NSX-T Data Center REST API
Update an Existing Section, Including Its Rules (Deprecated)
Modifies existing firewall section along with its association with rules.When invoked on a large number of rules, this API is supported only at low
rates of invocation (not more than 2 times per minute). The typical latency
of this API with about 1024 rules is about 15 seconds in a cluster setup.
This API should not be invoked with large payloads at automation speeds.
Instead, to update rule content, use:
PUT /api/v1/firewall/sections/<section-id>/rules/<rule-id>
Simultaneous update (modify) operations on same section are not allowed to
prevent overwriting stale contents to firewall section. If a concurrent
update is performed, HTTP response code 409 will be returned to the client
operating on stale data. That client should retrieve the firewall section
again and re-apply its update.
Deprecated:
Use the following Policy API -
PUT|PATCH /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>
Request:
Method:
POST
URI Path(s):
/api/v1/firewall/sections/{section-id}?action=update_with_rules
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FirewallSectionRuleList+
Example Request:
{ "resource_type": "FirewallSection", "description": "", "id": "79b29ea5-051a-4ab2-af85-fb6520a9f881", "display_name": "my section", "tags": [], "section_type": "LAYER3", "is_default": false, "stateful": true, "rules": [ { "id": "1639424", "display_name": "my best rule", "notes": "This is my note", "destinations_excluded": false, "sources": [ { "target_display_name": "192.168.200.2", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.200.2" } ], "destinations": [ { "target_display_name": "192.168.200.3", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.200.3" } ], "ip_protocol": "IPV4_IPV6", "rule_tag": "", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT" } ] }Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallSectionRuleList+