neutron-fwaas policies

The following is an overview of all available policies in neutron-fwaas. For a sample configuration file, refer to Sample Neutron FWaaS Policy File.

neutron-fwaas

shared_firewall_groups
Default:

field:firewall_groups:shared=True

Definition of shared firewall groups

create_firewall_group
Default:

rule:regular_user

Operations:
  • POST /fwaas/firewall_groups

Create a firewall group

update_firewall_group
Default:

rule:admin_or_owner

Operations:
  • PUT /fwaas/firewall_groups/{id}

Update a firewall group

delete_firewall_group
Default:

rule:admin_or_owner

Operations:
  • DELETE /fwaas/firewall_groups/{id}

Delete a firewall group

create_firewall_group:shared
Default:

rule:admin_only

Operations:
  • POST /fwaas/firewall_groups

Create a shared firewall group

update_firewall_group:shared
Default:

rule:admin_only

Operations:
  • PUT /fwaas/firewall_groups/{id}

Update shared attribute of a firewall group

delete_firewall_group:shared
Default:

rule:admin_only

Operations:
  • DELETE /fwaas/firewall_groups/{id}

Delete a shared firewall group

get_firewall_group
Default:

rule:admin_or_owner or rule:shared_firewall_groups

Operations:
  • GET /fwaas/firewall_groups

  • GET /fwaas/firewall_groups/{id}

Get firewall groups

shared_firewall_policies
Default:

field:firewall_policies:shared=True

Definition of shared firewall policies

create_firewall_policy
Default:

rule:regular_user

Operations:
  • POST /fwaas/firewall_policies

Create a firewall policy

update_firewall_policy
Default:

rule:admin_or_owner

Operations:
  • PUT /fwaas/firewall_policies/{id}

Update a firewall policy

delete_firewall_policy
Default:

rule:admin_or_owner

Operations:
  • DELETE /fwaas/firewall_policies/{id}

Delete a firewall policy

create_firewall_policy:shared
Default:

rule:admin_only

Operations:
  • POST /fwaas/firewall_policies

Create a shared firewall policy

update_firewall_policy:shared
Default:

rule:admin_only

Operations:
  • PUT /fwaas/firewall_policies/{id}

Update shared attribute of a firewall policy

delete_firewall_policy:shared
Default:

rule:admin_only

Operations:
  • DELETE /fwaas/firewall_policies/{id}

Delete a shread firewall policy

get_firewall_policy
Default:

rule:admin_or_owner or rule:shared_firewall_policies

Operations:
  • GET /fwaas/firewall_policies

  • GET /fwaas/firewall_policies/{id}

Get firewall policies

shared_firewall_rules
Default:

field:firewall_rules:shared=True

Definition of shared firewall rules

create_firewall_rule
Default:

rule:regular_user

Operations:
  • POST /fwaas/firewall_rules

Create a firewall rule

update_firewall_rule
Default:

rule:admin_or_owner

Operations:
  • PUT /fwaas/firewall_rules/{id}

Update a firewall rule

delete_firewall_rule
Default:

rule:admin_or_owner

Operations:
  • DELETE /fwaas/firewall_rules/{id}

Delete a firewall rule

create_firewall_rule:shared
Default:

rule:admin_only

Operations:
  • POST /fwaas/firewall_rules

Create a shared firewall rule

update_firewall_rule:shared
Default:

rule:admin_only

Operations:
  • PUT /fwaas/firewall_rules/{id}

Update shared attribute of a firewall rule

delete_firewall_rule:shared
Default:

rule:admin_only

Operations:
  • DELETE /fwaas/firewall_rules/{id}

Delete a shread firewall rule

get_firewall_rule
Default:

rule:admin_or_owner or rule:shared_firewall_rules

Operations:
  • GET /fwaas/firewall_rules

  • GET /fwaas/firewall_rules/{id}

Get firewall rules

insert_rule
Default:

rule:admin_or_owner

Operations:
  • PUT /fwaas/firewall_policies/{id}/insert_rule

Insert rule into a firewall policy

remove_rule
Default:

rule:admin_or_owner

Operations:
  • PUT /fwaas/firewall_policies/{id}/remove_rule

Remove rule from a firewall policy