Avi SecurityPolicy Object API

CLI ``` - configure securitypolicy - show securitypolicy ```
More information: https://avinetworks.com/contact-us
Contact Info: support@avinetworks.com
Version: 20.1.9
BasePath:/api
All rights reserved
http://apache.org/licenses/LICENSE-2.0.html

Access

  1. HTTP Basic Authentication

Methods

[ Jump to Models ]

Table of Contents

  1. get /securitypolicy
  2. post /securitypolicy
  3. delete /securitypolicy/{uuid}
  4. get /securitypolicy/{uuid}
  5. patch /securitypolicy/{uuid}
  6. put /securitypolicy/{uuid}
Up
get /securitypolicy
(securitypolicyGet)

Consumes

This API call consumes the following media types via the Content-Type request header:

Query parameters

name (optional)
Query Parameter — object name
refers_to (optional)
Query Parameter — Filter to request all objects that refers to another Avi resource. Its syntax is refers_to=<obj_type>:<obj_uuid>. Eg. get all virtual services referring to pool p1 will be refers_to=pool:pool_p1_uuid
referred_by (optional)
Query Parameter — Filter to request all objects that are referred by another Avi resource. Its syntax is referred_by=<obj_type>:<obj_uuid>. Eg. get all pools referred_by virtual service vs1 - referred_by=virtualservice:vs_vs1_uuid
fields (optional)
Query Parameter — List of fields to be returned for the resource. Some fields like name, URL, uuid etc. are always returned.
include_name (optional)
Query Parameter — All the Avi REST reference URIs have a name suffix as URI#name. It is useful to get the referenced resource name without performing get on that object.
skip_default (optional)
Query Parameter — Default values are not set.
join_subresources (optional)
Query Parameter — It automatically returns additional dependent resources like runtime. Eg. join_subresources=runtime.

Return type

SecurityPolicyApiResponse

Example data

Content-Type: application/json
{
  "next" : "aeiou",
  "count" : 123,
  "results" : [ {
    "network_security_policy_index" : 123,
    "dns_attacks" : {
      "attacks" : [ {
        "mitigation_action" : {
          "deny" : true
        },
        "threshold" : 123456789,
        "attack_vector" : "aeiou",
        "enabled" : true,
        "max_mitigation_age" : 123
      } ],
      "oper_mode" : "aeiou"
    },
    "description" : "aeiou",
    "dns_policy_index" : 123,
    "tcp_attacks" : { },
    "uuid" : "aeiou",
    "url" : "aeiou",
    "_last_modified" : "aeiou",
    "labels" : [ {
      "value" : "aeiou",
      "key" : "aeiou"
    } ],
    "oper_mode" : "aeiou",
    "tenant_ref" : "aeiou",
    "name" : "aeiou",
    "udp_attacks" : { },
    "markers" : [ {
      "values" : [ "aeiou" ],
      "key" : "aeiou"
    } ]
  } ]
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK SecurityPolicyApiResponse

401

log in failed

Up
post /securitypolicy
(securitypolicyPost)

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body (required)
Body Parameter — SecurityPolicy object creation

Return type

SecurityPolicy

Example data

Content-Type: application/json
{
  "network_security_policy_index" : 123,
  "dns_attacks" : {
    "attacks" : [ {
      "mitigation_action" : {
        "deny" : true
      },
      "threshold" : 123456789,
      "attack_vector" : "aeiou",
      "enabled" : true,
      "max_mitigation_age" : 123
    } ],
    "oper_mode" : "aeiou"
  },
  "description" : "aeiou",
  "dns_policy_index" : 123,
  "tcp_attacks" : { },
  "uuid" : "aeiou",
  "url" : "aeiou",
  "_last_modified" : "aeiou",
  "labels" : [ {
    "value" : "aeiou",
    "key" : "aeiou"
  } ],
  "oper_mode" : "aeiou",
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "udp_attacks" : { },
  "markers" : [ {
    "values" : [ "aeiou" ],
    "key" : "aeiou"
  } ]
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK SecurityPolicy

