Modify ASA VLAN interface - Security Cloud Control Firewall Manager API Documentation

{"type":"api","title":"Modify ASA VLAN interface","meta":{"id":"/apps/pubhub/media/cdo-api-documentation/cdbcd64e8c81b1f572dff1a1b687b52867178d60/9b0e4c9a-48cb-3530-a00a-1f32fbf2438c","info":{"title":"Cisco Security Cloud Control Firewall Manager API","version":"1.15.0","description":"Use the documentation to explore the endpoints Security Cloud Control Firewall Manager has to offer","contact":{"name":"Cisco Security Cloud Control TAC","email":"cdo.tac@cisco.com"}},"openapi":"3.0.1","servers":[{"url":"https://api.us.security.cisco.com/firewall","description":"US"},{"url":"https://api.eu.security.cisco.com/firewall","description":"EU"},{"url":"https://api.apj.security.cisco.com/firewall","description":"APJ"},{"url":"https://api.au.security.cisco.com/firewall","description":"AUS"},{"url":"https://api.in.security.cisco.com/firewall","description":"IN"},{"url":"https://api.int.security.cisco.com/firewall","description":"Staging"},{"url":"https://scale.manage.security.cisco.com/api/rest","description":"Scale"},{"url":"https://ci.manage.security.cisco.com/api/rest","description":"CI"},{"url":"https://manage.stg.secure.cisco/api/rest","description":"Stgf9"}],"securitySchemes":{"bearerAuth":{"bearerFormat":"JWT","scheme":"bearer","type":"http"}}},"spec":{"description":"Modify the ASA VLAN interface. A VLAN interface is a logical interface that represents a virtual LAN in a physical interface, allowing multiple VLANs to be configured and segmented in a single physical interface for traffic separation and security.","operationId":"modifyAsaVlanInterface","parameters":[{"description":"Unique identifier (UUID) of the device.","in":"path","name":"deviceUid","required":true,"schema":{"format":"uuid","type":"string"}},{"description":"Unique identifier (UUID) of the ASA VLAN interface.","in":"path","name":"interfaceUid","required":true,"schema":{"format":"uuid","type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"properties":{"description":{"description":"Interface description.","type":"string"},"enabled":{"description":"Indicates whether the interface is enabled.","type":"boolean"},"ipv4":{"description":"Interface IPv4 address.","properties":{"ipAddress":{"description":"Interface IPv4 address properties.","properties":{"ipAddress":{"description":"Unique network address assigned to a physical or logical port, which enables the port to communicate on a specific network segment and enforce security policies for traffic traversing that interface.","example":"IPv4 address such as 192.168.1.1 or IPv6 address such as 2001:db8::1","type":"string"},"netmask":{"description":"A 32-bit number that defines the network portion of an IP address, differentiating it from the host portion. This number determines the size of the local network segment directly connected to the interface, allowing it to identify which traffic belongs to its local network and which needs to be routed.","example":"255.255.255.0","type":"string"},"setroute":{"description":"Indicates whether a default route using the gateway information provided by the DHCP server is created automatically. The DHCP-assigned gateway is used as the next-hop for routing traffic.","type":"boolean"},"standbyIpAddress":{"description":"Secondary IP address configured in an interface, specifically for use in an HA pair. This address stays inactive in the standby unit until a failover occurs, at which point, the standby assumes ownership of both the primary and secondary IP addresses to ensure network connectivity for devices.","example":"IPv4 address such as 192.168.1.1 or IPv6 address such as 2001:db8::1","type":"string"}},"type":"object","$$ref":"#/components/schemas/InterfaceIpAddress"},"ipType":{"description":"IP address type, such as STATIC or DHCP.","enum":["STATIC","DHCP","PPPOE"],"type":"string","$$ref":"#/components/schemas/IpType"}},"type":"object","$$ref":"#/components/schemas/InterfaceIpv4Address"},"ipv6":{"description":"Interface IPv6 address.","properties":{"autoConfig":{"description":"Indicates whether address is automatically configured.","type":"boolean"},"dadAttempts":{"description":"Indicates the number of times a device performs Duplicate Address Detection (DAD) to verify the uniqueness of an address before assigning the IPv6 address. Valid range is from 0 to 600.","format":"int32","type":"integer"},"enabled":{"description":"Indicates