Update firewall

Updates a firewall, provided status is not PENDING_*.

URI

/v2.0/fw/firewalls/{firewall-id}

HTTP method

PUT

Request parameter

Key Description Type Required/optional
admin_state_up Administrative state of the firewall. If false (down), firewall does not forward packets and will drop all traffic to/from VMs behind the firewall. xsd:bool Optional
firewall_policy_id The firewall policy uuid that this firewall is associated with. This firewall will implement the rules contained in the firewall policy represented by this uuid. csapi:uuid Optional
router_id The ID of the router that this firewall be applied.

If you do not specify this, the resource will be created at all routers in the project.

If router_ids has already been specified for the firewall, router_id cannot be set.

xsd:string Optional

(not recommended)

router_ids The IDs of the routers that this firewall be applied.

If you specify both router_ids and router_id at the same time, the resource will be created at all routers of router_ids.

xsd:string Optional
description Human readable description for the firewall (255 character limit). xsd:string Optional
name Human readable name for the firewall (255 character limit). Does not have to be unique. xsd:string Optional
CAUTION:
router_id is not a recommended parameter. It only remains to enable smooth migration to the new parameter router_ids. You should use router_ids. router_id may be deleted in the future.
CAUTION:
When the router_ids attribute is specified in the request parameters used to update a firewall with the router_id attribute specified, the router_id attribute will be disabled and the router_ids attribute will be enabled.

Example request


{
    "firewall": {
        "admin_state_up": "false"
    }
} 
     

Response status

Status code Description
200 Normal response codes
Bad Request (400) Error response codes
Unauthorized (401) Error response codes
Not Found (404) Error response codes
conflict (409) Error response codes

Response body (normal status)


       {
       "firewall": {
       "status": "PENDING_UPDATE",
       "router_ids": [
       "fe00194c-d73c-4b46-b94a-622bf28fc9e2"
       ],
       "name": "",
       "admin_state_up": false,
       "tenant_id": "45977fa2dbd7482098dd68d0d8970117",        
       "firewall_policy_id": "c69933c1-b472-44f9-8226-30dc4ffd454c",
       "id": "3b0ef8f4-82c7-44d4-a4fb-6177f9a21977",
       "description": "",
       "availability_zone": "AZ1"
       }
       }
     

Description of response body (normal status)

Item Description
admin_state_up Administrative state of the firewall. If false (down), firewall does not forward packets and will drop all traffic to/from VMs behind the firewall.
description Human readable description for the firewall (1024 character limit).
firewall_policy_id The firewall policy uuid that this firewall is associated with. This firewall will implement the rules contained in the firewall policy represented by this uuid.
id Unique identifier for the firewall object.
name Human readable name for the firewall (255 character limit). Does not have to be unique.
status Indicates whether firewall resource is currently operational. Possible values include: ACTIVE, INACTIVE, DOWN, ERROR, PENDING_CREATE, PENDING_UPDATE, or PENDING_DELETE.
tenant_id Owner of the firewall. Only admin users can specify a project identifier other than their own.
router_id (not recommended) The ID of the router that this firewall applied.
router_ids The IDs of the routers that this firewall applied.
availability_zone The Availability Zone name.
CAUTION:
router_id is not a recommended parameter. It only remains to enable smooth migration to the new parameter router_ids. You should use router_ids. router_id may be deleted in the future.
CAUTION:
The router_id attribute and the router_ids attribute are only included in the response of the relevant firewall when either of them is enabled.