API Description | API Path |
---|---|
List communication mapsList all communication maps for a domain. This API is deprecated. Please use the following API instead. GET /infra/domains/domain-id/security-policies |
GET /policy/api/v1/infra/domains/<domain-id>/communication-maps
(Deprecated)
|
Deletes a communication map from this domainDeletes the communication map along with all the communication entries This API is deprecated. Please use the following API instead. DELETE /infra/domains/domain-id/security-policies/security-policy-id |
DELETE /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>
(Deprecated)
|
Read communication-mapRead communication-map for a domain. This API is deprecated. Please use the following API instead. GET /infra/domains/domain-id/security-policies/security-policy-id |
GET /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>
(Deprecated)
|
Patch communication mapPatch the communication map for a domain. If a communication map for the given communication-map-id is not present, the object will get created and if it is present it will be updated. This is a full replace This API is deprecated. Please use the following API instead. PATCH /infra/domains/domain-id/security-policies/security-policy-id |
PATCH /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>
(Deprecated)
|
Revise the positioning of communication mapsThis is used to set a precedence of a communication map w.r.t others. This API is deprecated. Please use the following API instead. POST /infra/domains/domain-id/security-policies/security-policy-id?action=revise |
POST /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>?action=revise
(Deprecated)
|
Create or Update communication mapCreate or Update the communication map for a domain. This is a full replace. All the CommunicationEntries are replaced. This API is deprecated. Please use the following API instead. PUT /infra/domains/domain-id/security-policies/security-policy-id |
PUT /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>
(Deprecated)
|
List CommunicationEntriesList CommunicationEntries This API is deprecated. Please use the following API instead. GET /infra/domains/domain-id/security-policies/security-policy-id/rules |
GET /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>/communication-entries
(Deprecated)
|
Delete CommunicationEntryDelete CommunicationEntry This API is deprecated. Please use the following API instead. DELETE /infra/domains/domain-id/security-policies/security-policy-id/rules/rule-id |
DELETE /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>/communication-entries/<communication-entry-id>
(Deprecated)
|
Read CommunicationEntryRead CommunicationEntry This API is deprecated. Please use the following API instead. GET /infra/domains/domain-id/security-policies/security-policy-id/rules/rule-id |
GET /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>/communication-entries/<communication-entry-id>
(Deprecated)
|
Patch a CommunicationEntryPatch the CommunicationEntry. If a communication entry for the given communication-entry-id is not present, the object will get created and if it is present it will be updated. This is a full replace This API is deprecated. Please use the following API instead. PATCH /infra/domains/domain-id/security-policies/security-policy-id/rules/rule-id |
PATCH /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>/communication-entries/<communication-entry-id>
(Deprecated)
|
Revise the positioning of communication entryThis is used to re-order a communictation entry within a communication map. This API is deprecated. Please use the following API instead. POST /infra/domains/domain-id/security-policies/security-policy-id/rules/rule-id?action=revise |
POST /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>/communication-entries/<communication-entry-id>?action=revise
(Deprecated)
|
Create or update a CommunicationEntryUpdate the CommunicationEntry. If a CommunicationEntry with the communication-entry-id is not already present, this API fails with a 404. Creation of CommunicationEntries is not allowed using this API. This API is deprecated. Please use the following API instead PUT /infra/domains/domain-id/security-policies/securit-policy-id/rules/rule-id |
PUT /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>/communication-entries/<communication-entry-id>
(Deprecated)
|
List security policiesList all security policies for a domain. |
GET /policy/api/v1/infra/domains/<domain-id>/security-policies
GET /policy/api/v1/global-infra/domains/<domain-id>/security-policies |
Deletes a security policy from this domainDeletes the security policy along with all the rules |
DELETE /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>
|
Read security policyRead security policy for a domain. |
GET /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>
GET /policy/api/v1/global-infra/domains/<domain-id>/security-policies/<security-policy-id> |
Patch security policyPatch the security policy for a domain. If a security policy for the given security-policy-id is not present, the object will get created and if it is present it will be updated. This is a full replace |
PATCH /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>
|
Revise the positioning of security policiesThis is used to set a precedence of a security policy w.r.t others. |
POST /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>?action=revise
|
Create or Update security policyCreate or Update the security policy for a domain. This is a full replace. All the rules are replaced. |
PUT /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>
|
List rulesList rules |
GET /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules
GET /policy/api/v1/global-infra/domains/<domain-id>/security-policies/<security-policy-id>/rules |
Delete ruleDelete rule |
DELETE /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>
|
Read ruleRead rule |
GET /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>
GET /policy/api/v1/global-infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id> |
Patch a rulePatch the rule. If Rule corresponding to the the given rule-id is not present, the object will get created and if it is present it will be updated. This is a full replace |
PATCH /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>
|
Revise the positioning of ruleThis is used to re-order a rule within a security policy. |
POST /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>?action=revise
|
Create or update a ruleUpdate the rule. Create new rule if a rule with the rule-id is not already present. |
PUT /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>
|
Get rule statisticsGet statistics of a rule. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. |