whether IPv6 is enabled in interface.","type":"boolean"},"ipAddresses":{"description":"List of IPv6 addresses assigned to interface.","items":{"properties":{"ipAddress":{"description":"Unique network address assigned to a physical or logical port, which enables the port to communicate on a specific network segment and enforce security policies for traffic traversing that interface.","example":"IPv4 address such as 192.168.1.1 or IPv6 address such as 2001:db8::1","type":"string"},"netmask":{"description":"A 32-bit number that defines the network portion of an IP address, differentiating it from the host portion. This number determines the size of the local network segment directly connected to the interface, allowing it to identify which traffic belongs to its local network and which needs to be routed.","example":"255.255.255.0","type":"string"},"setroute":{"description":"Indicates whether a default route using the gateway information provided by the DHCP server is created automatically. The DHCP-assigned gateway is used as the next-hop for routing traffic.","type":"boolean"},"standbyIpAddress":{"description":"Secondary IP address configured in an interface, specifically for use in an HA pair. This address stays inactive in the standby unit until a failover occurs, at which point, the standby assumes ownership of both the primary and secondary IP addresses to ensure network connectivity for devices.","example":"IPv4 address such as 192.168.1.1 or IPv6 address such as 2001:db8::1","type":"string"}},"type":"object","$$ref":"#/components/schemas/InterfaceIpAddress"},"type":"array"},"linkLocalAddress":{"properties":{"ipAddress":{"description":"Unique network address assigned to a physical or logical port, which enables the port to communicate on a specific network segment and enforce security policies for traffic traversing that interface.","example":"IPv4 address such as 192.168.1.1 or IPv6 address such as 2001:db8::1","type":"string"},"netmask":{"description":"A 32-bit number that defines the network portion of an IP address, differentiating it from the host portion. This number determines the size of the local network segment directly connected to the interface, allowing it to identify which traffic belongs to its local network and which needs to be routed.","example":"255.255.255.0","type":"string"},"setroute":{"description":"Indicates whether a default route using the gateway information provided by the DHCP server is created automatically. The DHCP-assigned gateway is used as the next-hop for routing traffic.","type":"boolean"},"standbyIpAddress":{"description":"Secondary IP address configured in an interface, specifically for use in an HA pair. This address stays inactive in the standby unit until a failover occurs, at which point, the standby assumes ownership of both the primary and secondary IP addresses to ensure network connectivity for devices.","example":"IPv4 address such as 192.168.1.1 or IPv6 address such as 2001:db8::1","type":"string"}},"type":"object","$$ref":"#/components/schemas/InterfaceIpAddress","description":"IPv6 address that is used only for communication within the same network link."},"suppressRA":{"description":"Indicates whether router advertisements should be suppressed.","type":"boolean"}},"type":"object","$$ref":"#/components/schemas/InterfaceIpv6Address"},"macAddress":{"description":"Interface MAC address is a unique hardware identifier assigned to each physical interface and used for Layer 2 communication in a network segment.","type":"string"},"managementOnly":{"description":"Indicates if the interface is used exclusively for management traffic and not regular user or data traffic.","type":"boolean"},"memberInterfaces":{"description":"Set of unique identifiers (UUIDs) of the member interfaces that are a part of the VLAN group.","items":{"format":"uuid","type":"string"},"type":"array","uniqueItems":true},"monitorInterface":{"description":"Indicates if the interface is actively monitored as part of an HA setup. The check determines if the interface is functioning correctly and whether a failover to a standby device should be triggered, if required.","type":"boolean"},"mtu":{"description":"Interface MTU, in bytes, of a packet or frame that can be sent over a network interface without needing to be fragmented. MTU defines the maximum payload size the interface can handle in a single