Class hcloud:SecurityGroup (CONCRETE)

Class ID:14970
Class Label: secGroup
Encrypted: false - Exportable: false - Persistent: true - Configurable: false - Subject to Quota: Disabled - Abstraction Layer: Logical Model - APIC NX Processing: Disabled
Write Access: [NON CONFIGURABLE]
Read Access: [admin, tenant-connectivity, tenant-ext-connectivity, tenant-security]
Creatable/Deletable: yes (see Container Mos for details)
Semantic Scope: None
Semantic Scope Evaluation Rule: Parent
Monitoring Policy Source: Parent
Monitoring Flags : [ IsObservable: true, HasStats: false, HasFaults: true, HasHealth: true, HasEventRules: false ]

Group of endpoint sharing the same security rules

Naming Rules
RN FORMAT: sgroup-{[epgDn]}

    [1] PREFIX=sgroup- PROPERTY = epgDn




DN FORMAT: 

[0] cprov-{vendor}/provacc-{[name]}/acct-{[name]}/region-{[regionName]}/context-{[name]}-addr-{[primaryCidr]}/sgroup-{[epgDn]}

[1] acct-{[name]}/region-{[regionName]}/context-{[name]}-addr-{[primaryCidr]}/sgroup-{[epgDn]}

                


Diagram

Super Mo: hcloud:ASecurityGroup,
Container Mos: hcloud:Ctx (deletable:yes),
Contained Mos: hcloud:BulkEgressRuleOper, hcloud:BulkIngressRuleOper, hcloud:EPSelector, hcloud:IpEgressRule, hcloud:IpIngressRule, hcloud:SGRuleGroupOper, hcloud:SecurityGroupOper, hcloud:SgEgressRule, hcloud:SgIngressRule, health:NodeInst,
Relations From: hcloud:AEndPoint, hcloud:NativeLB, hcloud:TargetGroup,
Relations To: hcloud:ExtSecurityGroup, cloud:EpP,
Relations: hcloud:RsInterSite, hcloud:RsInterVrf, hcloud:RsSecurityGroup, hcloud:RtEpToSecurityGroup, hcloud:RtLBToSecurityGroup, hcloud:RtTgToSecurityGroup,


Containers Hierarchies
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] hcloud:Prov  MOs Cloud Provider
 
 ├
[V] hcloud:ProvAccount  Cloud Provider Account
 
 
 ├
[V] hcloud:Account  Represents a cloud tenant, i.e. both owner and container of cloud resources. It maps 1:1 to fvTenant. Which means that for each fvTenant an hcloudAccount must be created. Depending on the cloud provider it implies different things, as detailed as follows. AWS: hcloudAccount stores cloud account's credentials or just the accoun...
 
 
 
 ├
[V] hcloud:Region  Represents a cloud region managed by CAPIC. Cloud resources will not be deployed in unmanaged regions.
 
 
 
 
 ├
[V] hcloud:Ctx 
 
 
 
 
 
 ├
[V] hcloud:SecurityGroup  Group of endpoint sharing the same security rules
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] hcloud:Account  Represents a cloud tenant, i.e. both owner and container of cloud resources. It maps 1:1 to fvTenant. Which means that for each fvTenant an hcloudAccount must be created. Depending on the cloud provider it implies different things, as detailed as follows. AWS: hcloudAccount stores cloud account's credentials or just the accoun...
 
 ├
[V] hcloud:Region  Represents a cloud region managed by CAPIC. Cloud resources will not be deployed in unmanaged regions.
 
 
 ├
[V] hcloud:Ctx 
 
 
 
 ├
[V] hcloud:SecurityGroup  Group of endpoint sharing the same security rules


Contained Hierarchy
[V] hcloud:SecurityGroup  Group of endpoint sharing the same security rules
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 ├
[V] hcloud:BulkEgressRuleOper 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 ├
[V] aaa:RbacAnnotation  RbacAnnotation is used for capturing rbac properties of any apic object Objects can append rbacannotations as Object->RbacAnnotation which is then checked for domain eligibility
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 ├
[V] hcloud:BulkIngressRuleOper 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 ├
[V] aaa:RbacAnnotation  RbacAnnotation is used for capturing rbac properties of any apic object Objects can append rbacannotations as Object->RbacAnnotation which is then checked for domain eligibility
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 ├
[V] hcloud:EPSelector 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:EPSelectorSubnet 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:RsSelectorToTagParent 
 
