When you create a Policy Object or assign multiple Policy Objects to a Group Policy Object, they are all assigned an ID. You then refer to each Policy Object as OBJ([ID]) or Group Policy as GRP([ID]). When you then assign these objects to a Firewall Rule in either srcCidr or destCidr, as a single comma-separated string. Eg. "rules": [{
'comment': 'Deny Src Any to Dest Group ID 225',
'policy': 'deny',
'protocol': 'tcp',
'destPort': '443',
'destCidr': 'GRP(225)',
'srcPort': 'Any',
'srcCidr': 'Any',
'syslogEnabled': False
},{
'comment': 'Deny Src Any to Dest Obj ID 662029145223465067,837 and 662029145223465068',
'policy': 'allow',
'protocol': 'tcp',
'destPort': '443',
'destCidr': 'OBJ(662029145223465067),OBJ(837),OBJ(662029145223465068)',
'srcPort': 'Any',
'srcCidr': 'Any',
'syslogEnabled': False
}] This shows two rules as Python Dictionaries.
... View more