[{"label":"Latest (v1.0)","version":"latest"}]
nsx-vmc-policy

Create Security Policy

Description

Create or Update the security policy for a domain. This is a full replace. All the rules are replaced.

Request

Request

URL

URL


put
https://nsxmanager.your.domain/policy/api/v1/infra/domains/{domain-id}/security-policies/{security-policy-id}
Copy

Path Parameters

Path Parameters

string
domain-id Required

string
security-policy-id Required

Request Body

Request Body

SecurityPolicy of type(s) application/json Required
This request body class requires all of the following: Policy, InlineSecurityPolicy1
Authentication

Authentication

This operation uses the following authentication methods.

Response

Response

Response Body

Response Body

200 OK

Returns SecurityPolicy of type(s) application/json
This response body class contains all of the following: Policy, InlineSecurityPolicy1
Errors

Errors

ApiError
400

Bad Request


ApiError
403

Forbidden


ApiError
404

Not Found


ApiError
412

Precondition Failed


ApiError
500

Internal Server Error


ApiError
503

Service Unavailable

Code Samples

Code Samples

PowerCLI Client SDK Example

$ResourceLink = Initialize-nullResourceLink -Action "MyAction" -Href "MyHref" -Rel "MyRel"
$SelfResourceLink = Initialize-nullSelfResourceLink -Action "MyAction" -Href "MyHref" -Rel "MyRel"
$Tag = Initialize-nullTag -Scope "MyScope" -_Tag "My_Tag"
$PolicyRequestParameter = Initialize-nullPolicyRequestParameter -ResourceType "MyResourceType"
$ChildPolicyConfigResource = Initialize-nullChildPolicyConfigResource -Links $ResourceLink -Schema "MySchema" -Self $SelfResourceLink -Revision 0 -CreateTime 0 -CreateUser "MyCreateUser" -LastModifiedTime 0 -LastModifiedUser "MyLastModifiedUser" -Protection "MyProtection" -SystemOwned $false -Description "MyDescription" -DisplayName "MyDisplayName" -Id "MyId" -ResourceType "MyResourceType" -Tags $Tag -MarkForOverride $false -MarkedForDelete $false -RequestParameter $PolicyRequestParameter
$ApplicationConnectivityStrategy = Initialize-nullApplicationConnectivityStrategy -_ApplicationConnectivityStrategy "ALLOW_INTRA" -DefaultApplicationRuleId 0 -LoggingEnabled $false
$ServiceEntry = Initialize-nullServiceEntry -Links $ResourceLink -Schema "MySchema" -Self $SelfResourceLink -Revision 0 -CreateTime 0 -CreateUser "MyCreateUser" -LastModifiedTime 0 -LastModifiedUser "MyLastModifiedUser" -Protection "MyProtection" -SystemOwned $false -Description "MyDescription" -DisplayName "MyDisplayName" -Id "MyId" -ResourceType "IPProtocolServiceEntry" -Tags $Tag -ParentPath "MyParentPath" -Path "MyPath" -RealizationId "MyRealizationId" -RelativePath "MyRelativePath" -UniqueId "MyUniqueId" -Children $ChildPolicyConfigResource -MarkedForDelete $false -Overridden $false
$Rule = Initialize-nullRule -Links $ResourceLink -Schema "MySchema" -Self $SelfResourceLink -Revision 0 -CreateTime 0 -CreateUser "MyCreateUser" -LastModifiedTime 0 -LastModifiedUser "MyLastModifiedUser" -Protection "MyProtection" -SystemOwned $false -Description "MyDescription" -DisplayName "MyDisplayName" -Id "MyId" -ResourceType "MyResourceType" -Tags $Tag -ParentPath "MyParentPath" -Path "MyPath" -RealizationId "MyRealizationId" -RelativePath "MyRelativePath" -UniqueId "MyUniqueId" -Children $ChildPolicyConfigResource -MarkedForDelete $false -Overridden $false -DestinationGroups "MyDestinationGroups" -DestinationsExcluded $false -Direction "IN" -Disabled $false -IpProtocol "IPV4" -IsDefault $false -Logged $false -Notes "MyNotes" -Profiles "MyProfiles" -RuleId 0 -Scope "MyScope" -SequenceNumber 0 -ServiceEntries $ServiceEntry -Services "MyServices" -SourceGroups "MySourceGroups" -SourcesExcluded $false -Tag "MyTag" -Action "ALLOW"
$SecurityPolicy = Initialize-nullSecurityPolicy -Links $ResourceLink -Schema "MySchema" -Self $SelfResourceLink -Revision 0 -CreateTime 0 -CreateUser "MyCreateUser" -LastModifiedTime 0 -LastModifiedUser "MyLastModifiedUser" -Protection "MyProtection" -SystemOwned $false -Description "MyDescription" -DisplayName "MyDisplayName" -Id "MyId" -ResourceType "MyResourceType" -Tags $Tag -ParentPath "MyParentPath" -Path "MyPath" -RealizationId "MyRealizationId" -RelativePath "MyRelativePath" -UniqueId "MyUniqueId" -Children $ChildPolicyConfigResource -MarkedForDelete $false -Overridden $false -Category "MyCategory" -Comments "MyComments" -InternalSequenceNumber 0 -IsDefault $false -LockModifiedBy "MyLockModifiedBy" -LockModifiedTime 0 -Locked $false -RuleCount 0 -SchedulerPath "MySchedulerPath" -Scope "MyScope" -SequenceNumber 0 -Stateful $false -TcpStrict $false -ApplicationConnectivityStrategy $ApplicationConnectivityStrategy -ConnectivityPreference "ALLOWLIST" -ConnectivityStrategy "WHITELIST" -DefaultRuleId 0 -LoggingEnabled $false -Rules $Rule
Invoke-UpdateSecurityPolicyForDomain -domainId "MydomainId" -securityPolicyId "MysecurityPolicyId" -securityPolicy $securityPolicy

cURL Command

curl -X PUT -H "Content-Type: application/json" -d '{}' https://nsxmanager.your.domain/policy/api/v1/infra/domains/{domain-id}/security-policies/{security-policy-id}
Vendor Extensions

Vendor Extensions

This operation contains the following vendor extensions defined in the spec:
x-vmw-doc-operation: create-security-policy
x-vmw-nsx-module: DfwSecurityPolicy


Feedback

Was this page helpful?