Creating a Network ACL Group
Function
This API is used to create a network ACL group.
URI
POST /v2.0/fwaas/firewall_groups
Request Parameters
Parameter | Type | Mandatory | Description |
|---|---|---|---|
firewall_group | firewall_group object | Yes | Specifies the firewall group. For details, see Table 2. |
Attribute | Mandatory | Type | Description |
|---|---|---|---|
name | No | String | Specifies the name of the network ACL group. The value can contain a maximum of 255 characters. |
description | No | String | Provides supplementary information about the network ACL group. The value can contain a maximum of 255 characters. |
ingress_firewall_policy_id | No | String | Specifies the network ACL policy for inbound traffic. |
egress_firewall_policy_id | No | String | Specifies the network ACL policy for outbound traffic. |
ports | No | Array of strings | Specifies the list of ports bound with the network ACL group. The value must be the port ID. NOTE: The port is the one whose device_owner is network:router_interface_distributed.
|
admin_state_up | No | Boolean | Specifies the administrative status of the network ACL. The value can be true or false. |
Example Request
Create an ACL group, associate it with the inbound ACL policy afc52ce9-5305-4ec9-9feb-44feb8330341, and set the port ID to c133f2bf-6937-4416-bb17-012e1be5cd2d.
POST https://{Endpoint}/v2.0/fwaas/firewall_groups{"firewall_group": {"name": "test","ingress_firewall_policy_id": "afc52ce9-5305-4ec9-9feb-44feb8330341","ports": ["c133f2bf-6937-4416-bb17-012e1be5cd2d"]}}
Response Parameters
Parameter | Type | Description |
|---|---|---|
firewall_group | firewall_group object | Specifies the firewall group. For details, see Table 4. |
Attribute | Type | Description |
|---|---|---|
id | String | Specifies the UUID of the network ACL group. |
name | String | Specifies the name of the network ACL group. |
description | String | Provides supplementary information about the network ACL group. |
tenant_id | String | Specifies the project ID. |
ingress_firewall_policy_id | String | Specifies the network ACL policy for inbound traffic. |
egress_firewall_policy_id | String | Specifies the network ACL policy for outbound traffic. |
ports | Array of strings | Specifies the list of ports bound with the network ACL group. |
public | Boolean | Specifies whether the firewall group can be shared by different tenants. |
status | String | Specifies the status of the network ACL policy. The value can be:
|
admin_state_up | Boolean | Specifies the administrative status of the network ACL. |
project_id | String | Specifies the project ID. For details about how to obtain a project ID, see Obtaining a Project ID. |
created_at | String | Specifies the time (UTC) when the resource is created. Format: yyyy-MM-ddTHH:mm:ss |
updated_at | String | Specifies the time (UTC) when the resource is updated. Format: yyyy-MM-ddTHH:mm:ss |
Example Response
{"firewall_group": {"status": "PENDING_CREATE","public": false,"egress_firewall_policy_id": null,"name": "test","admin_state_up": true,"ports": ["c133f2bf-6937-4416-bb17-012e1be5cd2d"],"tenant_id": "23c8a121505047b6869edf39f3062712","id": "0415f554-26ed-44e7-a881-bdf4e6216e38","ingress_firewall_policy_id": "afc52ce9-5305-4ec9-9feb-44feb8330341","description": "","project_id": "23c8a121505047b6869edf39f3062712","created_at": "2018-09-12T08:24:14","updated_at": "2018-09-12T08:24:14"}}
Status Code
See Status Codes.
Error Code
See Error Codes.
- Function
- URI
- Request Parameters
- Example Request
- Response Parameters
- Example Response
- Status Code
- Error Code