 
 ├
[V] aaa:RbacAnnotation  RbacAnnotation is used for capturing rbac properties of any apic object Objects can append rbacannotations as Object->RbacAnnotation which is then checked for domain eligibility
 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 
 ├
[V] aaa:RbacAnnotation  RbacAnnotation is used for capturing rbac properties of any apic object Objects can append rbacannotations as Object->RbacAnnotation which is then checked for domain eligibility
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] hcloud:SelectedEP 
 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] hcloud:SelectedEPOper 
 
 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 
 
 ├
[V] aaa:RbacAnnotation  RbacAnnotation is used for capturing rbac properties of any apic object Objects can append rbacannotations as Object->RbacAnnotation which is then checked for domain eligibility
 
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 
 ├
[V] tag:Tag 
 
 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 ├
[V] hcloud:IpEgressRule  Security Group egress rule that specifies destination IP subnet address.
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:EPSelectorSubnetData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:EndpointData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:ExtEPSelectorData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:FilterEntryData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:IpEgressRuleOper 
 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 
 ├
[V] aaa:RbacAnnotation  RbacAnnotation is used for capturing rbac properties of any apic object Objects can append rbacannotations as Object->RbacAnnotation which is then checked for domain eligibility
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 ├
[V] hcloud:RsRFltAttData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 ├
[V] hcloud:IpIngressRule  Security Group ingress rule that specifies source IP subnet address.
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:EPSelectorSubnetData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:EndpointData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:ExtEPSelectorData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:FilterEntryData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:IpIngressRuleOper 
 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 
 ├
[V] aaa:RbacAnnotation  RbacAnnotation is used for capturing rbac properties of any apic object Objects can append rbacannotations as Object->RbacAnnotation which is then checked for domain eligibility
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 ├
[V] hcloud:RsRFltAttData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 ├
[V] hcloud:RsInterSite  Relation used to signal if a contract is a inter site one
 
 ├
[V] aaa:RbacAnnotation  RbacAnnotation is used for capturing rbac properties of any apic object Objects can append rbacannotations as Object->RbacAnnotation which is then checked for domain eligibility
 
 ├
[V] hcloud:ToEPgData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] hcloud:RsInterVrf  Relation used to signal if a contract is between VRFs
 
 ├
[V] aaa:RbacAnnotation  RbacAnnotation is used for capturing rbac properties of any apic object Objects can append rbacannotations as Object->RbacAnnotation which is then checked for domain eligibility
 
 ├
[V] hcloud:ToEPgData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] hcloud:RsSecurityGroup 
 
 ├
[V] aaa:RbacAnnotation  RbacAnnotation is used for capturing rbac properties of any apic object Objects can append rbacannotations as Object->RbacAnnotation which is then checked for domain eligibility
 
 ├
[V] tag:Annotation 
 
 ├
[V] tag:Tag 
 ├
[V] hcloud:RtEpToSecurityGroup 
 ├
[V] hcloud:RtLBToSecurityGroup 
 ├
[V] hcloud:RtTgToSecurityGroup 
 ├
[V] hcloud:SGRuleGroupOper 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 ├
[V] hcloud:SecurityGroupOper 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 ├
[V] aaa:RbacAnnotation  RbacAnnotation is used for capturing rbac properties of any apic object Objects can append rbacannotations as Object->RbacAnnotation which is then checked for domain eligibility
 
 
 ├
[V] tag:Annotation 
 
 
 ├
[V] tag:Tag 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 ├
[V] hcloud:SgEgressRule  Security Group egress rule that specifies destination Security Group's DN.
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:EPSelectorSubnetData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:EndpointData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:ExtEPSelectorData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:FilterEntryData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:RsRFltAttData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:SgEgressRuleOper 
 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 
 ├
[V] aaa:RbacAnnotation  RbacAnnotation is used for capturing rbac properties of any apic object Objects can append rbacannotations as Object->RbacAnnotation which is then checked for domain eligibility
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 ├
[V] hcloud:SgIngressRule  Security Group ingress rule that specifies source Security Group's DN.
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:EPSelectorSubnetData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:EndpointData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:ExtEPSelectorData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:FilterEntryData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:RsRFltAttData 
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 ├
[V] hcloud:SgIngressRuleOper 
 