401

log in failed

Up
delete /securitypolicy/{uuid}
(securitypolicyUuidDelete)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Query parameters

name (optional)
Query Parameter — object name

Return type

String

Example data

Content-Type: application/json
"aeiou"

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

204

object deleted String

404

not found

Up
get /securitypolicy/{uuid}
(securitypolicyUuidGet)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Query parameters

name (optional)
Query Parameter — object name
fields (optional)
Query Parameter — List of fields to be returned for the resource. Some fields like name, URL, uuid etc. are always returned.
include_name (optional)
Query Parameter — All the Avi REST reference URIs have a name suffix as URI#name. It is useful to get the referenced resource name without performing get on that object.
skip_default (optional)
Query Parameter — Default values are not set.
join_subresources (optional)
Query Parameter — It automatically returns additional dependent resources like runtime. Eg. join_subresources=runtime.

Return type

SecurityPolicy

Example data

Content-Type: application/json
{
  "network_security_policy_index" : 123,
  "dns_attacks" : {
    "attacks" : [ {
      "mitigation_action" : {
        "deny" : true
      },
      "threshold" : 123456789,
      "attack_vector" : "aeiou",
      "enabled" : true,
      "max_mitigation_age" : 123
    } ],
    "oper_mode" : "aeiou"
  },
  "description" : "aeiou",
  "dns_policy_index" : 123,
  "tcp_attacks" : { },
  "uuid" : "aeiou",
  "url" : "aeiou",
  "_last_modified" : "aeiou",
  "labels" : [ {
    "value" : "aeiou",
    "key" : "aeiou"
  } ],
  "oper_mode" : "aeiou",
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "udp_attacks" : { },
  "markers" : [ {
    "values" : [ "aeiou" ],
    "key" : "aeiou"
  } ]
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK SecurityPolicy

401

log in failed

Up
patch /securitypolicy/{uuid}
(securitypolicyUuidPatch)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body (required)
Body Parameter — SecurityPolicy object creation

Query parameters

name (optional)
Query Parameter — object name

Return type

SecurityPolicy

Example data

Content-Type: application/json
{
  "network_security_policy_index" : 123,
  "dns_attacks" : {
    "attacks" : [ {
      "mitigation_action" : {
        "deny" : true
      },
      "threshold" : 123456789,
      "attack_vector" : "aeiou",
      "enabled" : true,
      "max_mitigation_age" : 123
    } ],
    "oper_mode" : "aeiou"
  },
  "description" : "aeiou",
  "dns_policy_index" : 123,
  "tcp_attacks" : { },
  "uuid" : "aeiou",
  "url" : "aeiou",
  "_last_modified" : "aeiou",
  "labels" : [ {
    "value" : "aeiou",
    "key" : "aeiou"
  } ],
  "oper_mode" : "aeiou",
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "udp_attacks" : { },
  "markers" : [ {
    "values" : [ "aeiou" ],
    "key" : "aeiou"
  } ]
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK SecurityPolicy

401

log in failed

Up
put /securitypolicy/{uuid}
(securitypolicyUuidPut)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body (required)
Body Parameter — SecurityPolicy object creation

Query parameters

name (optional)
Query Parameter — object name

Return type

SecurityPolicy

Example data

Content-Type: application/json
{
  "network_security_policy_index" : 123,
  "dns_attacks" : {
    "attacks" : [ {
      "mitigation_action" : {
        "deny" : true
      },
      "threshold" : 123456789,
      "attack_vector" : "aeiou",
      "enabled" : true,
      "max_mitigation_age" : 123
    } ],
    "oper_mode" : "aeiou"
  },
  "description" : "aeiou",
  "dns_policy_index" : 123,
  "tcp_attacks" : { },
  "uuid" : "aeiou",
  "url" : "aeiou",
  "_last_modified" : "aeiou",
  "labels" : [ {
    "value" : "aeiou",
    "key" : "aeiou"
  } ],
  "oper_mode" : "aeiou",
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "udp_attacks" : { },
  "markers" : [ {
    "values" : [ "aeiou" ],
    "key" : "aeiou"
  } ]
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK SecurityPolicy

401

log in failed

Up

Models

[ Jump to Methods ]

Table of Contents

  1. AttackMitigationAction
  2. DnsAttack
  3. DnsAttacks
  4. KeyValue
  5. RoleFilterMatchLabel
  6. SecurityPolicy
  7. SecurityPolicyApiResponse
  8. TcpAttacks
  9. UdpAttacks

AttackMitigationAction Up

deny (optional)
Boolean Deny the attack packets further processing and drop them. Field introduced in 18.2.1.

