NetworkSecurityPolicy

Description

API


    POST /api/networksecuritypolicy
    PUT /api/networksecuritypolicy/<key>
    DELETE /api/networksecuritypolicy/<key>
    GET /api/networksecuritypolicy
    GET /api/networksecuritypolicy/<key>

CLI


    configure networksecuritypolicy <key>
    show networksecuritypolicy <key>

Data

NetworkSecurityPolicy

uuid

Type
string
Category
required
Description

name

Type
string
Category
optional
Description

rules

Type
NetworkSecurityRule
Category
repeated
Description

created_by

Type
string
Category
optional
Description
Creator name

cloud_config_cksum

Type
string
Category
optional
Description
Checksum of cloud configuration for Network Sec Policy. Internally set by cloud connector

description

Type
string
Category
optional
Description

tenant_ref

Type
Reference to Tenant
Category
optional
Description

NetworkSecurityRule

name

Type
string
Category
required
Description

index

Type
uint32
Category
required
Description

enable

Type
bool
Category
required
Description

match

Type
NetworkSecurityMatchTarget
Category
required
Description

action

Type
enum
Category
required
Description
Choices
NETWORK_SECURITY_POLICY_ACTION_TYPE_ALLOW, NETWORK_SECURITY_POLICY_ACTION_TYPE_DENY, NETWORK_SECURITY_POLICY_ACTION_TYPE_RATE_LIMIT

log

Type
bool
Category
optional
Description
Default
False

rl_param

Type
NetworkSecurityPolicyActionRLParam
Category
optional
Description

age

Type
uint32
Category
optional
Description
Time in minutes after which rule will be deleted.
Units
min
Default
0

created_by

Type
string
Category
optional
Description
Creator name

NetworkSecurityMatchTarget

client_ip

Type
IpAddrMatch
Category
optional
Description

vs_port

Type
PortMatch
Category
optional
Description

microservice

Type
MicroServiceMatch
Category
optional
Description

IpAddrMatch

match_criteria

Type
enum
Category
required
Description
Criterion to use for IP address matching the HTTP request
Choices
IS_IN, IS_NOT_IN

addrs

Type
IpAddr
Category
repeated
Description
IP address(es)

ranges

Type
IpAddrRange
Category
repeated
Description
IP address range(s)

prefixes

Type
IpAddrPrefix
Category
repeated
Description
IP address prefix(es)

group_refs

Type
Reference to IpAddrGroup
Category
repeated
Description
UUID of IP address group(s)

IpAddr

addr

Type
string
Category
required
Description
IP address

type

Type
enum
Category
required
Description
Choices
V4, DNS

IpAddrRange

begin

Type
IpAddr
Category
required
Description
Starting IP address of the range

end

Type
IpAddr
Category
required
Description
Ending IP address of the range

IpAddrPrefix

ip_addr

Type
IpAddr
Category
required
Description

mask

Type
int32
Category
required
Description

PortMatch

match_criteria

Type
enum
Category
required
Description
Criterion to use for port matching the HTTP request
Choices
IS_IN, IS_NOT_IN

ports

Type
uint32
Category
repeated
Description
Listening TCP port(s)

MicroServiceMatch

match_criteria

Type
enum
Category
required
Description
Criterion to use for Micro Service matching the HTTP request
Choices
IS_IN, IS_NOT_IN

group_ref

Type
Reference to MicroServiceGroup
Category
optional
Description
UUID of Micro Service group(s)

NetworkSecurityPolicyActionRLParam

max_rate

Type
uint32
Category
required
Description
Maximum number of connections or requests or packets per second.

burst_size

Type
uint32
Category
required
Description
Maximum number of connections or requests or packets to be rate limited instantaneously.
Default
0

References

IpAddrGroup MicroServiceGroup Tenant

Sub Objects