Policy > Security > East West Security > Distributed Firewall > Settings

Associated URIs:

API Description API Path

List policy drafts


List policy drafts.
GET /policy/api/v1/infra/drafts

Delete a manual draft


Delete a manual draft.
DELETE /policy/api/v1/infra/drafts/<draft-id>

Read draft


Read a draft for a given draft identifier.
GET /policy/api/v1/infra/drafts/<draft-id>

Patch a manual draft


Create a new manual draft if the specified draft id does not correspond
to an existing draft. Update the manual draft otherwise.
Auto draft can not be updated.
PATCH /policy/api/v1/infra/drafts/<draft-id>

Publish a draft


Read a draft and publish it by applying changes onto current configuration.
POST /policy/api/v1/infra/drafts/<draft-id>?action=publish

Create or update a manual draft


Create a new manual draft if the specified draft id does not correspond
to an existing draft. Update the manual draft otherwise.
Auto draft can not be updated.
PUT /policy/api/v1/infra/drafts/<draft-id>

Get an aggregated configuration for the draft


Get an aggregated configuration that will get applied onto current
configuration during publish of this draft.
The response is a hierarichal payload containing the aggregated
configuration differences from the latest auto draft till the specified draft.
GET /policy/api/v1/infra/drafts/<draft-id>/aggregated

Get a preview of a configuration after publish of a draft


Get a preview of a configuration which will be present after publish of
a specified draft. The response essentially is a hierarichal payload
containing the configuration, which will be in active after a specified
draft gets published onto current configuration.
GET /policy/api/v1/infra/drafts/<draft-id>/complete

Get PolicyFirewallSchedulers


Get all PolicyFirewallSchedulers
GET /policy/api/v1/infra/firewall-schedulers
GET /policy/api/v1/global-infra/firewall-schedulers

Delete Policy Firewall Scheduler


Deletes the specified PolicyFirewallScheduler. If scheduler
is consumed in a security policy, it won't get deleted.
DELETE /policy/api/v1/infra/firewall-schedulers/<firewall-scheduler-id>

Get PolicyFirewallScheduler


Get a PolicyFirewallScheduler by id
GET /policy/api/v1/infra/firewall-schedulers/<firewall-scheduler-id>
GET /policy/api/v1/global-infra/firewall-schedulers/<firewall-scheduler-id>

Create or Update PolicyFirewallScheduler


Creates/Updates a PolicyFirewallScheduler, which can be set at security
policy. Note that at least one property out of "days", "start_date",
"time_interval", "end_date" is required if "recurring" field is true. Also
"start_time" and "end_time" should not be present. And if "recurring"
field is false then "start_date" and "end_date" is mandatory, "start_time"
and "end_time" is optional. Also the fields "days" and "time_interval"
should not be present.
PATCH /policy/api/v1/infra/firewall-schedulers/<firewall-scheduler-id>

Create or Update PolicyFirewallScheduler


Updates a PolicyFirewallScheduler, which can be set at security policy.
Note that at least one property out of "days", "start_date",
"time_interval", "end_date" is required if "recurring" field is true. Also
"start_time" and "end_time" should not be present. And if "recurring"
field is false then "start_date" and "end_date" is mandatory, "start_time"
and "end_time" is optional. Also the fields "days" and "time_interval"
should not be present.
PUT /policy/api/v1/infra/firewall-schedulers/<firewall-scheduler-id>

List compute cluster idfw Configuration


API will list all compute cluster wise identity firewall configuration
GET /policy/api/v1/infra/settings/firewall/idfw/cluster

Read compute cluster idfw configuration


Read compute cluster identity firewall configuration
GET /policy/api/v1/infra/settings/firewall/idfw/cluster/<cluster-id>

Patch compute cluster idfw configuration


Patch compute cluster identity firewall configuration.
PATCH /policy/api/v1/infra/settings/firewall/idfw/cluster/<cluster-id>

Create or update compute cluster idfw configuration


Update the compute cluster idfw configuration
PUT /policy/api/v1/infra/settings/firewall/idfw/cluster/<cluster-id>

Read idfw configuration for standalone host


Read identity firewall configuration for standalone host
GET /policy/api/v1/infra/settings/firewall/idfw/standalone-host-switch-setting

Patch idfw configuration for standalone host


Patch identity firewall configuration for standalone host
PATCH /policy/api/v1/infra/settings/firewall/idfw/standalone-host-switch-setting

Create or update idfw configuration for standalone host


Update the idfw configuration for standalone host
PUT /policy/api/v1/infra/settings/firewall/idfw/standalone-host-switch-setting

Get dfw firewall configuration


Get the current dfw firewall configurations.
GET /policy/api/v1/infra/settings/firewall/security

Update dfw firewall configuration


Update dfw firewall related configurations.
PATCH /policy/api/v1/infra/settings/firewall/security

Update dfw firewall configuration


Update dfw firewall related configurations.
PUT /policy/api/v1/infra/settings/firewall/security

Read security policy exclude list


Read exclude list for firewall
GET /policy/api/v1/infra/settings/firewall/security/exclude-list

Patch exclusion list for security policy


Patch exclusion list for security policy.
PATCH /policy/api/v1/infra/settings/firewall/security/exclude-list

Filter the firewall exclude list


Filter the firewall exclude list by the given object, to check whether
the object is a member of this exclude list.
POST /policy/api/v1/infra/settings/firewall/security/exclude-list?action=filter

Create or update exclusion list for security policy


Update the exclusion list for security policy
PUT /policy/api/v1/infra/settings/firewall/security/exclude-list