Create Organization Policies Global Firewall Rulesets Rule - Meraki Dashboard API v1 - Cisco Meraki Developer Hub

{"type":"api","title":"Create Organization Policies Global Firewall Rulesets Rule","meta":{"id":"/apps/pubhub/media/Meraki-Dashboard-API-v1-Documentation/bc6b0e2213d6e701d9ab19bf198b31f87223ab83/401c6d5b-0873-3519-be2b-c203501ad95c","info":{"title":"Meraki Dashboard API","description":"A RESTful API to programmatically manage and monitor Cisco Meraki networks at scale.\n\n\u003e Date: 04 March, 2026\n\u003e\n\u003e [Recent Updates](https://meraki.io/whats-new/)\n\n---\n\n[API Documentation](https://meraki.io/api)\n\n[Community Support](https://meraki.io/community)\n\n[Meraki Homepage](https://www.meraki.com)\n","contact":{"name":"Meraki Developer Community","url":"https://meraki.io/community"},"version":"1.68.0-beta.0"},"security":[{"meraki_api_key":[]},{"bearerAuth":[]},{"oauth2":[]}],"tags":[{"name":"organizations"},{"name":"networks"},{"name":"devices"},{"name":"insight"},{"name":"wireless"},{"name":"camera"},{"name":"appliance"},{"name":"switch"},{"name":"cellularGateway"},{"name":"sm"},{"name":"sensor"},{"name":"administered"},{"name":"campusGateway"},{"name":"users"},{"name":"wirelessController"},{"name":"spaces"},{"name":"support"},{"name":"accelerometer"},{"name":"accessControlLists"},{"name":"accessPolicies"},{"name":"account"},{"name":"accounts"},{"name":"aclHitCount"},{"name":"acls"},{"name":"actionBatches"},{"name":"activities"},{"name":"adaptivePolicy"},{"name":"adaptivePolicyGroups"},{"name":"addressFamilies"},{"name":"addresses"},{"name":"admins"},{"name":"afc"},{"name":"airMarshal"},{"name":"alertTypes"},{"name":"alerts"},{"name":"allowlist"},{"name":"alternateManagementInterface"},{"name":"analytics"},{"name":"api"},{"name":"apiRequests"},{"name":"apnsCert"},{"name":"apple"},{"name":"appliances"},{"name":"applicationCategories"},{"name":"applicationUsage"},{"name":"applications"},{"name":"areas"},{"name":"arpInspection"},{"name":"arpTable"},{"name":"artifacts"},{"name":"assets"},{"name":"assignments"},{"name":"association"},{"name":"attributes"},{"name":"auth"},{"name":"authZones"},{"name":"authentication"},{"name":"authenticationToken"},{"name":"authorities"},{"name":"authorization"},{"name":"authorizations"},{"name":"autoLocate"},{"name":"autoRf"},{"name":"automations"},{"name":"autonomousSystems"},{"name":"availabilities"},{"name":"bandwidthUsageHistory"},{"name":"batches"},{"name":"bgp"},{"name":"billing"},{"name":"blink"},{"name":"bluetooth"},{"name":"bluetoothClients"},{"name":"bonjourForwarding"},{"name":"boots"},{"name":"boundaries"},{"name":"brandingPolicies"},{"name":"bulk"},{"name":"bulkAdd"},{"name":"bulkCreate"},{"name":"bulkDelete"},{"name":"bulkEnrollment"},{"name":"bulkRemove"},{"name":"bulkUpdate"},{"name":"byAdmin"},{"name":"byApplication"},{"name":"byAutonomousSystem"},{"name":"byBand"},{"name":"byBoundary"},{"name":"byClient"},{"name":"byDevice"},{"name":"byEnergyUsage"},{"name":"byFilterList"},{"name":"byInterval"},{"name":"byMetric"},{"name":"byModel"},{"name":"byNetwork"},{"name":"byNewDevice"},{"name":"byOperation"},{"name":"byPeerGroup"},{"name":"byPort"},{"name":"byPrefixList"},{"name":"byProfile"},{"name":"byRouter"},{"name":"bySourceIp"},{"name":"bySsid"},{"name":"byStack"},{"name":"byStatus"},{"name":"bySwitch"},{"name":"bySwitchProfile"},{"name":"byType"},{"name":"byUsage"},{"name":"byUtilization"},{"name":"byVlan"},{"name":"bypassActivationLockAttempts"},{"name":"cableTest"},{"name":"callbacks"},{"name":"captures"},{"name":"categories"},{"name":"cellular"},{"name":"cellularFirewallRules"},{"name":"cellularUsageHistory"},{"name":"certificateAuthority"},{"name":"certificates"},{"name":"certs"},{"name":"changeHistory"},{"name":"channelUtilization"},{"name":"channelUtilizationHistory"},{"name":"channels"},{"name":"checkup"},{"name":"claim"},{"name":"claimKey"},{"name":"clientCountHistory"},{"name":"clientExclusion"},{"name":"clients"},{"name":"cloud"},{"name":"cloudEnrollment"},{"name":"cloudMonitoring"},{"name":"clusters"},{"name":"commands"},{"name":"communicationPlans"},{"name":"compliance"},{"name":"configTemplates"},{"name":"configurationChanges"},{"name":"configurations"},{"name":"configure"},{"name":"configuredDevices"},{"name":"connectionStats"},{"name":"connections"},{"name":"connectivity"},{"name":"connectivityEvents"},{"name":"connectivityMonitoringDestinations"},{"name":"contentFiltering"},{"name":"contents"},{"name":"controller"},{"name":"correlated"},{"name":"coterm"},{"name":"cpu"},{"name":"crls"},{"name":"current"},{"name":"customAnalytics"},{"name":"customPerformanceClasses"},{"name":"cyclePort"},{"name":"dataRate"},{"name":"dataRateHistory"},{"name":"delegated"},{"name":"deltas"},{"name":"deploy"},{"name":"deployable"},{"name":"deployed"},{"name":"deployments"},{"name":"descriptors"},{"name":"desktopLogs"},{"name":"details"},{"name":"detections"},{"name":"deviceCommandLogs"},{"name":"deviceProfiles"},{"name":"deviceTypeGroupPolicies"},{"name":"dhcp"},{"name":"dhcpLeases"},{"name":"dhcpServerPolicy"},{"name":"dictionaries"},{"name":"disconnect"},{"name":"discovery"},{"name":"disenrollments"},{"name":"dns"},{"name":"doorLocks"},{"name":"download"},{"name":"downloadUrl"},{"name":"dscpTaggingOptions"},{"name":"dscpToCosMappings"},{"name":"eapOverride"},{"name":"earlyAccess"},{"name":"electronicShelfLabel"},{"name":"eligible"},{"name":"enrollments"},{"name":"entitlements"},{"name":"entries"},{"name":"eox"},{"name":"errors"},{"name":"esims"},{"name":"ethernet"},{"name":"eventTypes"},{"name":"events"},{"name":"exclusions"},{"name":"exportEvents"},{"name":"extensions"},{"name":"failedConnections"},{"name":"failover"},{"name":"failures"},{"name":"featureTiers"},{"name":"features"},{"name":"fetchTableQuery"},{"name":"fields"},{"name":"filterLists"},{"name":"filters"},{"name":"firewall"},{"name":"firewalledServices"},{"name":"firmware"},{"name":"firmwareUpgrades"},{"name":"floorPlans"},{"name":"gateways"},{"name":"global"},{"name":"group"},{"name":"groupPolicies"},{"name":"groups"},{"name":"health"},{"name":"healthByTime"},{"name":"healthScores"},{"name":"historical"},{"name":"history"},{"name":"hotspot20"},{"name":"httpServers"},{"name":"iam"},{"name":"identities"},{"name":"identityPsks"},{"name":"idps"},{"name":"import"},{"name":"imports"},{"name":"inboundCellularFirewallRules"},{"name":"inboundFirewallRules"},{"name":"integrate"},{"name":"integration"},{"name":"integrations"},{"name":"interconnects"},{"name":"interfaces"},{"name":"internetPolicies"},{"name":"intrusion"},{"name":"inventory"},{"name":"ipAssignment"},{"name":"ipsec"},{"name":"ipv6"},{"name":"isolation"},{"name":"jobs"},{"name":"keys"},{"name":"l2"},{"name":"l3"},{"name":"l3FirewallRules"},{"name":"l7FirewallRules"},{"name":"lan"},{"name":"lanLink"},{"name":"lanStp"},{"name":"latency"},{"name":"latencyHistory"},{"name":"latencyStats"},{"name":"latest"},{"name":"leds"},{"name":"license"},{"name":"licenses"},{"name":"licensing"},{"name":"lines"},{"name":"linkAggregations"},{"name":"linkLayer"},{"name":"listenRanges"},{"name":"live"},{"name":"liveTools"},{"name":"lldpCdp"},{"name":"load"},