{
"experimental": true,
"extends": {
"$ref": "PolicyRealizedResource
},
"id": "RealizedFirewallRule",
"module_id": "PolicyRealizedState",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "Action enforced on the packets which matches the firewall rule.",
"enum": [
"ALLOW",
"DROP",
"REJECT"
],
"readonly": true,
"required": false,
"title": "Action",
"type": "string"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destinations": {
"description": "List of the destinations. Null will be treated as any.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": true,
"required": false,
"title": "Destination List",
"type": "array"
},
"direction": {
"default": "IN_OUT",
"description": "Rule direction in case of stateless firewall rules. This will only considered if section level parameter is set to stateless. Default to IN_OUT if not specified.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"readonly": true,
"required": false,
"title": "Rule direction",
"type": "string"
},
"disabled": {
"description": "Flag to disable rule. Disabled will only be persisted but never provisioned/realized.",
"readonly": true,
"required": false,
"title": "Rule enable/disable flag",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"services": {
"description": "List of the services. Null will be treated as any.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": true,
"required": false,
"title": "Service List",
"type": "array"
},
"sources": {
"description": "List of sources. Null will be treated as any.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": true,
"required": false,
"title": "Source List",
"type": "array"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Realized Firewall Rule",
"type": "object"
}