{ "$schema": "https://json-schema.org/draft/2020-12/schema", "title": "SecurityRule", "description": "A security policy rule defining traffic matching criteria and enforcement action applied by managed firewalls.", "$id": "https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/strata-cloud-manager-api-security-rule-schema.json", "type": "object", "properties": { "id": { "type": "string", "format": "uuid", "readOnly": true }, "name": { "type": "string" }, "folder": { "type": "string", "readOnly": true }, "position": { "type": "string", "enum": [ "pre", "post" ] }, "from": { "type": "array", "items": { "type": "string" }, "description": "Source security zones." }, "to": { "type": "array", "items": { "type": "string" }, "description": "Destination security zones." }, "source": { "type": "array", "items": { "type": "string" }, "description": "Source addresses or address groups (use \"any\" for all)." }, "destination": { "type": "array", "items": { "type": "string" }, "description": "Destination addresses or address groups." }, "source_user": { "type": "array", "items": { "type": "string" }, "description": "Source users or user groups." }, "application": { "type": "array", "items": { "type": "string" }, "description": "Applications to match (e.g., ssl, web-browsing)." }, "service": { "type": "array", "items": { "type": "string" }, "description": "Service objects or application-default." }, "category": { "type": "array", "items": { "type": "string" }, "description": "URL categories to match." }, "action": { "type": "string", "enum": [ "allow", "deny", "drop", "reset-client", "reset-server", "reset-both" ] }, "log_setting": { "type": "string", "description": "Log forwarding profile name." }, "profile_setting": { "type": "object", "properties": { "group": { "type": "array", "items": { "type": "string" } } } }, "disabled": { "type": "boolean", "default": false }, "description": { "type": "string" }, "tag": { "type": "array", "items": { "type": "string" } } } }