 
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 
 
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 
 
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 
 
 
 ├
[V] aaa:RbacAnnotation  RbacAnnotation is used for capturing rbac properties of any apic object Objects can append rbacannotations as Object->RbacAnnotation which is then checked for domain eligibility
 
 
 
 ├
[V] tag:Annotation 
 
 
 
 ├
[V] tag:Tag 
 
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 
 ├
[V] health:Inst A base class for a health score instance.(Switch only)
 ├
[V] health:Inst A base class for a health score instance.
 ├
[V] health:NodeInst The health score instance calculated on a node and reported to appliance.


Inheritance
[V] naming:NamedObject An abstract base class for an object that contains a name.
 ├
[V] pol:Obj Represents a generic policy object.
 
 ├
[V] hcloud:ACloudBase  Abstract class for any cloud-related class. If you are planning to define a class for an actual cloud resource, then you must inherit from hcloud:AResource abstract class instead.
 
 
 ├
[V] hcloud:AResource  Abstract class that adds reference DNs towards resolved and logical objects.
 
 
 
 ├
[V] hcloud:ASecurityGroup  Abstract Security Group class containing properties that are shared between hcloudSecurityGroup and hcloudExtSecurityGroup objects.
 
 
 
 
 ├
[V] hcloud:SecurityGroup  Group of endpoint sharing the same security rules


Events
                


Faults
                


Fsms
                


Properties Summary
Defined in: hcloud:SecurityGroup
reference:BinRef epgDn  (hcloud:SecurityGroup:epgDn)
           Overrides:hcloud:ASecurityGroup:epgDn
           The fully qualified name of the endpoint group.
Defined in: hcloud:ASecurityGroup
string:Basic description  (hcloud:ASecurityGroup:description)
           The description of this configuration item.
scalar:Bool skipEPAttach  (hcloud:ASecurityGroup:skipEPAttach)
           NO COMMENTS
string:Basic tags  (hcloud:ASecurityGroup:tags)
           [Deprecated] Not used any longer.
hcloud:SecurityGroupType
          scalar:Enum32
type  (hcloud:ASecurityGroup:type)
           The specific type of the object or component.
Defined in: hcloud:AResource
reference:BinRef delegateDn  (hcloud:AResource:delegateDn)
           DN of logical object to which delegate possible faults
reference:BinRef resolvedObjDn  (hcloud:AResource:resolvedObjDn)
           DN of resolved object that generated this concrete (hcloud) object
Defined in: hcloud:ACloudBase
naming:Name
          string:Basic
name  (hcloud:ACloudBase:name)
           Overrides:pol:Obj:name | naming:NamedObject:name
           The name of the object.
naming:NameAlias
          string:Basic
nameAlias  (hcloud:ACloudBase:nameAlias)
           Overrides:naming:NamedObject:nameAlias
           NO COMMENTS
Defined in: mo:Resolvable
mo:Owner
          scalar:Enum8
lcOwn  (mo:Resolvable:lcOwn)
           A value that indicates how this object was created. For internal use only.
Defined in: mo:Modifiable
mo:TStamp
          scalar:Date
modTs  (mo:Modifiable:modTs)
           The time when this object was last modified.
Defined in: mo:TopProps
mo:ModificationChildAction
          scalar:Bitmask32
childAction  (mo:TopProps:childAction)
           Delete or ignore. For internal use only.
reference:BinRef dn  (mo:TopProps:dn)
           A tag or metadata is a non-hierarchical keyword or term assigned to the fabric module.
reference:BinRN rn  (mo:TopProps:rn)
           Identifies an object from its siblings within the context of its parent object. The distinguished name contains a sequence of relative names.
mo:ModificationStatus
          scalar:Bitmask32
status  (mo:TopProps:status)
           The upgrade status. This property is for internal use only.
Properties Detail

childAction

Type: mo:ModificationChildAction
Primitive Type: scalar:Bitmask32

Units: null
Encrypted: false
Access: implicit
Category: TopLevelChildAction
    Comments:
Delete or ignore. For internal use only.
Constants
deleteAll 16384u deleteAll NO COMMENTS
ignore 4096u ignore NO COMMENTS
deleteNonPresent 8192u deleteNonPresent NO COMMENTS
DEFAULT 0 --- This type is used to





delegateDn

Type: reference:BinRef

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
DN of logical object to which delegate possible faults



description

Type: string:Basic

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
The description of this configuration item.



dn

Type: reference:BinRef

Units: null
Encrypted: false
Access: implicit
Category: TopLevelDn
    Comments:
A tag or metadata is a non-hierarchical keyword or term assigned to the fabric module.



epgDn

Type: reference:BinRef

Overrides:hcloud:ASecurityGroup:epgDn
Units: null Encrypted: false Naming Property -- [NAMING RULES] Access: naming Category: TopLevelRegular
    Comments:
The fully qualified name of the endpoint group.



lcOwn

Type: mo:Owner
Primitive Type: scalar:Enum8

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
A value that indicates how this object was created. For internal use only.
Constants
local 0 Local NO COMMENTS
policy 1 Policy NO COMMENTS
replica 2 Replica NO COMMENTS
resolveOnBehalf 3 ResolvedOnBehalf NO COMMENTS
implicit 4 Implicit NO COMMENTS
DEFAULT local(0) Local NO COMMENTS





modTs

Type: mo:TStamp
Primitive Type: scalar:Date

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
The time when this object was last modified.
Constants
never 0ull never NO COMMENTS
DEFAULT never(0ull) never NO COMMENTS





name

Type: naming:Name
Primitive Type: string:Basic

Overrides:pol:Obj:name  |  naming:NamedObject:name
Units: null Encrypted: false Access: implicit Category: TopLevelRegular
    Comments:
The name of the object.



nameAlias

Type: naming:NameAlias
Primitive Type: string:Basic

Overrides:naming:NamedObject:nameAlias
Units: null Encrypted: false Access: implicit Category: TopLevelRegular
    Comments:
NO COMMENTS



resolvedObjDn

Type: reference:BinRef

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
DN of resolved object that generated this concrete (hcloud) object



rn

Type: reference:BinRN

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRn
    Comments:
Identifies an object from its siblings within the context of its parent object. The distinguished name contains a sequence of relative names.



skipEPAttach

Type: scalar:Bool

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
NO COMMENTS
Constants
no false --- NO COMMENTS
yes true --- NO COMMENTS
DEFAULT no(false) --- NO COMMENTS





status

Type: mo:ModificationStatus
Primitive Type: scalar:Bitmask32

Units: null
Encrypted: false
Access: implicit
Category: TopLevelStatus
    Comments:
The upgrade status. This property is for internal use only.
Constants
created 2u created In a setter method: specifies that an object should be created. An error is returned if the object already exists.
In the return value of a setter method: indicates that an object has been created.
modified 4u modified In a setter method: specifies that an object should be modified
In the return value of a setter method: indicates that an object has been modified.
deleted 8u deleted In a setter method: specifies that an object should be deleted.
In the return value of a setter method: indicates that an object has been deleted.
DEFAULT 0 --- This type controls the life cycle of objects passed in the XML API.

When used in a setter method (such as configConfMo), the ModificationStatus specifies whether an object should be created, modified, deleted or removed.
In the return value of a setter method, the ModificationStatus indicates the actual operation that was performed. For example, the ModificationStatus is set to "created" if the object was created. The ModificationStatus is not set if the object was neither created, modified, deleted or removed.

When invoking a setter method, the ModificationStatus is optional:
If a setter method such as configConfMo is invoked and the ModificationStatus is not set, the system automatically determines if the object should be created or modified.






tags

Type: string:Basic

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
[Deprecated] Not used any longer.



type

Type: hcloud:SecurityGroupType
Primitive Type: scalar:Enum32

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
The specific type of the object or component.
Constants
default-ep 0u Default Security Group for EPs Default for EPs
default-csr 1u Default Security Group for CSR Default for CSR
non-default 2u Non default security group Non default
DEFAULT non-default(2u) Non default security group Non default