transmission. . Valid range is from 64 to 9198.","format":"int32","type":"integer"},"name":{"description":"Logical name of the interface, which must be unique in the scope of the device.","example":"my-example-interface","type":"string"},"securityLevel":{"description":"Indicates the interface trust level, ranging from 0 (lowest) to 100 (highest).","format":"int32","type":"integer"},"standbyMacAddress":{"description":"The standby interface Media Access Control (MAC) address, for use in a high-availability (HA) pair.","type":"string"}},"type":"object","$$ref":"#/components/schemas/VlanInterfacePatchInput"}}},"required":true},"responses":{"200":{"content":{"application/json":{"schema":{"properties":{"description":{"description":"Interface description.","type":"string"},"deviceUid":{"description":"Unique identifier (UUID) of the device associated with the interface.","example":"7131daad-e813-4b8f-8f42-be1e241e8cdb","format":"uuid","type":"string"},"duplexType":{"description":"Duplex mode controls how data transmission occurs in a physical interface. It determines whether the interface can send and receive data simultaneously or either send or receive at a given time.","example":"AUTO, FULL or HALF","enum":["AUTO","FULL","HALF"],"type":"string","$$ref":"#/components/schemas/DuplexType"},"enabled":{"description":"Indicates whether the interface is enabled.","type":"boolean"},"etherChannelGroupUid":{"description":"Unique identifier (UUID) of the EtherChannel group to which this interface belongs.","example":"7131daad-e813-4b8f-8f42-be1e241e8cdb","format":"uuid","type":"string"},"etherChannelId":{"description":"Identifier of the EtherChannel interface in the scope of the device.","format":"int32","type":"integer"},"hardwareName":{"description":"Interface hardware name. It is usually structured from the type, speed, slot and port number.","example":"GigabitEthernet0/0 for a physical interface or GigabitEthernet0/0.100 for a subinterface","type":"string"},"interfaceType":{"description":"Interface type.","example":"PHYSICAL_INTERFACE, SUB_INTERFACE, VIRTUAL_TUNNEL_INTERFACE, VLAN_INTERFACE, ETHER_CHANNEL_INTERFACE","enum":["PHYSICAL_INTERFACE","SUB_INTERFACE","VIRTUAL_TUNNEL_INTERFACE","VLAN_INTERFACE","ETHER_CHANNEL_INTERFACE"],"type":"string","$$ref":"#/components/schemas/InterfaceType"},"ipv4":{"description":"IPv4 address details of the interface.","properties":{"ipAddress":{"description":"Interface IPv4 address properties.","properties":{"ipAddress":{"description":"Unique network address assigned to a physical or logical port, which enables the port to communicate on a specific network segment and enforce security policies for traffic traversing that interface.","example":"IPv4 address such as 192.168.1.1 or IPv6 address such as 2001:db8::1","type":"string"},"netmask":{"description":"A 32-bit number that defines the network portion of an IP address, differentiating it from the host portion. This number determines the size of the local network segment directly connected to the interface, allowing it to identify which traffic belongs to its local network and which needs to be routed.","example":"255.255.255.0","type":"string"},"setroute":{"description":"Indicates whether a default route using the gateway information provided by the DHCP server is created automatically. The DHCP-assigned gateway is used as the next-hop for routing traffic.","type":"boolean"},"standbyIpAddress":{"description":"Secondary IP address configured in an interface, specifically for use in an HA pair. This address stays inactive in the standby unit until a failover occurs, at which point, the standby assumes ownership of both the primary and secondary IP addresses to ensure network connectivity for devices.","example":"IPv4 address such as 192.168.1.1 or IPv6 address such as 2001:db8::1","type":"string"}},"type":"object","$$ref":"#/components/schemas/InterfaceIpAddress"},"ipType":{"description":"IP address type, such as STATIC or DHCP.","enum":["STATIC","DHCP","PPPOE"],"type":"string","$$ref":"#/components/schemas/IpType"}},"type":"object","$$ref":"#/components/schemas/InterfaceIpv4Address"},"ipv6":{"description":"IPv6 address details of the interface.","properties":{"autoConfig":{"description":"Indicates whether address is automatically configured.","type":"boolean"},"dadAttempts":{"description":"Indicates the number of times a device performs Duplicate Address Detection (DAD) to verify the uniqueness of an address before assigning the IPv6 address. Valid range is from 0 to 600.","format":"int32","type":"integer"},"enabled":{"description":"Indicates whether IPv6 is enabled in interface.","type":"boolean"},"ipAddresses":{"description":"List of IPv6 addresses assigned to interface.","items":{"properties":{"ipAddress":{"description":"Unique network address assigned to a physical or logical port, which enables the port to communicate on a specific network segment and enforce security policies for traffic traversing that interface.","example":"IPv4 address such as 192.168.1.1 or IPv6 address such as 2001:db8::1","type":"string"},"netmask":{"description":"A 32-bit number that defines the network portion of an IP address, differentiating it from the host portion. This number determines the size of the local network segment directly connected to the interface, allowing it to identify which traffic belongs to its local network and which needs to be routed.","example":"255.255.255.0","type":"string"},"setroute":{"description":"Indicates whether a default route using the gateway information provided by the DHCP server is created automatically. The DHCP-assigned gateway is used as the next-hop for routing traffic.","type":"boolean"},"standbyIpAddress":{"description":"Secondary IP address configured in an interface, specifically for use in an HA pair. This address stays inactive in the standby unit until a failover occurs, at which point, the standby assumes ownership of both the primary and secondary IP addresses to ensure network connectivity for devices.","example":"IPv4 address such as 192.168.1.1 or IPv6 address such as 2001:db8::1","type":"string"}},"type":"object","$$ref":"#/components/schemas/InterfaceIpAddress"},"type":"array"},"linkLocalAddress":{"properties":{"ipAddress":{"description":"Unique network address assigned to a physical or logical port, which enables the port to communicate on a specific network segment and enforce security policies for traffic traversing that interface.","example":"IPv4 address such as 192.168.1.1 or IPv6 address such as 2001:db8::1","type":"string"},"netmask":{"description":"A 32-bit number that defines the network portion of an IP address, differentiating it from the host portion. This number determines the size of the local network segment directly connected to the interface, allowing it to identify which traffic belongs to its local network and which needs to be routed.","example":"255.255.255.0","type":"string"},"setroute":{"description":"Indicates whether a default route using the gateway information provided by the DHCP server is created automatically. The DHCP-assigned gateway is used as the next-hop for routing traffic.","type":"boolean"},"standbyIpAddress":{"description":"Secondary IP address configured in an interface, specifically for use in an HA pair. This address stays inactive in the standby unit until a failover occurs, at which point, the standby assumes ownership of both the primary and secondary IP addresses to ensure network connectivity for devices.","example":"IPv4 address such as 192.168.1.1 or IPv6 address such as 2001:db8::1","type":"string"}},"type":"object","$$ref":"#/components/schemas/InterfaceIpAddress","description":"IPv6 address that is used only for communication within the same network link."},"suppressRA":{"description":"Indicates whether router advertisements should be suppressed.","type":"boolean"}},"type":"object","$$ref":"#/components/schemas/InterfaceIpv6Address"},"lacpMode":{"description":"The Link Aggregation Control Protocol (LACP) mode of the EtherChannel interface.","enum":["ACTIVE","PASSIVE","ON"],"example":"ACTIVE, PASSIVE, or ON","type":"string"},"macAddress":{"description":"Interface MAC address is a unique hardware identifier assigned to each physical interface and used for Layer 2 communication in a network segment.","type":"string"},"managementInterface":{"description":"Indicates whether the interface is used for device management.","type":"boolean"},"managementOnly":{"description":"Indicates whether the interface is exclusively used for management traffic and not regular user or data traffic.","type":"boolean"},"memberInterfaces":{"description":"Set of unique identifiers (UUIDs) of interfaces that are part of an EtherChannel group.","items":{"format":"uuid","type":"string"},"type":"array","uniqueItems":true},"mode":{"description":"Interface mode, which describes how an interface operates in the network.","example":"ROUTED, PASSIVE or SWITCHPORT","enum":["ROUTED","PASSIVE","SWITCHPORT"],"type":"string","$$ref":"#/components/schemas/InterfaceMode"},"monitorInterface":{"description":"Indicates if the interface is actively monitored as part of an HA setup. The check determines if the interface is functioning correctly and whether a failover to a standby device should be triggered, if required.","type":"boolean"},"mtu":{"description":"Interface MTU, in bytes, of a packet or frame that can be sent over a network interface without needing to be fragmented. It defines the maximum payload size the interface can handle in a single transmission. Valid range is from 64 to 9198.","format":"int32","type":"integer"},"name":{"description":"Logical name of the interface, unique in the scope of the device.","example":"my-example-interface","type":"string"},"parentInterfaceUid":{"description":"Unique identifier (UUID) of the parent interface.","example":"7131daad-e813-4b8f-8f42-be1e241e8cdb","format":"uuid","type":"string"},"runtimeData":{"description":"Interface runtime data displays the state of the interface, including values selected during operation.","properties":{"duplexType":{"description":"Actual duplex mode of the physical interface.","type":"string"},"ipAddress":{"description":"Actual IP address of the interface.","type":"string"},"linkEnabled":{"description":"Indicates whether interface link is enabled.","type":"boolean"},"linkState":{"description":"The interface link state, such as UP or DOWN.","enum":["UP","DOWN"],"type":"string","$$ref":"#/components/schemas/LinkState"},"macAddress":{"description":"Actual MAC address of the interface.","type":"string"},"mtu":{"description":"Actual MTU of the interface.","format":"int32","type":"integer"},"speedType":{"description":"Actual speed of the physical interface.","type":"string"}},"type":"object","$$ref":"#/components/schemas/InterfaceRuntimeData"},"securityLevel":{"description":"Indicates interface trust level, ranging from 0 (lowest) to 100 (highest).","format":"int32","type":"integer"},"speedType":{"description":"Physical interface speed, which can be auto detected or set to a specific value.","example":"AUTO or THOUSAND","enum":["AUTO","TEN","HUNDRED","THOUSAND","TEN_THOUSAND"],"type":"string","$$ref":"#/components/schemas/SpeedType"},"standbyMacAddress":{"description":"Standby interface MAC address for use in HA pairs.","type":"string"},"subInterfaceId":{"description":"Unique identifier of the subinterface, which is used to differentiate between the subinterfaces of the same parent interface. Valid range is from 1 to 4294967295.","format":"int64","type":"integer"},"switchPortConfig":{"description":"Switchport configuration of the interface, which includes settings such as switchport mode, access VLAN, and trunk VLAN. This configuration is applicable for interfaces operating in switchport mode.","properties":{"accessModeVlan":{"description":"Unique identifier (UUID) of the access VLAN with which the interface is associated.","format":"uuid","type":"string"},"protectedEnabled":{"description":"Indicates whether switchport interface is protected or not. Protection prevents Layer 2 communication (unicast, multicast, or broadcast) between other protected ports on the same VLAN.","type":"boolean"},"trunkModeAllowedVlans":{"description":"Unique identifiers (UUIDs) of the VLAN interfaces that are permitted to send and receive traffic over trunk port.","items":{"format":"uuid","type":"string"},"type":"array","uniqueItems":true},"trunkModeNativeVlan":{"description":"Unique identifier (UUID) of the trunk VLAN with which the interface is associated.","format":"uuid","type":"string"}},"type":"object","$$ref":"#/components/schemas/SwitchPortConfig"},"uid":{"description":"Unique identifier (UUID) of the interface in Security Cloud Control.","example":"7131daad-e813-4b8f-8f42-be1e241e8cdb","format":"uuid","type":"string"},"vlanId":{"description":"Unique identifier of the VLAN associated with VLAN interface. Valid range is from 1 to 4070.","format":"int32","type":"integer"},"vlanPrimaryId":{"description":"Primary unique identifier of the VLAN associated with subinterface. Valid range is from 1 to 4094.","format":"int32","type":"integer"},"vlanSecondaryIds":{"description":"Secondary identifiers of the VLAN associated with subinterface. Each range is defined by a start and end value, which allows multiple VLANs to be associated with a subinterface. All ranges are inclusive.","items":{"properties":{"end":{"format":"int32","type":"integer"},"start":{"format":"int32","type":"integer"}},"type":"object","$$ref":"#/components/schemas/VlanIdRange"},"type":"array","uniqueItems":true}},"type":"object","$$ref":"#/components/schemas/AsaInterface"}}},"description":"AsaInterface object"},"400":{"content":{"application/json":{"schema":{"properties":{"details":{"additionalProperties":{"description":"Additional details, if any, on the error","example":{},"type":"object"},"description":"Additional details, if any, on the error","example":{},"type":"object"},"errorCode":{"description":"A unique code that describes the error.","enum":["INVALID_INPUT","UNAUTHORIZED","FORBIDDEN","NOT_FOUND","METHOD_NOT_ALLOWED","CONFLICT","TOO_MANY_REQUESTS","SERVER_ERROR","PROXY_ERROR","BAD_REQUEST","UNPROCESSABLE_ENTITY"],"example":"INVALID_INPUT","type":"string"},"errorMsg":{"description":"A human-readable error description in English.","example":"sample error","type":"string"}},"$$ref":"#/components/schemas/CommonApiError"}}},"description":"Invalid input provided. Check the response for details.","$$ref":"#/components/responses/http400BadRequest"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"A human-readable error description in English.","example":"invalid_token","type":"string"},"errorDescription":{"description":"A human-readable error description in English.","example":"Your token is invalid","type":"string"}},"$$ref":"#/components/schemas/AuthenticationError"}}},"description":"Request not authorized.","$$ref":"#/components/responses/http401Unauthorised"},"403":{"content":{"application/json":{"schema":{"properties":{"details":{"additionalProperties":{"description":"Additional details, if any, on the error","example":{},"type":"object"},"description":"Additional details, if any, on the error","example":{},"type":"object"},"errorCode":{"description":"A unique code that describes the error.","enum":["INVALID_INPUT","UNAUTHORIZED","FORBIDDEN","NOT_FOUND","METHOD_NOT_ALLOWED","CONFLICT","TOO_MANY_REQUESTS","SERVER_ERROR","PROXY_ERROR","BAD_REQUEST","UNPROCESSABLE_ENTITY"],"example":"INVALID_INPUT","type":"string"},"errorMsg":{"description":"A human-readable error description in English.","example":"sample error","type":"string"}},"$$ref":"#/components/schemas/CommonApiError"}}},"description":"User does not have sufficient privileges to perform this operation.","$$ref":"#/components/responses/http403Forbidden"},"404":{"content":{"application/json":{"schema":{"properties":{"details":{"additionalProperties":{"description":"Additional details, if any, on the error","example":{},"type":"object"},"description":"Additional details, if any, on the error","example":{},"type":"object"},"errorCode":{"description":"A unique code that describes the error.","enum":["INVALID_INPUT","UNAUTHORIZED","FORBIDDEN","NOT_FOUND","METHOD_NOT_ALLOWED","CONFLICT","TOO_MANY_REQUESTS","SERVER_ERROR","PROXY_ERROR","BAD_REQUEST","UNPROCESSABLE_ENTITY"],"example":"INVALID_INPUT","type":"string"},"errorMsg":{"description":"A human-readable error description in English.","example":"sample error","type":"string"}},"$$ref":"#/components/schemas/CommonApiError"}}},"description":"Entity not found.","$$ref":"#/components/responses/http404NotFound"},"500":{"content":{"application/json":{"schema":{"properties":{"details":{"additionalProperties":{"description":"Additional details, if any, on the error","example":{},"type":"object"},"description":"Additional details, if any, on the error","example":{},"type":"object"},"errorCode":{"description":"A unique code that describes the error.","enum":["INVALID_INPUT","UNAUTHORIZED","FORBIDDEN","NOT_FOUND","METHOD_NOT_ALLOWED","CONFLICT","TOO_MANY_REQUESTS","SERVER_ERROR","PROXY_ERROR","BAD_REQUEST","UNPROCESSABLE_ENTITY"],"example":"INVALID_INPUT","type":"string"},"errorMsg":{"description":"A human-readable error description in English.","example":"sample error","type":"string"}},"$$ref":"#/components/schemas/CommonApiError"}}},"description":"Internal server error."}},"security":[{"bearerAuth":[]}],"summary":"Modify ASA VLAN interface","tags":["ASA Interfaces"],"__originalOperationId":"modifyAsaVlanInterface","method":"patch","path":"/v1/inventory/devices/asas/{deviceUid}/vlaninterfaces/{interfaceUid}"}}