{"name":"local"},{"name":"localOverrides"},{"name":"location"},{"name":"locationScanning"},{"name":"loginSecurity"},{"name":"logs"},{"name":"lookups"},{"name":"lossAndLatencyHistory"},{"name":"lowPower"},{"name":"macTable"},{"name":"malware"},{"name":"managementInterface"},{"name":"manufacturers"},{"name":"me"},{"name":"memory"},{"name":"merakiAuth"},{"name":"merakiAuthUsers"},{"name":"meshStatuses"},{"name":"migrations"},{"name":"mirror"},{"name":"mirrors"},{"name":"mode"},{"name":"models"},{"name":"monitor"},{"name":"monitoredMediaServers"},{"name":"moves"},{"name":"mqtt"},{"name":"mqttBrokers"},{"name":"mtu"},{"name":"multicast"},{"name":"multicastForwarding"},{"name":"multicastRouting"},{"name":"nac"},{"name":"nat"},{"name":"neighbors"},{"name":"netflow"},{"name":"networkAdapters"},{"name":"networkHealth"},{"name":"objectDetectionModels"},{"name":"onboarding"},{"name":"onboardingHistory"},{"name":"oneToManyNatRules"},{"name":"oneToOneNatRules"},{"name":"openRoaming"},{"name":"openapiSpec"},{"name":"opportunistic"},{"name":"opportunisticPcap"},{"name":"optIns"},{"name":"optimization"},{"name":"order"},{"name":"orders"},{"name":"ospf"},{"name":"ospfNeighbors"},{"name":"overrides"},{"name":"overview"},{"name":"package"},{"name":"packetCapture"},{"name":"packetCaptures"},{"name":"packetLoss"},{"name":"packets"},{"name":"payloadTemplates"},{"name":"peers"},{"name":"performance"},{"name":"performanceHistory"},{"name":"permissions"},{"name":"pii"},{"name":"piiKeys"},{"name":"ping"},{"name":"pingDevice"},{"name":"planning"},{"name":"poe"},{"name":"policies"},{"name":"policy"},{"name":"policyObjects"},{"name":"portForwardingRules"},{"name":"portSchedules"},{"name":"ports"},{"name":"position"},{"name":"power"},{"name":"powerLimits"},{"name":"powerModules"},{"name":"prefixLists"},{"name":"prefixes"},{"name":"prepare"},{"name":"priorities"},{"name":"privateApplicationGroups"},{"name":"privateApplications"},{"name":"privateResourceGroups"},{"name":"privateResources"},{"name":"productAnnouncements"},{"name":"productIntegrations"},{"name":"profiles"},{"name":"provisioning"},{"name":"publicApplications"},{"name":"qosRules"},{"name":"qualityAndRetention"},{"name":"qualityRetentionProfiles"},{"name":"queues"},{"name":"raGuardPolicy"},{"name":"radio"},{"name":"radius"},{"name":"radsec"},{"name":"ratePlans"},{"name":"readings"},{"name":"reboot"},{"name":"receivers"},{"name":"recent"},{"name":"recommendations"},{"name":"records"},{"name":"redundancy"},{"name":"regions"},{"name":"regulatoryDomain"},{"name":"relationships"},{"name":"remoteAccess"},{"name":"remoteAccessLog"},{"name":"remoteAccessLogsExports"},{"name":"rendezvousPoints"},{"name":"requests"},{"name":"requirements"},{"name":"responseCodes"},{"name":"restrictions"},{"name":"rfHealth"},{"name":"rfProfiles"},{"name":"roaming"},{"name":"roles"},{"name":"rollbacks"},{"name":"routers"},{"name":"routing"},{"name":"routingTable"},{"name":"rrm"},{"name":"rssi"},{"name":"rules"},{"name":"rulesets"},{"name":"salesRepresentatives"},{"name":"saml"},{"name":"samlRoles"},{"name":"sase"},{"name":"scanning"},{"name":"schedules"},{"name":"scores"},{"name":"sdwan"},{"name":"sdwanmanager"},{"name":"search"},{"name":"secureClient"},{"name":"secureConnect"},{"name":"security"},{"name":"securityCenters"},{"name":"seen"},{"name":"sense"},{"name":"sentry"},{"name":"servers"},{"name":"serviceProviders"},{"name":"sessions"},{"name":"settings"},{"name":"signalQuality"},{"name":"signalQualityHistory"},{"name":"sims"},{"name":"singleLan"},{"name":"siteToSite"},{"name":"siteToSiteVpn"},{"name":"