NSX-T Data Center REST API
RuleTemplate (schema)
Set of template rules defined for a given security strategy.
Rule Template defines a template-based distributed firewall rule that serves as a blueprint for actual firewall rules.
When a security strategy is attached to a VPC, these rule templates are instantiated into concrete firewall rules.
Templates contain placeholders (such as {VPC_DEFAULT_GROUP} and {PROJECT_DEFAULT_GROUP}) that are dynamically replaced
with actual resource references based on the target VPC context. Each template specifies source and destination criteria,
traffic actions, applicable services, and the scope of rule application, providing a flexible and reusable approach
to security rule definition across different VPC deployments.
| Name | Description | Type | Notes |
|---|---|---|---|
| action | It defines the action of the security strategy rule. It defines the action of the security strategy rule. |
string | Required Enum: ALLOW, DROP, REJECT, JUMP_TO_APPLICATION |
| description | Rule Description This description provides a comprehensive explanation of the rule, including the actions it performs and its impact on tenant resources. |
string | Maximum length: 1024 |
| destination_groups | It defines the destination of the rule It defines the destination of the rule resulting from attaching a security strategy to a VPC. As the security strategy is attached to a VPC, the source for the rule would be the VPC default group. These values would be actually replaced by the system based on the VPC to which the security strategy is attached. |
array of string | Required |
| display_name | Rule Name Name of the rule within a specific security strategy. |
string | Maximum length: 255 |
| scope | Placeholder representing the VPC to which the security rules is applied resulting from attaching a security strategy to a VPC.
|
array of string | |
| services | Names of services In order to specify all services, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values. |
array of string | Maximum items: 128 |
| source_groups | It defines the source of the rule It defines the source of the rule resulting from attaching a security strategy to a VPC. As the security strategy is attached to a VPC, the source for the rule would be the VPC default group. These values would be actually replaced by the system based on the VPC to which the security strategy is attached. |
array of string | Required |