1. Manuals
  2. Brands
  3. VMware Manuals
  4. Software
  5. VSHIELD APP 1.0 - API
  6. Programming manual

Delete All Firewall Rules Under A Container; Managing Security Groups; Add A Security Group - VMware VSHIELD APP 1.0 - API Programming Manual

Vshield api
Hide thumbs
Table of Contents

Advertisement

vShield API Programming Guide

Delete All Firewall Rules under a Container

You can delete the entire rule set for a datacenter, cluster, or port group container. When you delete the firewall 
rule set at the datacenter or cluster level, the system reverts to the default rules for that container and all child 
containers. If you delete rules at the cluster or port group level, any rules set at the datacenter remain enforced.
Example 6-9. Delete a Firewall Rule Set for a Container
Request:
DELETE <vshield_manager-uri>/api/1.0/zones/<container-moid>/firewall/rules
Example:
DELETE /api/1.0/zones/datacenter-4361/firewall/rules HTTP/1.1
Host: localhost
Authorization: Basic YWRtaW46ZGVmYXVsdA==

Managing Security Groups

A security group is a trust zone that you create and assign resources to for vShield App firewall protection. 
Security groups are containers, like a vApp or a cluster. Typically, containers are created in the vCenter and 
viewed in the vShield Manager user interface.
Security groups enables you to create custom containers from within vShield. You arbitrarily assign resources, 
such as virtual machines and network adapters, to a security group. After the group is defined, you add the 
group to an vShield App firewall rule for protection. See "Configuring Firewall Rules for a vCenter Container" 
on page 53.
All security groups configured by using REST requests appear under the Security Groups tab for the 
appropriate node in the vShield Manager user interface and vSphere Client plug‐in.
For the security groups schema, see "Security Groups Schema" on page 69.

Add a Security Group

Example 6-10. Adding a Security Group
Request:
POST <vshield_manager-uri>/api/1.0/global/securityGroups/<base-node-moid>/groups
Example: 
Adding a single security group
POST /api/1.0/global/securityGroups/datacenter-7/groups/ HTTP/1.1
authorization: Basic YWRtaW46ZGVmYXVsdA==
host: 10.112.196.127
Content-Type: application/xml
Content-Length: 474
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
58
<VsmGlobalConfig><SecurityGroups><SecurityGroup><SecurityGroupBaseNode>datacen
ter-7</SecurityGroupBaseNode><SecurityGroupName>Zone-3</SecurityGroupName><Sec
urityGroupNodeList><Node><Id>502888cf-e08c-61dc-4523-a87e234d821a.000</Id></No
de><Node><Id>502a183c-715e-5e37-f413-aea57de1e884.000</Id></Node></SecurityGro
upNodeList></SecurityGroup></SecurityGroups></VsmGlobalConfig>
VMware, Inc.

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the VSHIELD APP 1.0 - API and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for VMware VSHIELD APP 1.0 - API

Related Products for VMware VSHIELD APP 1.0 - API

This manual is also suitable for:

Vshield manager 4.1 - apiVshield manager 4.1Vshield edge 1.0Vshield endpoint 1.0Vshield app 1.0 -

Table of Contents