Updated on 2024-04-16 GMT+08:00

Creating a Network ACL Policy

Function

This API is used to create a network ACL policy which must be bound to a network ACL group. You can learn more about the relationships among network ACL groups, policies, and rules.

URI

POST /v2.0/fwaas/firewall_policies

Request Parameters

Table 1 Request parameter

Parameter

Type

Mandatory

Description

firewall_policy

firewall_policy object

Yes

Specifies the firewall policy. For details, see Table 2.

Table 2 Firewall Policy objects

Attribute

Mandatory

Type

Description

name

No

String

Specifies the name of the network ACL policy.

The value can contain a maximum of 255 characters.

description

No

String

Provides supplementary information about the network ACL policy.

The value can contain a maximum of 255 characters.

firewall_rules

No

Array of strings

Specifies the firewall rules referenced by the network ACL policy.

audited

No

Boolean

Specifies the audit flag.

The value can be true or false.

Example Request

Create an ACL policy named test-policy and associate it with the ACL rule whose ID is b8243448-cb3c-496e-851c-dadade4c161b.

POST https://{Endpoint}/v2.0/fwaas/firewall_policies

{
    "firewall_policy": {
        "name": "test-policy", 
        "firewall_rules": [
            "b8243448-cb3c-496e-851c-dadade4c161b"
        ]
    }
}

Response Parameters

Table 3 Response parameter

Parameter

Type

Description

firewall_policy

firewall_policy object

Specifies the firewall policy. For details, see Table 4.

Table 4 Firewall Policy objects

Attribute

Type

Description

id

String

Specifies the UUID of the network ACL policy.

name

String

Specifies the name of the network ACL policy.

description

String

Provides supplementary information about the network ACL policy.

tenant_id

String

Specifies the project ID.

firewall_rules

Array of strings

Specifies the firewall rules referenced by the network ACL policy.

audited

Boolean

Specifies the audit flag.

public

Boolean

Specifies whether the firewall policy can be shared by different tenants.

project_id

String

Specifies the project ID. For details about how to obtain a project ID, see Obtaining a Project ID.

Example Response

{
    "firewall_policy": {
        "description": "", 
        "firewall_rules": [
            "b8243448-cb3c-496e-851c-dadade4c161b"
        ], 
        "tenant_id": "23c8a121505047b6869edf39f3062712", 
        "public": false, 
        "id": "2fb0e81f-9f63-44b2-9894-c13a3284594a", 
        "audited": false, 
        "name": "test-policy",
        "project_id": "23c8a121505047b6869edf39f3062712"
    }
}

Status Code

See Status Codes.

Error Code

See Error Codes.