FirewallPoliciesResource


Create a firewall policy


Firewall policies may vary between providers, for example, when you create a firewall policy, the default rule may open all ports to incoming traffic for all protocols from any source. Can associate a firewall policy with a virtual datacenter by adding a link to the virtual datacenter.

POST https://example.com/api/cloud/locations/{location}/devices/{device}/firewalls

Roles : [ROLE_MANAGE_FIREWALLS]

Content-Type : firewallpolicy Accept : firewallpolicy

Error Codes

  • CONSTR-LEADINGORTRAILINGWHITESPACE - The property 'name' must not have whitespace at the beginning or the end.
  • FIREWALLPOLICY-1 - The name is required
  • FIREWALLPOLICY-10 - Only a firewall assigned to the virtual datacenter can be set as the default
  • GEN-4 - Not enough permissions to perform this action
  • LOCATION-5 - The given virtual datacenter is not compatible with the given location
  • NETDEVICE-5 - The entity is associated with a device that is not configured in the current virtual datacenter
  • VDC-0 - The requested virtual datacenter does not exist
  • VDC-9 - The provided virtual datacenter link is invalid

Example

List firewall policies


List the firewall policies created in a location.

GET https://example.com/api/cloud/locations/{location}/devices/{device}/firewalls

Roles : [ROLE_MANAGE_FIREWALLS]

Parameter Type Default Value Description
vdcs String If present filter by a comma separated list of virtual datacenter IDs
startwith Integer 0 The first element to be retrieved of the filtered search
by String name Parameter for ordering. Valid values {@link com.abiquo.server.core.cloud.FirewallPolicy.ORDER_BY}
has String If present filter to apply in the search.
limit Integer 25 The number of entities to retrieve
asc Boolean true If the value of the 'by' parameter must be sorted in ascending order (true) or descending order (false)
source String LOCAL Use ''REMOTE'' to force synchronization with the provider
  • Import new firewall policies into Abiquo
  • Update existing firewall policies
  • Detach firewall policies that do not exist in the provider from the provider and VMs

Accept : firewallpolicies

Error Codes

  • LOCATION-4 - The location does not exist

Example

Delete a firewall policy


Remove a firewall policy. Before you delete a firewall policy, first remove it from the VMs that are using it.

DELETE https://example.com/api/cloud/locations/{location}/devices/{device}/firewalls/{firewall}

Roles : [ROLE_MANAGE_FIREWALLS]

Parameter Type Default Value Description
force boolean false If true, logical delete is performed

Example

Get a firewall policy


Returns an specific firewall policy.

GET https://example.com/api/cloud/locations/{location}/devices/{device}/firewalls/{firewall}

Roles : [ROLE_MANAGE_FIREWALLS]

Accept : firewallpolicy

Error Codes

  • FIREWALLPOLICY-5 - The requested firewall policy does not exist
  • LOCATION-4 - The location does not exist

Example

Update a firewall policy


This method only allows you to modify the name, the description, and the association with a virtual datacenter, to add, move or remove. The provider will then permit or block the operation.

PUT https://example.com/api/cloud/locations/{location}/devices/{device}/firewalls/{firewall}

Roles : [ROLE_MANAGE_FIREWALLS]

Content-Type : firewallpolicy Accept : firewallpolicy

Error Codes

  • FIREWALLPOLICY-1 - The name is required
  • FIREWALLPOLICY-11 - A default firewall is required
  • FIREWALLPOLICY-6 - The firewall policy is being used by virtual machines and/or load balancers and cannot be modified
  • GEN-4 - Not enough permissions to perform this action
  • LOCATION-5 - The given virtual datacenter is not compatible with the given location
  • NETDEVICE-5 - The entity is associated with a device that is not configured in the current virtual datacenter
  • PL-CPROV-3 - The request response could not be fulfilled.
  • VDC-0 - The requested virtual datacenter does not exist
  • VDC-9 - The provided virtual datacenter link is invalid

Example

Update default firewall of a virtual datacenter


Set or remove a firewall policy as default for a virtual datacenter.

POST https://example.com/api/cloud/locations/{location}/devices/{device}/firewalls/{firewall}/action/defaultfirewallpolicy

Roles : [ROLE_MANAGE_DEFAULT_FIREWALL]

Example

List firewall rules of a firewall policy


Returns all firewall egress and ingress rules from a firewall policies

GET https://example.com/api/cloud/locations/{location}/devices/{device}/firewalls/{firewall}/rules

Roles : [ROLE_MANAGE_FIREWALLS]

Accept : firewallrules

Error Codes

  • FIREWALLPOLICY-5 - The requested firewall policy does not exist
  • LOCATION-4 - The location does not exist

Example

Update the firewall rules of a firewall policy


Modifies the list of all rules from a firewall policy, removing the old rules and creating only the given ones.

PUT https://example.com/api/cloud/locations/{location}/devices/{device}/firewalls/{firewall}/rules

Roles : [ROLE_MANAGE_FIREWALLS]

Content-Type : firewallrules Accept : firewallrules

Error Codes

  • FIREWALLPOLICY-5 - The requested firewall policy does not exist
  • FIREWALLRULE-1 - The protocol is required
  • FIREWALLRULE-2 - The port field for the start of the port range is required
  • FIREWALLRULE-3 - The port field for the end of the port range is required
  • FIREWALLRULE-4 - The targets list is required for an egress rule or the sources list for an ingress rule
  • FIREWALLRULE-5 - Firewall rule can be egress or ingress but not both. Complete either targets or sources only
  • LOCATION-4 - The location does not exist

Example