NSX-T Data Center REST API
Create a Section with Rules. (Deprecated)
Creates a new firewall section with rules. The limit on the number ofrules is defined by maxItems in collection types for FirewallRule
(FirewallRuleXXXList types). When invoked on a section with a large number
of rules, this API is supported only at low rates of invocation (not more
than 4-5 times per minute). The typical latency of this API with about 1024
rules is about 4-5 seconds. This API should not be invoked with large
payloads at automation speeds. More than 50 rules with a large number of
rule references is not supported.
Instead, to create sections, use:
POST /api/v1/firewall/sections
To create rules, use:
POST /api/v1/firewall/sections/<section-id>/rules
Deprecated:
Use the following Policy API -
PUT|PATCH /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>
Request:
Method:
POST
URI Path(s):
/api/v1/firewall/sections?action=create_with_rules
Request Headers:
n/a
Query Parameters:
FirewallInsertParameters+
Request Body:
FirewallSectionRuleList+
Example Request:
{ "section_type":"LAYER3", "display_name":"another Layer3 Section with Rules", "stateful":true, "rules":[ { "display_name":"layer3rule1", "action":"ALLOW", "direction":"IN_OUT", "sources": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "destinations": [ { "target_display_name": "192.168.100.6", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ] } ] }Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
FirewallSectionRuleList+