sites"},{"name":"slas"},{"name":"smDevicesForKey"},{"name":"smOwnersForKey"},{"name":"snmp"},{"name":"softwares"},{"name":"spanningTree"},{"name":"speedTest"},{"name":"speedTestResults"},{"name":"splash"},{"name":"splashAuthorizationStatus"},{"name":"splashLoginAttempts"},{"name":"split"},{"name":"ssids"},{"name":"stacks"},{"name":"staged"},{"name":"stages"},{"name":"static"},{"name":"staticRoutes"},{"name":"statics"},{"name":"stats"},{"name":"status"},{"name":"statuses"},{"name":"stormControl"},{"name":"stp"},{"name":"subnetPool"},{"name":"subnets"},{"name":"subscription"},{"name":"subscriptions"},{"name":"summaries"},{"name":"summary"},{"name":"summaryPanel"},{"name":"supported"},{"name":"swap"},{"name":"swaps"},{"name":"switchPortStatus"},{"name":"switches"},{"name":"sync"},{"name":"syncJobs"},{"name":"syslog"},{"name":"syslogServers"},{"name":"system"},{"name":"tags"},{"name":"targetGroups"},{"name":"tasks"},{"name":"taxonomy"},{"name":"telemetry"},{"name":"testConnectivity"},{"name":"tests"},{"name":"themes"},{"name":"thirdPartyVPNPeers"},{"name":"thousandEyes"},{"name":"throughputTest"},{"name":"token"},{"name":"tokens"},{"name":"top"},{"name":"topology"},{"name":"traceRoute"},{"name":"traffic"},{"name":"trafficAnalysis"},{"name":"trafficHistory"},{"name":"trafficShaping"},{"name":"transceivers"},{"name":"traps"},{"name":"trustedAccessConfigs"},{"name":"trustedServers"},{"name":"tunnelCreation"},{"name":"types"},{"name":"umbrella"},{"name":"unassigned"},{"name":"upgrades"},{"name":"uplink"},{"name":"uplinkBandwidth"},{"name":"uplinkSelection"},{"name":"uplinks"},{"name":"uplinksLossAndLatency"},{"name":"usage"},{"name":"usageHistories"},{"name":"usageHistory"},{"name":"userAccessDevices"},{"name":"utilization"},{"name":"v4"},{"name":"video"},{"name":"videoLink"},{"name":"videoWalls"},{"name":"vlanAssignments"},{"name":"vlanProfiles"},{"name":"vlans"},{"name":"vmx"},{"name":"vpn"},{"name":"vpnExclusions"},{"name":"vpnFirewallRules"},{"name":"vpnPeers"},{"name":"vppAccounts"},{"name":"vrfs"},{"name":"vrrp"},{"name":"vrrpTable"},{"name":"wakeOnLan"},{"name":"warmSpare"},{"name":"warnings"},{"name":"webApps"},{"name":"webhookTests"},{"name":"webhooks"},{"name":"wirelessControllers"},{"name":"wirelessProfiles"},{"name":"wlanLists"},{"name":"workflows"},{"name":"xdr"},{"name":"zigbee"},{"name":"zones"}],"x-parser-conf":{"overview":{"markdownPath":"docs/overview-early-access.md"},"theme":"meraki","serverConfig":true,"httpBearer":{"bearerToken":"75dd5334bef4d2bc96f26138c163c0a3fa0b5ca6"},"labelConfig":{"endpoint":{"field":"operationId","format":"startCase"}},"groupBy":{"$remoteModule":"config/group_platform.js"},"filterBy":{"$remoteModule":"config/filter_only_beta.js"},"sortBy":{"$remoteModule":"config/sort_by.js"},"exampleAsDefault":true,"expand":0,"variables":{"organizationId":"1215707","networkId":"N_784752235069315754","serial":"QBSB-VQ3J-XZ54"}},"openapi":"3.0.1","servers":[{"url":"https://api.meraki.com/{basePath}","variables":{"basePath":{"default":"api/v1"}}}],"securitySchemes":{"meraki_api_key":{"type":"apiKey","name":"X-Cisco-Meraki-API-Key","in":"header"},"bearerAuth":{"type":"http","scheme":"bearer","bearerFormat":"API Key"},"oauth2":{"type":"oauth2","description":"This API uses OAuth 2 with the authorization code grant flow. [More info](https://developer.cisco.com/meraki/api-v1/authorization/)","flows":{"authorizationCode":{"authorizationUrl":"https://as.meraki.com/oauth/authorize","tokenUrl":"https://as.meraki.com/oauth/token","scopes":{"camera:config:read":"Cameras (MV)","camera:config:write":"Cameras (MV)","camera:telemetry:read":"Cameras (MV)","camera:telemetry:write":"Cameras (MV)","dashboard:general:config:read":"Entire dashboard, excluding identity and access management","dashboard:general:config:write":"Entire dashboard, excluding identity and access management","dashboard:general:networks:groups:config:write":"Network groups configuration management","dashboard:general:telemetry:packetcapture:read":"Dashboard packet capture","dashboard:general:telemetry:read":"Entire dashboard, excluding identity and access management","dashboard:general:telemetry:write":"Entire dashboard, excluding identity and access management","dashboard:iam:config:read":"Dashboard related to identity and access management, including early access features","dashboard:iam:config:write":"Dashboard related to identity and access management, including early access features","dashboard:iam:telemetry:read":"Dashboard related to identity and access management, including early access features","dashboard:iam:telemetry:write":"Dashboard related to identity and access management, including early access features","dashboard:licensing:config:read":"Licensing","dashboard:licensing:config:write":"Licensing","dashboard:licensing:telemetry:read":"Licensing","dashboard:licensing:telemetry:write":"Licensing","iot:gateway:general:config:read":"IoT Gateway Control using NIPC","iot:gateway:general:config:write":"IoT Gateway Control using NIPC","iot:gateway:general:telemetry:read":"IoT Gateway telemetry using NIPC","iot:gateway:general:telemetry:write":"IoT Gateway telemetry using NIPC","iot:gateway:onboarding:config:read":"IoT Gateway Onboarding using SCIM","iot:gateway:onboarding:config:write":"IoT Gateway Onboarding using SCIM","sdwan:config:read":"Secure SD-WAN (MX including MXIGZ)","sdwan:config:write":"Secure SD-WAN (MX including MXIGZ)","sdwan:telemetry:read":"Secure SD-WAN (MX including MXIGZ)","sdwan:telemetry:write":"Secure SD-WAN (MX including MXIGZ)","sensor:config:read":"Sensors (MT)","sensor:config:write":"Sensors (MT)","sensor:telemetry:read":"Sensors (MT)","sensor:telemetry:write":"Sensors (MT)","sm:config:read":"Endpoint Management (SM)","sm:config:write":"Endpoint Management (SM)","sm:telemetry:read":"Endpoint Management (SM)","sm:telemetry:write":"Endpoint Management (SM)","switch:config:read":"Switches (MS)","switch:config:write":"Switches (MS)","switch:telemetry:read":"Switches (MS)","switch:telemetry:write":"Switches (MS)","wireless:config:read":"Wireless (MR)","wireless:config:write":"Wireless (MR)","wireless:telemetry:read":"Wireless (MR)","wireless:telemetry:write":"Wireless (MR)"}}}}}},"spec":{"description":"Create an Organization-Wide Policy Firewall Rule","operationId":"createOrganizationPoliciesGlobalFirewallRulesetsRule","parameters":[{"name":"organizationId","in":"path","description":"Organization ID","schema":{"type":"string"},"required":true}],"requestBody":{"content":{"application/json":{"schema":{"type":"object","properties":{"name":{"type":"string","description":"Name of the firewall rule"},"rulesetId":{"type":"string","description":"Firewall ruleset ID to associate the rule with"},"policy":{"type":"string","enum":["allow","deny"],"description":"Rule policy - allow or deny traffic"},"enabled":{"type":"boolean","description":"Whether the rule is enabled"},"priority":{"type":"integer","description":"Rule priority (lower numbers = higher priority)"},"description":{"type":"string","description":"Description of the firewall