neutron-fwaas 策略

以下是 neutron-fwaas 中所有可用策略的概述。有关示例配置文件,请参阅 示例 Neutron FWaaS 策略文件

neutron-fwaas

shared_firewall_groups
默认值:

field:firewall_groups:shared=True

共享防火墙组的定义

create_firewall_group
默认值:

(rule:admin_only) or (role:member and project_id:%(project_id)s)

操作:

  • POST /fwaas/firewall_groups

作用域类型:

  • project

创建防火墙组

update_firewall_group
默认值:

(rule:admin_only) or (role:member and project_id:%(project_id)s)

操作:

  • PUT /fwaas/firewall_groups/{id}

作用域类型:

  • project

更新防火墙组

delete_firewall_group
默认值:

(rule:admin_only) or (role:member and project_id:%(project_id)s)

操作:

  • DELETE /fwaas/firewall_groups/{id}

作用域类型:

  • project

删除防火墙组

create_firewall_group:shared
默认值:

rule:admin_only

操作:

  • POST /fwaas/firewall_groups

作用域类型:

  • project

创建共享防火墙组

update_firewall_group:shared
默认值:

rule:admin_only

操作:

  • PUT /fwaas/firewall_groups/{id}

作用域类型:

  • project

更新防火墙组的 shared 属性

delete_firewall_group:shared
默认值:

rule:admin_only

操作:

  • DELETE /fwaas/firewall_groups/{id}

作用域类型:

  • project

删除共享防火墙组

get_firewall_group
默认值:

(rule:admin_only) (role:reader project_id:%(project_id)s) rule:shared_firewall_groups

操作:

  • GET /fwaas/firewall_groups

  • GET /fwaas/firewall_groups/{id}

作用域类型:

  • project

获取防火墙组

shared_firewall_policies
默认值:

field:firewall_policies:shared=True

共享防火墙策略的定义

create_firewall_policy
默认值:

(rule:admin_only) or (role:member and project_id:%(project_id)s)

操作:

  • POST /fwaas/firewall_policies

作用域类型:

  • project

创建防火墙策略

update_firewall_policy
默认值:

(rule:admin_only) or (role:member and project_id:%(project_id)s)

操作:

  • PUT /fwaas/firewall_policies/{id}

作用域类型:

  • project

更新防火墙策略

delete_firewall_policy
默认值:

(rule:admin_only) or (role:member and project_id:%(project_id)s)

操作:

  • DELETE /fwaas/firewall_policies/{id}

作用域类型:

  • project

删除防火墙策略

create_firewall_policy:shared
默认值:

rule:admin_only

操作:

  • POST /fwaas/firewall_policies

作用域类型:

  • project

创建共享防火墙策略

update_firewall_policy:shared
默认值:

rule:admin_only

操作:

  • PUT /fwaas/firewall_policies/{id}

作用域类型:

  • project

更新防火墙策略的 shared 属性

delete_firewall_policy:shared
默认值:

rule:admin_only

操作:

  • DELETE /fwaas/firewall_policies/{id}

作用域类型:

  • project

删除共享防火墙策略

get_firewall_policy
默认值:

(rule:admin_only) (role:reader project_id:%(project_id)s) rule:shared_firewall_policies

操作:

  • GET /fwaas/firewall_policies

  • GET /fwaas/firewall_policies/{id}

作用域类型:

  • project

获取防火墙策略

shared_firewall_rules
默认值:

field:firewall_rules:shared=True

共享防火墙规则的定义

create_firewall_rule
默认值:

(rule:admin_only) or (role:member and project_id:%(project_id)s)

操作:

  • POST /fwaas/firewall_rules

作用域类型:

  • project

创建防火墙规则

update_firewall_rule
默认值:

(rule:admin_only) or (role:member and project_id:%(project_id)s)

操作:

  • PUT /fwaas/firewall_rules/{id}

作用域类型:

  • project

更新防火墙规则

delete_firewall_rule
默认值:

(rule:admin_only) or (role:member and project_id:%(project_id)s)

操作:

  • DELETE /fwaas/firewall_rules/{id}

作用域类型:

  • project

删除防火墙规则

create_firewall_rule:shared
默认值:

rule:admin_only

操作:

  • POST /fwaas/firewall_rules

作用域类型:

  • project

创建共享防火墙规则

update_firewall_rule:shared
默认值:

rule:admin_only

操作:

  • PUT /fwaas/firewall_rules/{id}

作用域类型:

  • project

更新防火墙规则的 shared 属性

delete_firewall_rule:shared
默认值:

rule:admin_only

操作:

  • DELETE /fwaas/firewall_rules/{id}

作用域类型:

  • project

删除共享防火墙规则

get_firewall_rule
默认值:

(rule:admin_only) (role:reader project_id:%(project_id)s) rule:shared_firewall_rules

操作:

  • GET /fwaas/firewall_rules

  • GET /fwaas/firewall_rules/{id}

作用域类型:

  • project

获取防火墙规则

insert_rule
默认值:

(rule:admin_only) or (role:member and project_id:%(project_id)s)

操作:

  • PUT /fwaas/firewall_policies/{id}/insert_rule

作用域类型:

  • project

将规则插入防火墙策略

remove_rule
默认值:

(rule:admin_only) or (role:member and project_id:%(project_id)s)

操作:

  • PUT /fwaas/firewall_policies/{id}/remove_rule

作用域类型:

  • project

从防火墙策略中移除规则