Palo Alto Networks · Schema
SecurityRule
SecurityRule schema from Palo Alto Networks Prisma Access Configuration API
Cloud SecurityCybersecurityFirewallNetwork SecuritySASESOARThreat IntelligenceXDR
Properties
| Name | Type | Description |
|---|---|---|
| id | string | |
| name | string | Name of the security rule. |
| description | string | |
| disabled | boolean | |
| from | array | Source security zones. |
| to | array | Destination security zones. |
| source | array | Source addresses or address groups. |
| destination | array | Destination addresses or address groups. |
| source_user | array | Source user or user group names. |
| application | array | Applications to match. |
| service | array | Services or service groups to match. |
| category | array | URL categories to match. |
| action | string | Action to take when the rule matches. |
| profile_setting | object | |
| log_setting | string | Log forwarding profile name. |
| tag | array | |
| folder | string | |
| position | string |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"title": "SecurityRule",
"description": "SecurityRule schema from Palo Alto Networks Prisma Access Configuration API",
"$id": "https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/prisma-access-api-security-rule-schema.json",
"type": "object",
"properties": {
"id": {
"type": "string",
"readOnly": true
},
"name": {
"type": "string",
"description": "Name of the security rule."
},
"description": {
"type": "string"
},
"disabled": {
"type": "boolean",
"default": false
},
"from": {
"type": "array",
"description": "Source security zones.",
"items": {
"type": "string"
}
},
"to": {
"type": "array",
"description": "Destination security zones.",
"items": {
"type": "string"
}
},
"source": {
"type": "array",
"description": "Source addresses or address groups.",
"items": {
"type": "string"
}
},
"destination": {
"type": "array",
"description": "Destination addresses or address groups.",
"items": {
"type": "string"
}
},
"source_user": {
"type": "array",
"description": "Source user or user group names.",
"items": {
"type": "string"
}
},
"application": {
"type": "array",
"description": "Applications to match.",
"items": {
"type": "string"
}
},
"service": {
"type": "array",
"description": "Services or service groups to match.",
"items": {
"type": "string"
}
},
"category": {
"type": "array",
"description": "URL categories to match.",
"items": {
"type": "string"
}
},
"action": {
"type": "string",
"enum": [
"allow",
"deny",
"drop",
"reset-client",
"reset-server",
"reset-both"
],
"description": "Action to take when the rule matches."
},
"profile_setting": {
"type": "object",
"properties": {
"group": {
"type": "array",
"items": {
"type": "string"
},
"description": "Security profile group names."
}
}
},
"log_setting": {
"type": "string",
"description": "Log forwarding profile name."
},
"tag": {
"type": "array",
"items": {
"type": "string"
}
},
"folder": {
"type": "string",
"readOnly": true
},
"position": {
"type": "string",
"enum": [
"pre",
"post"
],
"readOnly": true
}
},
"required": [
"name",
"from",
"to",
"source",
"destination",
"application",
"action"
]
}