NSX-T Data Center REST API

Revise the positioning of VPC security policies

This is used to set a precedence of a VPC security policy w.r.t others.
This API is available when using VMware Cloud (AWS, Dell-EMC, Outpost, Hyperscalers) or VMware NSX.

Request:

Method:
POST
URI Path(s):
/policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/security-policies/{security-policy-id}?action=revise
Request Headers:
n/a
Query Parameters:
SecurityPolicyInsertParameters+
Request Body:
SecurityPolicy+

Example Request:

POST https://<policy-mgr>/policy/api/v1/orgs/default/projects/project-1/vpcs/vpc-1/security-policies/sp-4?action=revise&anchor_path=/orgs/default/projects/project-1/vpcs/vpc-1/security-policies/sp-2&operation=insert_after { "description": "comm map revised", "display_name": "application-section-1", "category":"Application", "rules": [ { "description": " comm entry", "display_name": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "action": "ALLOW" } ] }

Successful Response:

Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SecurityPolicy+

Example Response:

{ "rules": [ { "action": "ALLOW", "resource_type": "Rule", "id": "rule-1", "display_name": "rule-1", "path": "/orgs/default/projects/test-project/vpcs/vpc-1/security-policies/sp-4/rules/rule-1", "relative_path": "rule-1", "parent_path": "/orgs/default/projects/test-project/vpcs/vpc-1/security-policies/sp-4", "remote_path": "", "unique_id": "00000000-0000-0000-0000-000000007147", "realization_id": "00000000-0000-0000-0000-000000007147", "owner_id": "54d15ea1-54f8-4218-a084-cf0dc5b929f5", "origin_site_id": "54d15ea1-54f8-4218-a084-cf0dc5b929f5", "marked_for_delete": false, "overridden": false, "rule_id": 7147, "sequence_number": 1, "sources_excluded": false, "destinations_excluded": false, "source_groups": [ "ANY" ], "destination_groups": [ "ANY" ], "services": [ "ANY" ], "profiles": [ "ANY" ], "logged": false, "scope": [ "ANY" ], "disabled": false, "direction": "IN_OUT", "ip_protocol": "IPV4_IPV6", "is_default": false, "_create_time": 1683789718157, "_create_user": "admin", "_last_modified_time": 1683789718157, "_last_modified_user": "admin", "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "logging_enabled": false, "resource_type": "SecurityPolicy", "id": "sp-4", "display_name": "policy-1", "path": "/orgs/default/projects/test-project/vpcs/vpc-1/security-policies/sp-4", "relative_path": "sp-4", "parent_path": "/orgs/default/projects/test-project/vpcs/vpc-1", "remote_path": "", "unique_id": "d99c07f4-cc0f-4be6-99af-fbc72e691538", "realization_id": "d99c07f4-cc0f-4be6-99af-fbc72e691538", "owner_id": "54d15ea1-54f8-4218-a084-cf0dc5b929f5", "origin_site_id": "54d15ea1-54f8-4218-a084-cf0dc5b929f5", "marked_for_delete": false, "overridden": false, "sequence_number": 20000, "internal_sequence_number": 66020000, "category": "Application", "stateful": true, "tcp_strict": true, "locked": false, "lock_modified_time": 0, "scope": [ "ANY" ], "rule_count": 1, "is_default": false, "_create_time": 1683789718024, "_create_user": "admin", "_last_modified_time": 1683789718024, "_last_modified_user": "admin", "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }

Required Permissions:

crud

Feature:

policy_dfw

Additional Errors: