[{"label":"Latest (v1.0)","version":"latest"}]
nsx-vmc-policy

Create Security Policy

Description

Create or Update the security policy for a domain. This is a full replace. All the rules are replaced.

Request

Request

URL

URL


put
https://nsxmanager.your.domain/policy/api/v1/infra/domains/{domain-id}/security-policies/{security-policy-id}
Copy

Path Parameters

Path Parameters

string
domain-id Required

string
security-policy-id Required

Request Body

Request Body

SecurityPolicy of type(s) application/json Required
This request body class requires all of the following: Policy, InlineSecurityPolicy1
Authentication

Authentication

This operation uses the following authentication methods.

Response

Response

Response Body

Response Body

200 OK

Returns SecurityPolicy of type(s) application/json
This response body class contains all of the following: Policy, InlineSecurityPolicy1
Errors

Errors

400

Bad Request


403

Forbidden


404

Not Found


412

Precondition Failed


500

Internal Server Error


503

Service Unavailable

Code Samples

Code Samples

PowerCLI Client SDK Example

$ResourceLink = Initialize-ResourceLink -Action "MyAction" -Href "MyHref" -Rel "MyRel"
$SelfResourceLink = Initialize-SelfResourceLink -Action "MyAction" -Href "MyHref" -Rel "MyRel"
$Tag = Initialize-Tag -Scope "MyScope" -_Tag "My_Tag"
$PolicyRequestParameter = Initialize-PolicyRequestParameter -ResourceType "MyResourceType"
$ChildPolicyConfigResource = Initialize-ChildPolicyConfigResource -Links $ResourceLink -Schema "MySchema" -Self $SelfResourceLink -Revision 0 -CreateTime 0 -CreateUser "MyCreateUser" -LastModifiedTime 0 -LastModifiedUser "MyLastModifiedUser" -Protection "MyProtection" -SystemOwned $false -Description "MyDescription" -DisplayName "MyDisplayName" -Id "MyId" -ResourceType "MyResourceType" -Tags $Tag -MarkForOverride $false -MarkedForDelete $false -RequestParameter $PolicyRequestParameter
$ApplicationConnectivityStrategy = Initialize-ApplicationConnectivityStrategy -_ApplicationConnectivityStrategy "ALLOW_INTRA" -DefaultApplicationRuleId 0 -LoggingEnabled $false
$ServiceEntry = Initialize-ServiceEntry -Links $ResourceLink -Schema "MySchema" -Self $SelfResourceLink -Revision 0 -CreateTime 0 -CreateUser "MyCreateUser" -LastModifiedTime 0 -LastModifiedUser "MyLastModifiedUser" -Protection "MyProtection" -SystemOwned $false -Description "MyDescription" -DisplayName "MyDisplayName" -Id "MyId" -ResourceType "IPProtocolServiceEntry" -Tags $Tag -ParentPath "MyParentPath" -Path "MyPath" -RealizationId "MyRealizationId" -RelativePath "MyRelativePath" -UniqueId "MyUniqueId" -Children $ChildPolicyConfigResource -MarkedForDelete $false -Overridden $false
$Rule = Initialize-Rule -Links $ResourceLink -Schema "MySchema" -Self $SelfResourceLink -Revision 0 -CreateTime 0 -CreateUser "MyCreateUser" -LastModifiedTime 0 -LastModifiedUser "MyLastModifiedUser" -Protection "MyProtection" -SystemOwned $false -Description "MyDescription" -DisplayName "MyDisplayName" -Id "MyId" -ResourceType "MyResourceType" -Tags $Tag -ParentPath "MyParentPath" -Path "MyPath" -RealizationId "MyRealizationId" -RelativePath "MyRelativePath" -UniqueId "MyUniqueId" -Children $ChildPolicyConfigResource -MarkedForDelete $false -Overridden $false -DestinationGroups "MyDestinationGroups" -DestinationsExcluded $false -Direction "IN" -Disabled $false -IpProtocol "IPV4" -IsDefault $false -Logged $false -Notes "MyNotes" -Profiles "MyProfiles" -RuleId 0 -Scope "MyScope" -SequenceNumber 0 -ServiceEntries $ServiceEntry -Services "MyServices" -SourceGroups "MySourceGroups" -SourcesExcluded $false -Tag "MyTag" -Action "ALLOW"
$SecurityPolicy = Initialize-SecurityPolicy -Links $ResourceLink -Schema "MySchema" -Self $SelfResourceLink -Revision 0 -CreateTime 0 -CreateUser "MyCreateUser" -LastModifiedTime 0 -LastModifiedUser "MyLastModifiedUser" -Protection "MyProtection" -SystemOwned $false -Description "MyDescription" -DisplayName "MyDisplayName" -Id "MyId" -ResourceType "MyResourceType" -Tags $Tag -ParentPath "MyParentPath" -Path "MyPath" -RealizationId "MyRealizationId" -RelativePath "MyRelativePath" -UniqueId "MyUniqueId" -Children $ChildPolicyConfigResource -MarkedForDelete $false -Overridden $false -Category "MyCategory" -Comments "MyComments" -InternalSequenceNumber 0 -IsDefault $false -LockModifiedBy "MyLockModifiedBy" -LockModifiedTime 0 -Locked $false -RuleCount 0 -SchedulerPath "MySchedulerPath" -Scope "MyScope" -SequenceNumber 0 -Stateful $false -TcpStrict $false -ApplicationConnectivityStrategy $ApplicationConnectivityStrategy -ConnectivityPreference "ALLOWLIST" -ConnectivityStrategy "WHITELIST" -DefaultRuleId 0 -LoggingEnabled $false -Rules $Rule
Invoke-UpdateSecurityPolicyForDomain -domainId "MydomainId" -securityPolicyId "MysecurityPolicyId" -securityPolicy $securityPolicy

cURL Command

curl -X PUT -H "Content-Type: application/json" -d '{}' https://nsxmanager.your.domain/policy/api/v1/infra/domains/{domain-id}/security-policies/{security-policy-id}
Vendor Extensions

Vendor Extensions

This operation contains the following vendor extensions defined in the spec:
x-vmw-doc-operation: create-security-policy
x-vmw-nsx-module: DfwSecurityPolicy


Feedback

Was this page helpful?