Update firewall
Updates a firewall, provided status is not PENDING_*.
URI
/v2.0/fw/firewalls/{firewall-id}
HTTP method
PUT
Request parameter
| Key | Description | Type | Required/optional |
|---|---|---|---|
| admin_state_up | Administrative state of the firewall. If false (down), firewall does not forward packets and will drop all traffic to/from VMs behind the firewall. | xsd:bool | Optional |
| firewall_policy_id | The firewall policy uuid that this firewall is associated with. This firewall will implement the rules contained in the firewall policy represented by this uuid. | csapi:uuid | Optional |
| router_id | The ID of the router that this firewall be applied. If you do not specify this, the resource will be created at all routers in the project. If router_ids has already been specified for the firewall, router_id cannot be set. |
xsd:string | Optional (not recommended) |
| router_ids | The IDs of the routers that this firewall be applied. If you specify both router_ids and router_id at the same time, the resource will be created at all routers of router_ids. |
xsd:string | Optional |
| description | Human readable description for the firewall (255 character limit). | xsd:string | Optional |
| name | Human readable name for the firewall (255 character limit). Does not have to be unique. | xsd:string | Optional |
CAUTION:
router_id is not a recommended parameter. It only remains to enable smooth migration to the new parameter router_ids. You should use router_ids. router_id may be deleted in the future.
CAUTION:
When the router_ids attribute is specified in the request parameters used to update a firewall with the router_id attribute specified, the router_id attribute will be disabled and the router_ids attribute will be enabled.
Example request
{
"firewall": {
"admin_state_up": "false"
}
}
Response status
| Status code | Description |
|---|---|
| 200 | Normal response codes |
| Bad Request (400) | Error response codes |
| Unauthorized (401) | Error response codes |
| Not Found (404) | Error response codes |
| conflict (409) | Error response codes |
Response body (normal status)
{
"firewall": {
"status": "PENDING_UPDATE",
"router_ids": [
"fe00194c-d73c-4b46-b94a-622bf28fc9e2"
],
"name": "",
"admin_state_up": false,
"tenant_id": "45977fa2dbd7482098dd68d0d8970117",
"firewall_policy_id": "c69933c1-b472-44f9-8226-30dc4ffd454c",
"id": "3b0ef8f4-82c7-44d4-a4fb-6177f9a21977",
"description": "",
"availability_zone": "AZ1"
}
}
Description of response body (normal status)
| Item | Description |
|---|---|
| admin_state_up | Administrative state of the firewall. If false (down), firewall does not forward packets and will drop all traffic to/from VMs behind the firewall. |
| description | Human readable description for the firewall (1024 character limit). |
| firewall_policy_id | The firewall policy uuid that this firewall is associated with. This firewall will implement the rules contained in the firewall policy represented by this uuid. |
| id | Unique identifier for the firewall object. |
| name | Human readable name for the firewall (255 character limit). Does not have to be unique. |
| status | Indicates whether firewall resource is currently operational. Possible values include: ACTIVE, INACTIVE, DOWN, ERROR, PENDING_CREATE, PENDING_UPDATE, or PENDING_DELETE. |
| tenant_id | Owner of the firewall. Only admin users can specify a project identifier other than their own. |
| router_id (not recommended) | The ID of the router that this firewall applied. |
| router_ids | The IDs of the routers that this firewall applied. |
| availability_zone | The Availability Zone name. |
CAUTION:
router_id is not a recommended parameter. It only remains to enable smooth migration to the new parameter router_ids. You should use router_ids. router_id may be deleted in the future.
CAUTION:
The router_id attribute and the router_ids attribute are only included in the response of the relevant firewall when either of them is enabled.