GET /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>/statistics
GET /policy/api/v1/global-infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>/statistics |
Get security policy statisticsGet statistics of a security policy. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. |
GET /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/statistics
GET /policy/api/v1/global-infra/domains/<domain-id>/security-policies/<security-policy-id>/statistics |
List policy draftsList policy drafts. |
GET /policy/api/v1/infra/drafts
|
Delete a manual draftDelete a manual draft. |
DELETE /policy/api/v1/infra/drafts/<draft-id>
|
Read draftRead a draft for a given draft identifier. |
GET /policy/api/v1/infra/drafts/<draft-id>
|
Patch a manual draftCreate a new manual draft if the specified draft id does not correspond to an existing draft. Update the manual draft otherwise. Auto draft can not be updated. |
PATCH /policy/api/v1/infra/drafts/<draft-id>
|
Publish a draftRead a draft and publish it by applying changes onto current configuration. |
POST /policy/api/v1/infra/drafts/<draft-id>?action=publish
|
Create or update a manual draftCreate a new manual draft if the specified draft id does not correspond to an existing draft. Update the manual draft otherwise. Auto draft can not be updated. |
PUT /policy/api/v1/infra/drafts/<draft-id>
|
Get an aggregated configuration for the draftGet an aggregated configuration that will get applied onto current configuration during publish of this draft. The response is a hierarichal payload containing the aggregated configuration differences from the latest auto draft till the specified draft. |
GET /policy/api/v1/infra/drafts/<draft-id>/aggregated
|
Get a preview of a configuration after publish of a draftGet a preview of a configuration which will be present after publish of a specified draft. The response essentially is a hierarichal payload containing the configuration, which will be in active after a specified draft gets published onto current configuration. |
GET /policy/api/v1/infra/drafts/<draft-id>/complete
|
Get PolicyFirewallSchedulersGet all PolicyFirewallSchedulers |
GET /policy/api/v1/infra/firewall-schedulers
GET /policy/api/v1/global-infra/firewall-schedulers |
Delete Policy Firewall SchedulerDeletes the specified PolicyFirewallScheduler. If scheduler is consumed in a security policy, it won't get deleted. |
DELETE /policy/api/v1/infra/firewall-schedulers/<firewall-scheduler-id>
|
Get PolicyFirewallSchedulerGet a PolicyFirewallScheduler by id |
GET /policy/api/v1/infra/firewall-schedulers/<firewall-scheduler-id>
GET /policy/api/v1/global-infra/firewall-schedulers/<firewall-scheduler-id> |
Create or Update PolicyFirewallSchedulerCreates/Updates a PolicyFirewallScheduler, which can be set at security policy. Note that at least one property out of "days", "start_date", "time_interval", "end_date" is required if "recurring" field is true. Also "start_time" and "end_time" should not be present. And if "recurring" field is false then "start_date" and "end_date" is mandatory, "start_time" and "end_time" is optional. Also the fields "days" and "time_interval" should not be present. |
PATCH /policy/api/v1/infra/firewall-schedulers/<firewall-scheduler-id>
|
Create or Update PolicyFirewallSchedulerUpdates a PolicyFirewallScheduler, which can be set at security policy. Note that at least one property out of "days", "start_date", "time_interval", "end_date" is required if "recurring" field is true. Also "start_time" and "end_time" should not be present. And if "recurring" field is false then "start_date" and "end_date" is mandatory, "start_time" and "end_time" is optional. Also the fields "days" and "time_interval" should not be present. |
PUT /policy/api/v1/infra/firewall-schedulers/<firewall-scheduler-id>
|
List compute cluster idfw ConfigurationAPI will list all compute cluster wise identity firewall configuration |
GET /policy/api/v1/infra/settings/firewall/idfw/cluster
|
Read compute cluster idfw configurationRead compute cluster identity firewall configuration |
GET /policy/api/v1/infra/settings/firewall/idfw/cluster/<cluster-id>
|
Patch compute cluster idfw configurationPatch compute cluster identity firewall configuration. |
PATCH /policy/api/v1/infra/settings/firewall/idfw/cluster/<cluster-id>
|
Create or update compute cluster idfw configurationUpdate the compute cluster idfw configuration |
PUT /policy/api/v1/infra/settings/firewall/idfw/cluster/<cluster-id>
|
Read idfw configuration for standalone hostRead identity firewall configuration for standalone host |
GET /policy/api/v1/infra/settings/firewall/idfw/standalone-host-switch-setting
|
Patch idfw configuration for standalone hostPatch identity firewall configuration for standalone host |
PATCH /policy/api/v1/infra/settings/firewall/idfw/standalone-host-switch-setting
|
Create or update idfw configuration for standalone hostUpdate the idfw configuration for standalone host |
PUT /policy/api/v1/infra/settings/firewall/idfw/standalone-host-switch-setting
|
Get dfw firewall configurationGet the current dfw firewall configurations. |
GET /policy/api/v1/infra/settings/firewall/security
|
Update dfw firewall configurationUpdate dfw firewall related configurations. |
PATCH /policy/api/v1/infra/settings/firewall/security
|
Update dfw firewall configurationUpdate dfw firewall related configurations. |
PUT /policy/api/v1/infra/settings/firewall/security
|
Read security policy exclude listRead exclude list for firewall |
GET /policy/api/v1/infra/settings/firewall/security/exclude-list
|
Patch exclusion list for security policyPatch exclusion list for security policy. |
PATCH /policy/api/v1/infra/settings/firewall/security/exclude-list
|
Filter the firewall exclude listFilter the firewall exclude list by the given object, to check whether the object is a member of this exclude list. |
POST /policy/api/v1/infra/settings/firewall/security/exclude-list?action=filter
|
Create or update exclusion list for security policyUpdate the exclusion list for security policy |
PUT /policy/api/v1/infra/settings/firewall/security/exclude-list
|
Reset firewall rule statisticsSets firewall rule statistics counter to zero. This operation is supported for given category, for example: DFW i.e. for all layer3 firewall (transport nodes only) rules or EDGE i.e. for all layer3 edge firewall (edge nodes only) rules. - no enforcement point path specified: On global manager, it is mandatory to give an enforcement point path. On local manager, reset of stats will be executed for each enforcement point. - {enforcement_point_path}: Reset of stats will be executed only for the given enforcement point. |
POST /policy/api/v1/infra/settings/firewall/stats?action=reset
POST /policy/api/v1/global-infra/settings/firewall/stats?action=reset |