NSX-T Data Center REST API

Associated URIs:

API Description	API Path
List security policies List all security policies for a domain.	GET /policy/api/v1/infra/domains/{domain-id}/security-policies GET /policy/api/v1/global-infra/domains/{domain-id}/security-policies GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/domains/{domain-id}/security-policies
Deletes a security policy from this domain Deletes the security policy along with all the rules	DELETE /policy/api/v1/infra/domains/{domain-id}/security-policies/{security-policy-id} DELETE /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/domains/{domain-id}/security-policies/{security-policy-id}
Read security policy Read security policy for a domain.	GET /policy/api/v1/infra/domains/{domain-id}/security-policies/{security-policy-id} GET /policy/api/v1/global-infra/domains/{domain-id}/security-policies/{security-policy-id} GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/domains/{domain-id}/security-policies/{security-policy-id}
Patch security policy Patch the security policy for a domain. If a security policy for the given security-policy-id is not present, the object will get created and if it is present it will be updated. This is a full replace. Performance Note: If you want to edit several rules in a security policy use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it.	PATCH /policy/api/v1/infra/domains/{domain-id}/security-policies/{security-policy-id} PATCH /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/domains/{domain-id}/security-policies/{security-policy-id}
Revise the positioning of security policies This is used to set a precedence of a security policy w.r.t others.	POST /policy/api/v1/infra/domains/{domain-id}/security-policies/{security-policy-id}?action=revise POST /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/domains/{domain-id}/security-policies/{security-policy-id}?action=revise
Create or Update security policy Create or Update the security policy for a domain. This is a full replace. All the rules are replaced. Performance Note: If you want to edit several rules in a security policy, use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it.	PUT /policy/api/v1/infra/domains/{domain-id}/security-policies/{security-policy-id} PUT /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/domains/{domain-id}/security-policies/{security-policy-id}
List rules List rules	GET /policy/api/v1/infra/domains/{domain-id}/security-policies/{security-policy-id}/rules GET /policy/api/v1/global-infra/domains/{domain-id}/security-policies/{security-policy-id}/rules GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/domains/{domain-id}/security-policies/{security-policy-id}/rules
Delete rule Delete rule	DELETE /policy/api/v1/infra/domains/{domain-id}/security-policies/{security-policy-id}/rules/{rule-id} DELETE /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/domains/{domain-id}/security-policies/{security-policy-id}/rules/{rule-id}
Read rule Read rule	GET /policy/api/v1/infra/domains/{domain-id}/security-policies/{security-policy-id}/rules/{rule-id} GET /policy/api/v1/global-infra/domains/{domain-id}/security-policies/{security-policy-id}/rules/{rule-id} GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/domains/{domain-id}/security-policies/{security-policy-id}/rules/{rule-id}
Patch a rule Patch the rule. If Rule corresponding to the the given rule-id is not present, the object will get created and if it is present it will be updated. This is a full replace. Performance Note: If you want to edit several rules in a security policy, prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/domains/<domain-id>/security-policies/<security-policy-id>	PATCH /policy/api/v1/infra/domains/{domain-id}/security-policies/{security-policy-id}/rules/{rule-id} PATCH /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/domains/{domain-id}/security-policies/{security-policy-id}/rules/{rule-id}
Revise the positioning of rule This is used to re-order a rule within a security policy.	POST /policy/api/v1/infra/domains/{domain-id}/security-policies/{security-policy-id}/rules/{rule-id}?action=revise POST /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/domains/{domain-id}/security-policies/{security-policy-id}/rules/{rule-id}?action=revise
Create or update a rule Update the rule. Create new rule if a rule with the rule-id is not already present. Performance Note: If you wish to edit several rules in a security policy, prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/domains/<domain-id>/security-policies/<security-policy-id>	PUT /policy/api/v1/infra/domains/{domain-id}/security-policies/{security-policy-id}/rules/{rule-id} PUT /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/domains/{domain-id}/security-policies/{security-policy-id}/rules/{rule-id}
Import K8s network policies to DFW Security Policies This is used to import a set of K8s network policies into DFW security policies	POST /policy/api/v1/infra/import-k8s-np-to-dfw POST /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/import-k8s-np-to-dfw