List firewall rules
Lists firewall rules.
URI
/v2.0/fw/firewall_rules
HTTP method
GET
Response status
| Status code | Description |
|---|---|
| 200 | Normal response codes |
| unauthorized (401) | Error response codes |
Response body (normal status)
{
"firewall_rules": [
{
"action": "allow",
"description": "",
"destination_ip_address": null,
"destination_port": "80",
"enabled": true,
"firewall_policy_id": "c69933c1-b472-44f9-8226-30dc4ffd454c",
"id": "8722e0e0-9cc9-4490-9660-8c9a5732fbb0",
"ip_version": 4,
"name": "ALLOW_HTTP",
"position": 1,
"protocol": "tcp",
"shared": false,
"source_ip_address": null,
"source_port": null,
"tenant_id": "45977fa2dbd7482098dd68d0d8970117",
"availability_zone": "AZ1"
}
]
}
Description of response body (normal status)
| Item | Description |
|---|---|
| action | Action to be performed on the traffic matching the rule (allow, deny). |
| description | Human readable description for the firewall Rule (1024 character limit). |
| destination_ip_address | Destination IP address or CIDR. |
| destination_port | Destination port number or a range. If range, port numbers are separated by colon. |
| enabled | When set to False will disable this rule in the firewall policy. Facilitates selectively turning off rules without having to disassociate the rule from the firewall policy. |
| firewall_policy_id | This is a read-only attribute which gets populated with the uuid of the firewall policy when this firewall rule is associated with a firewall policy. A firewall rule can be associated with one firewall policy at a time. The association can however be updated to a different firewall policy. This attribute can be "null" if the rule is not associated with any firewall policy. |
| id | Unique identifier for the firewall rule object. |
| ip_version | IP Protocol Version. |
| name | Human readable name for the firewall rule (255 character limit). Does not have to be unique. |
| position | This is a read-only attribute that gets assigned to this rule when the rule is associated with a firewall policy. It indicates the position of this rule in that firewall policy. This position number starts at 1. The position can be "null" if the firewall rule is not associated with any policy. |
| protocol | The protocol that is matched by the firewall rule. Valid values are null, tcp, udp, and icmp. |
| shared | Indicates whether this firewall rule is shared across all projects. This value is always False. |
| source_ip_address | Source IP address or CIDR. |
| source_port | Source port number or a range. If range, port numbers are separated by colon. |
| tenant_id | Owner of the firewall rule. Only admin users can specify a project identifier other than their own. |
| availability_zone | The Availability Zone name. |