Update Network Security Group

PATCH

https://nico-rest-api.nico.svc.cluster.local/v2/org/:org/nico/network-security-group/:networkSecurityGroupId

PATCH

/v2/org/:org/nico/network-security-group/:networkSecurityGroupId

$ curl -X PATCH https://nico-rest-api.nico.svc.cluster.local/v2/org/org/nico/network-security-group/networkSecurityGroupId \
>      -H "Authorization: Bearer <token>" \
>      -H "Content-Type: application/json" \
>      -d '{
>   "name": "Spark VPC Firewall",
>   "description": "Security policies for machines in Spark VPC",
>   "rules": [
>     {
>       "direction": "INGRESS",
>       "protocol": "TCP",
>       "action": "PERMIT",
>       "sourcePrefix": "0.0.0.0/0",
>       "destinationPrefix": "1.1.1.1/0",
>       "name": "allow-http-from-public",
>       "sourcePortRange": "80-81",
>       "destinationPortRange": "180-181",
>       "priority": 55
>     }
>   ],
>   "labels": {
>     "flavor": "coconut"
>   }
> }'

1 {
2   "id": "2a21cf79-ea5e-4d28-b585-2e78948fcefb",
3   "name": "Spark VPC Firewall",
4   "description": "Security policies for machines in Spark VPC",
5   "siteId": "56f1a3ed-3653-454f-b861-9136207be660",
6   "tenantId": "79595ebe-934f-4f19-bc74-c16aefd0c57a",
7   "status": "Pending",
8   "statusHistory": [
9     {
10       "status": "Ready",
11       "message": "processed network security group creation request",
12       "created": "2025-02-26T18:17:44.862879-05:00",
13       "updated": "2025-02-26T18:17:44.862879-05:00"
14     }
15   ],
16   "rules": [
17     {
18       "direction": "INGRESS",
19       "protocol": "TCP",
20       "action": "PERMIT",
21       "sourcePrefix": "0.0.0.0/0",
22       "destinationPrefix": "1.1.1.1/0",
23       "name": "allow-http-from-public",
24       "sourcePortRange": "80-81",
25       "destinationPortRange": "180-181",
26       "priority": 55
27     }
28   ],
29   "labels": {
30     "flavor": "coconut"
31   },
32   "created": "2025-02-26T18:17:44.861317-05:00",
33   "updated": "2025-02-26T18:17:44.861317-05:00"
34 }

Update a Network Security Group by ID

Org must have a Tenant entity. Instance must belong to Tenant. User must have authorization role with TENANT_ADMIN suffix.

After a group has been created, policy updates are absolute. The complete desired policy set must be specified.

Authentication

AuthorizationBearer

export JWT_BEARER_TOKEN="<jwt-bearer-token>"
# Example org name: "acme-inc
export ORG_NAME=<org-name>
# Use the JWT bearer token in your API request auth header:
curl -v -X GET -H "Content-Type: application/json" -H "Authorization: Bearer $JWT_BEARER_TOKEN" https://nico-rest-api.nico.svc.cluster.local/v2/org/$ORG_NAME/nico/user/current

``` export JWT_BEARER_TOKEN="<jwt-bearer-token>" # Example org name: "acme-inc export ORG_NAME=<org-name> # Use the JWT bearer token in your API request auth header: curl -v -X GET -H "Content-Type: application/json" -H "Authorization: Bearer $JWT_BEARER_TOKEN" https://nico-rest-api.nico.svc.cluster.local/v2/org/$ORG_NAME/nico/user/current ```

Path parameters

orgstringRequired

Name of the Org

networkSecurityGroupIdstringRequired

ID of the Network Security Group

Request

This endpoint expects an object.

namestring or nullOptional2-256 characters

Name of the Network Security Group

descriptionstring or nullOptional

Description of the Network Security Group

statefulEgressbooleanOptional

Egress rules with protocol and destination ports defined but without source ports defined should automatically be made stateful.

ruleslist of objectsOptional

Update rules of the Network Security Group. The rules will be replaced with the rules sent in the request. Any rules not included in the request will be removed. To retain existing rules, fetch them first and include them.

labelsmap from strings to stringsOptional

User-defined key-value labels for the Network Security Group

Response

idstring

Unique UUID v4 identifier for the Network Security Group

namestring2-256 characters

Name of the Network Security Group

descriptionstring or null

Description of the Network Security Group

siteIdstringformat: "uuid"

ID of the Site

tenantIdstringformat: "uuid"

ID of the Tenant

statusenum

Status of the Network Security Group

statusHistorylist of objects

Chronological status history for the Network Security Group

statefulEgressboolean

StatefulEgress defines whether a Network Security Group's egress rules will be automatically stateful

ruleslist of objects

Rules that belong to the Network Security Group

ruleCountinteger

Number of rules in the Network Security Group

attachmentStatsobject

Attachment statistics for the Network Security Group. Returned when the includeAttachmentStats query parameter is set to true in retrieval endpoints.

labelsmap from strings to strings

Set of labels/tags for the Network Security Group

createddatetime

Date/time when the Network Security Group was created

updateddatetime

Date/time when the Network Security Group was last updated

Errors

400

Bad Request Error

403

Forbidden Error

404

Not Found Error

500

Internal Server Error

501

Not Implemented Error