[{"label":"Latest (v1.0)","version":"latest"}]
nsx-vmc-policy

Update Security Policy

Description

Patch the security policy for a domain. If a security policy for the given security-policy-id is not present, the object will get created and if it is present it will be updated. This is a full replace

Request

Request

URL

URL


patch
https://nsxmanager.your.domain/policy/api/v1/infra/domains/{domain-id}/security-policies/{security-policy-id}
Copy

Path Parameters

Path Parameters

string
domain-id Required

string
security-policy-id Required

Request Body

Request Body

SecurityPolicy of type(s) application/json Required
This request body class requires all of the following: Policy, InlineSecurityPolicy1
Authentication

Authentication

This operation uses the following authentication methods.

Response

Response

200 OK

OK

Errors

Errors

400

Bad Request


403

Forbidden


404

Not Found


412

Precondition Failed


500

Internal Server Error


503

Service Unavailable

Code Samples

Code Samples

PowerCLI Client SDK Example

$ResourceLink = Initialize-ResourceLink -Action "MyAction" -Href "MyHref" -Rel "MyRel"
$SelfResourceLink = Initialize-SelfResourceLink -Action "MyAction" -Href "MyHref" -Rel "MyRel"
$Tag = Initialize-Tag -Scope "MyScope" -_Tag "My_Tag"
$PolicyRequestParameter = Initialize-PolicyRequestParameter -ResourceType "MyResourceType"
$ChildPolicyConfigResource = Initialize-ChildPolicyConfigResource -Links $ResourceLink -Schema "MySchema" -Self $SelfResourceLink -Revision 0 -CreateTime 0 -CreateUser "MyCreateUser" -LastModifiedTime 0 -LastModifiedUser "MyLastModifiedUser" -Protection "MyProtection" -SystemOwned $false -Description "MyDescription" -DisplayName "MyDisplayName" -Id "MyId" -ResourceType "MyResourceType" -Tags $Tag -MarkForOverride $false -MarkedForDelete $false -RequestParameter $PolicyRequestParameter
$ApplicationConnectivityStrategy = Initialize-ApplicationConnectivityStrategy -_ApplicationConnectivityStrategy "ALLOW_INTRA" -DefaultApplicationRuleId 0 -LoggingEnabled $false
$ServiceEntry = Initialize-ServiceEntry -Links $ResourceLink -Schema "MySchema" -Self $SelfResourceLink -Revision 0 -CreateTime 0 -CreateUser "MyCreateUser" -LastModifiedTime 0 -LastModifiedUser "MyLastModifiedUser" -Protection "MyProtection" -SystemOwned $false -Description "MyDescription" -DisplayName "MyDisplayName" -Id "MyId" -ResourceType "IPProtocolServiceEntry" -Tags $Tag -ParentPath "MyParentPath" -Path "MyPath" -RealizationId "MyRealizationId" -RelativePath "MyRelativePath" -UniqueId "MyUniqueId" -Children $ChildPolicyConfigResource -MarkedForDelete $false -Overridden $false
$Rule = Initialize-Rule -Links $ResourceLink -Schema "MySchema" -Self $SelfResourceLink -Revision 0 -CreateTime 0 -CreateUser "MyCreateUser" -LastModifiedTime 0 -LastModifiedUser "MyLastModifiedUser" -Protection "MyProtection" -SystemOwned $false -Description "MyDescription" -DisplayName "MyDisplayName" -Id "MyId" -ResourceType "MyResourceType" -Tags $Tag -ParentPath "MyParentPath" -Path "MyPath" -RealizationId "MyRealizationId" -RelativePath "MyRelativePath" -UniqueId "MyUniqueId" -Children $ChildPolicyConfigResource -MarkedForDelete $false -Overridden $false -DestinationGroups "MyDestinationGroups" -DestinationsExcluded $false -Direction "IN" -Disabled $false -IpProtocol "IPV4" -IsDefault $false -Logged $false -Notes "MyNotes" -Profiles "MyProfiles" -RuleId 0 -Scope "MyScope" -SequenceNumber 0 -ServiceEntries $ServiceEntry -Services "MyServices" -SourceGroups "MySourceGroups" -SourcesExcluded $false -Tag "MyTag" -Action "ALLOW"
$SecurityPolicy = Initialize-SecurityPolicy -Links $ResourceLink -Schema "MySchema" -Self $SelfResourceLink -Revision 0 -CreateTime 0 -CreateUser "MyCreateUser" -LastModifiedTime 0 -LastModifiedUser "MyLastModifiedUser" -Protection "MyProtection" -SystemOwned $false -Description "MyDescription" -DisplayName "MyDisplayName" -Id "MyId" -ResourceType "MyResourceType" -Tags $Tag -ParentPath "MyParentPath" -Path "MyPath" -RealizationId "MyRealizationId" -RelativePath "MyRelativePath" -UniqueId "MyUniqueId" -Children $ChildPolicyConfigResource -MarkedForDelete $false -Overridden $false -Category "MyCategory" -Comments "MyComments" -InternalSequenceNumber 0 -IsDefault $false -LockModifiedBy "MyLockModifiedBy" -LockModifiedTime 0 -Locked $false -RuleCount 0 -SchedulerPath "MySchedulerPath" -Scope "MyScope" -SequenceNumber 0 -Stateful $false -TcpStrict $false -ApplicationConnectivityStrategy $ApplicationConnectivityStrategy -ConnectivityPreference "ALLOWLIST" -ConnectivityStrategy "WHITELIST" -DefaultRuleId 0 -LoggingEnabled $false -Rules $Rule
Invoke-PatchSecurityPolicyForDomain -domainId "MydomainId" -securityPolicyId "MysecurityPolicyId" -securityPolicy $securityPolicy

cURL Command

curl -X PATCH -H "Content-Type: application/json" -d '{}' https://nsxmanager.your.domain/policy/api/v1/infra/domains/{domain-id}/security-policies/{security-policy-id}
Vendor Extensions

Vendor Extensions

This operation contains the following vendor extensions defined in the spec:
x-vmw-doc-operation: update-security-policy
x-vmw-nsx-module: DfwSecurityPolicy


Feedback

Was this page helpful?