gtema
4cfecba474
Reviewed-by: Kucerak, Kristian <kristian.kucerak@t-systems.com> Co-authored-by: gtema <artem.goncharov@gmail.com> Co-committed-by: gtema <artem.goncharov@gmail.com>
28 KiB
Creating a Firewall Rule
Function
This API is used to create a firewall rule.
URI
POST /v2.0/fwaas/firewall_rules
Request Message
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
firewall_rule |
Yes |
firewall_rule object |
Specifies the firewall rule objects. For details, see Table 2. |
Attribute |
Mandatory |
Type |
Constraint |
Description |
|---|---|---|---|---|
name |
No |
String |
The value can contain a maximum of 255 characters. |
Specifies the firewall rule name. The value can contain a maximum of 255 characters. |
description |
No |
String |
The value can contain a maximum of 255 characters. |
Provides supplementary information about the firewall rule. The value can contain a maximum of 255 characters. |
protocol |
No |
String |
The value can be TCP, UDP, or ICMP. |
Specifies the IP protocol. The value can be TCP, UDP, or ICMP. |
source_port |
No |
String |
The value can be an integer from 1 to 65535 or a port number range in the format of a:b. |
Specifies the source port number or port number range. The value can be an integer from 1 to 65535 or a port number range in the format of a:b. |
destination_port |
No |
String |
The value can be an integer from 1 to 65535 or a port number range in the format of a:b. |
Specifies the destination port number or port number range. The value can be an integer from 1 to 65535 or a port number range in the format of a:b. |
ip_version |
No |
Integer |
4/6 |
Specifies the IP protocol version. The value can be 4 and 6, indicating IPv4 address and IPv6 address, respectively. |
source_ip_address |
No |
String |
N/A |
Specifies the source IP address or CIDR block. |
destination_ip_address |
No |
String |
N/A |
Specifies the destination IP address or CIDR block. |
action |
No |
String |
deny/allow |
Specifies action performed on traffic passing through the firewall. The value can be deny or allow. |
enabled |
No |
Boolean |
The value can be true or false. |
Specifies whether the firewall rule is enabled. The value can be true or false. |
Response Message
Parameter |
Type |
Description |
|---|---|---|
firewall_rule |
firewall_rule object |
Specifies the firewall rule objects. For details, see Table 4. |
Attribute |
Type |
Description |
|---|---|---|
id |
String |
Specifies the UUID of the firewall rule. |
name |
String |
Specifies the firewall rule name. |
description |
String |
Provides supplementary information about the firewall rule. |
tenant_id |
String |
Specifies the project ID. |
public |
Boolean |
Specifies whether the firewall rule can be shared by different tenants. |
protocol |
String |
Specifies the IP protocol. |
source_port |
String |
Specifies the source port number or port number range. |
destination_port |
String |
Specifies the destination port number or port number range. |
ip_version |
Integer |
Specifies the IP protocol version. |
source_ip_address |
String |
Specifies the source IP address or CIDR block. |
destination_ip_address |
String |
Specifies the destination IP address or CIDR block. |
action |
String |
Specifies action performed on traffic passing through the firewall. |
enabled |
Boolean |
Specifies whether the firewall rule is enabled. |
project_id |
String |
Specifies the project ID. |
Example:
Example request
POST https://{Endpoint}/v2.0/fwaas/firewall_rules
{
"firewall_rule": {
"action": "allow",
"enabled": true,
"destination_port": "80",
"protocol": "tcp",
"name": "ALLOW_HTTP"
}
}
Example response
{
"firewall_rule": {
"protocol": "tcp",
"description": "",
"source_ip_address": null,
"destination_ip_address": null,
"source_port": null,
"destination_port": "80",
"id": "b94acf06-efc2-485d-ba67-a61acf2a7e28",
"name": "ALLOW_HTTP",
"tenant_id": "23c8a121505047b6869edf39f3062712",
"enabled": true,
"action": "allow",
"ip_version": 4,
"public": false,
"project_id": "23c8a121505047b6869edf39f3062712"
}
}
Status Code
See Status Codes.
Error Code
See Error Codes.