DnsAttack Up

attack_vector
String The DNS attack vector. Enum options - DNS_REFLECTION, DNS_NXDOMAIN, DNS_AMPLIFICATION_EGRESS. Field introduced in 18.2.1.
enabled (optional)
Boolean Enable or disable the mitigation of the attack vector. Field introduced in 18.2.1.
max_mitigation_age (optional)
Integer Time in minutes after which mitigation will be deactivated. Allowed values are 1-4294967295. Special values are 0- 'blocked for ever'. Field introduced in 18.2.1. Unit is MIN. format: int32
mitigation_action (optional)
AttackMitigationAction Mitigation action to perform for this DNS attack vector. Field introduced in 18.2.1.
threshold (optional)
Long Threshold, in terms of DNS packet per second, for the DNS attack vector. Field introduced in 18.2.3. format: int64

DnsAttacks Up

attacks (optional)
array[DnsAttack] Mode of dealing with the attacks - perform detection only, or detect and mitigate the attacks. Field introduced in 18.2.1.
oper_mode (optional)
String Mode of dealing with the attacks - perform detection only, or detect and mitigate the attacks. Enum options - DETECTION, MITIGATION. Field introduced in 18.2.1.

KeyValue Up

key
String Key.
value (optional)
String Value.

RoleFilterMatchLabel Up

key
String Key for filter match. Field introduced in 20.1.3.
values (optional)
array[String] Values for filter match. Multiple values will be evaluated as OR. Example key = value1 OR key = value2. Behavior for match is key = * if this field is empty. Field introduced in 20.1.3.

SecurityPolicy Up

_last_modified (optional)
String UNIX time since epoch in microseconds. Units(MICROSECONDS).
description (optional)
String Security policy is used to specify various configuration information used to perform Distributed Denial of Service (DDoS) attacks detection and mitigation. Field introduced in 18.2.1.
dns_attacks (optional)
DnsAttacks Attacks utilizing the DNS protocol operations. Field introduced in 18.2.1.
dns_policy_index
Integer Index of the dns policy to use for the mitigation rules applied to the dns attacks. Field introduced in 18.2.1. format: int32
labels (optional)
array[KeyValue] Key value pairs for granular object access control. Also allows for classification and tagging of similar objects. Field deprecated in 20.1.5. Field introduced in 20.1.2. Maximum of 4 items allowed.
markers (optional)
array[RoleFilterMatchLabel] List of labels to be used for granular RBAC. Field introduced in 20.1.5. Allowed in Basic edition, Essentials edition, Enterprise edition.
name
String The name of the security policy. Field introduced in 18.2.1.
network_security_policy_index
Integer Index of the network security policy to use for the mitigation rules applied to the attacks. Field introduced in 18.2.1. format: int32
oper_mode (optional)
String Mode of dealing with the attacks - perform detection only, or detect and mitigate the attacks. Enum options - DETECTION, MITIGATION. Field introduced in 18.2.1.
tcp_attacks (optional)
TcpAttacks Attacks utilizing the TCP protocol operations. Field introduced in 18.2.1.
tenant_ref (optional)
String Tenancy of the security policy. It is a reference to an object of type Tenant. Field introduced in 18.2.1.
udp_attacks (optional)
UdpAttacks Attacks utilizing the UDP protocol operations. Field introduced in 18.2.1.
url (optional)
String url
uuid (optional)
String The UUID of the security policy. Field introduced in 18.2.1.

SecurityPolicyApiResponse Up

count
Integer format: int32
results
next (optional)

TcpAttacks Up

UdpAttacks Up