in the system configuration.


Charateristics

SDK attribute: embeddedMetadata

entityScope enum autogenerated  
Discussion

Specify if scope of entity is Data center or Enterprise level


Charateristics

Allowed values: ENTERPRISE, GLOBAL
SDK attribute: entityScope

externalID string filterable   orderable   locally unique  
Discussion

External object ID. Used for integration with third party systems


Charateristics

Format: free
SDK attribute: externalID

lastUpdatedBy string autogenerated  
Discussion

ID of the user who last updated the object.


Charateristics

Format: free
SDK attribute: lastUpdatedBy

lastUpdatedDate string read only   autogenerated   orderable  
Discussion

Time stamp when this object was last updated.


Charateristics

SDK attribute: lastUpdatedDate

name string required   filterable   orderable  
Discussion

A unique name set by an operator identifying the Virtual Firewall Rule Template.


Charateristics

Format: free
Min length: 1
Max length: 255
SDK attribute: name

owner string autogenerated  
Discussion

Identifies the user that has created this object.


Charateristics

Format: free
SDK attribute: owner

policyState enum read only   filterable   orderable  
Discussion

States if the policy is Live or Draft


Charateristics

Allowed values: DRAFT, LIVE
SDK attribute: policyState

priority integer filterable   orderable  
Discussion

The priority of the rule entry that determines the order of entries


Charateristics

Max value: 1000000000
SDK attribute: priority

priorityType enum filterable   orderable  
Discussion

Possible values: TOP or BOTTOM or NONE. TOP and BOTTOM ACL policies can only be defined and managed on the template level. These allow for careful control of Rule priority handling.


Charateristics

Allowed values: BOTTOM, NONE, TOP
SDK attribute: priorityType