Palo Alto Networks · Schema

SecurityRuleRequest

SecurityRuleRequest schema from Palo Alto Networks Cloud NGFW for AWS REST API

Cloud SecurityCybersecurityFirewallNetwork SecuritySASESOARThreat IntelligenceXDR

Properties

Name Type Description
Priority integer
RuleEntry object
View JSON Schema on GitHub

JSON Schema

cloud-ngfw-api-security-rule-request-schema.json Raw ↑ 
{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "title": "SecurityRuleRequest",
  "description": "SecurityRuleRequest schema from Palo Alto Networks Cloud NGFW for AWS REST API",
  "$id": "https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cloud-ngfw-api-security-rule-request-schema.json",
  "type": "object",
  "properties": {
    "Priority": {
      "type": "integer",
      "minimum": 1,
      "maximum": 65535
    },
    "RuleEntry": {
      "type": "object",
      "required": [
        "RuleName",
        "Action"
      ],
      "properties": {
        "RuleName": {
          "type": "string"
        },
        "Description": {
          "type": "string"
        },
        "Enabled": {
          "type": "boolean",
          "default": true
        },
        "Source": {
          "type": "object",
          "description": "Traffic source matching criteria for a security rule.",
          "properties": {
            "Cidrs": {
              "type": "array",
              "items": {
                "type": "string"
              },
              "description": "Source CIDR blocks (e.g., 10.0.0.0/8)."
            },
            "Countries": {
              "type": "array",
              "items": {
                "type": "string"
              },
              "description": "Source country codes (ISO 3166-1 alpha-2)."
            },
            "Feeds": {
              "type": "array",
              "items": {
                "type": "string"
              },
              "description": "Threat intelligence feed names."
            },
            "PrefixLists": {
              "type": "array",
              "items": {
                "type": "string"
              },
              "description": "Names of prefix lists defined in the rule stack."
            }
          }
        },
        "Destination": {
          "type": "object",
          "description": "Traffic destination matching criteria for a security rule.",
          "properties": {
            "Cidrs": {
              "type": "array",
              "items": {
                "type": "string"
              },
              "description": "Destination CIDR blocks."
            },
            "Countries": {
              "type": "array",
              "items": {
                "type": "string"
              },
              "description": "Destination country codes."
            },
            "Feeds": {
              "type": "array",
              "items": {
                "type": "string"
              }
            },
            "FqdnLists": {
              "type": "array",
              "items": {
                "type": "string"
              },
              "description": "Names of FQDN lists defined in the rule stack."
            },
            "PrefixLists": {
              "type": "array",
              "items": {
                "type": "string"
              }
            }
          }
        },
        "Applications": {
          "type": "array",
          "items": {
            "type": "string"
          }
        },
        "Protocol": {
          "type": "string",
          "enum": [
            "APPLICATION-DEFAULT",
            "ANY"
          ]
        },
        "Action": {
          "type": "string",
          "enum": [
            "Allow",
            "DenyResetBoth",
            "DenyResetServer",
            "DenySilent"
          ]
        }
      }
    }
  },
  "required": [
    "Priority",
    "RuleEntry"
  ]
}