| Parameter |
Choices/Defaults |
Comments |
|
state
str
|
|
- The state that should be applied on the entity.
|
|
avi_api_update_method
str
|
|
- Default method for object update is HTTP PUT.
- Setting to patch will override that behavior to use HTTP PATCH.
|
|
avi_api_patch_op
str
|
add ← - replace
- delete
- remove
|
- Patch operation to use when using avi_api_update_method as patch.
|
|
avi_patch_path
str
|
|
- Patch path to use when using avi_api_update_method as patch.
|
|
avi_patch_value
str
|
|
- Patch value to use when using avi_api_update_method as patch.
|
|
configpb_attributes
dict
|
|
- Protobuf versioning for config pbs.
- Field introduced in 21.1.1.
- Allowed in enterprise edition with any value, essentials edition with any value, basic edition with any value, enterprise with cloud services
- edition.
|
|
description
str
|
|
- Security policy is used to specify various configuration information used to perform distributed denial of service (ddos) attacks detection and
- mitigation.
- Field introduced in 18.2.1.
- Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
|
|
dns_amplification_denyports
dict
|
|
- Source ports and port ranges to deny in dns amplification attacks.
- Field introduced in 21.1.1.
- Allowed in enterprise edition with any value, enterprise with cloud services edition.
|
|
dns_attacks
dict
|
|
- Attacks utilizing the dns protocol operations.
- Field introduced in 18.2.1.
- Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
|
|
dns_policy_index
int
|
|
- Index of the dns policy to use for the mitigation rules applied to the dns attacks.
- Field introduced in 18.2.1.
- Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
- Default value when not specified in API or module is interpreted by Avi Controller as 0.
|
|
markers
list
|
|
- List of labels to be used for granular rbac.
- Field introduced in 20.1.5.
- Allowed in enterprise edition with any value, essentials edition with any value, basic edition with any value, enterprise with cloud services
- edition.
|
|
name
str
|
required: true
|
- The name of the security policy.
- Field introduced in 18.2.1.
- Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
|
|
network_security_policy_index
int
|
|
- Index of the network security policy to use for the mitigation rules applied to the attacks.
- Field introduced in 18.2.1.
- Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
- Default value when not specified in API or module is interpreted by Avi Controller as 0.
|
|
oper_mode
str
|
|
- Mode of dealing with the attacks - perform detection only, or detect and mitigate the attacks.
- Enum options - DETECTION, MITIGATION.
- Field introduced in 18.2.1.
- Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
- Default value when not specified in API or module is interpreted by Avi Controller as DETECTION.
|
|
tcp_attacks
dict
|
|
- Attacks utilizing the tcp protocol operations.
- Field introduced in 18.2.1.
- Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
|
|
tenant_ref
str
|
|
- Tenancy of the security policy.
- It is a reference to an object of type tenant.
- Field introduced in 18.2.1.
- Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
|
|
udp_attacks
dict
|
|
- Attacks utilizing the udp protocol operations.
- Field introduced in 18.2.1.
- Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
|
|
url
str
|
|
- Avi controller URL of the object.
|
|
uuid
str
|
|
- The uuid of the security policy.
- Field introduced in 18.2.1.
- Allowed in enterprise edition with any value, essentials, basic, enterprise with cloud services edition.
|