rule"},"sources":{"type":"object","properties":{"matchCriteria":{"type":"array","items":{"type":"string","enum":["addressRanges","any","applianceVlans","policyObjectGroups","policyObjects","ports"]},"description":"Source match criteria types"},"criteria":{"type":"object","properties":{"addressRanges":{"type":"array","items":{"type":"string"},"description":"Address ranges or addresses"},"ports":{"type":"array","items":{"type":"string"},"description":"Port numbers or ranges"},"policyObjects":{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"Policy object ID"}},"required":["id"]},"description":"Policy objects"},"policyObjectGroups":{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"Policy object group ID"}},"required":["id"]},"description":"Policy object groups"},"applianceVlans":{"type":"array","items":{"type":"object","properties":{"interfaceId":{"type":"string","description":"Interface ID"}},"required":["interfaceId"]},"description":"Appliance VLANs"}},"description":"Source criteria values (not present if 'any' is in matchCriteria)"}},"description":"Source traffic criteria"},"destinations":{"type":"object","properties":{"matchCriteria":{"type":"array","items":{"type":"string","enum":["addressRanges","any","applianceVlans","applicationCategories","applications","policyObjectGroups","policyObjects","ports","services"]},"description":"Destination match criteria types"},"criteria":{"type":"object","properties":{"addressRanges":{"type":"array","items":{"type":"string"},"description":"Address ranges or addresses"},"ports":{"type":"array","items":{"type":"string"},"description":"Port numbers or ranges"},"services":{"type":"array","items":{"type":"object","properties":{"protocol":{"type":"string","description":"Protocol (tcp, udp, etc)"},"ports":{"type":"array","items":{"type":"string"},"description":"Port numbers or ranges"}},"required":["protocol","ports"]},"description":"Protocol and port services"},"applicationCategories":{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"Category ID"},"name":{"type":"string","description":"Category name"},"applications":{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"Application ID"},"name":{"type":"string","description":"Application name"}},"required":["id"]},"description":"Applications in this category"}},"required":["id"]},"description":"Application categories"},"applications":{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"Application ID"},"name":{"type":"string","description":"Application name"}},"required":["id"]},"description":"Applications"},"policyObjects":{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"Policy object ID"}},"required":["id"]},"description":"Policy objects"},"policyObjectGroups":{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"Policy object group ID"}},"required":["id"]},"description":"Policy object groups"},"applianceVlans":{"type":"array","items":{"type":"object","properties":{"interfaceId":{"type":"string","description":"Interface ID"}},"required":["interfaceId"]},"description":"Appliance VLANs"}},"description":"Destination criteria values (not present if 'any' is in matchCriteria)"}},"description":"Destination traffic criteria"}},"example":{"name":"Allow developers","rulesetId":"32","policy":"deny","enabled":true,"priority":100,"description":"This is rule 1","sources":{"matchCriteria":["addressRanges","ports","policyObjects","policyObjectGroups","applianceVlans"],"criteria":{"addressRanges":["1.1.1.1","2.2.2.2"],"ports":["22","42-46"],"policyObjects":[{"id":"23"}],"policyObjectGroups":[{"id":"45"}],"applianceVlans":[{"interfaceId":"L_123456789012345678_vlan_200"}]}},"destinations":{"matchCriteria":["addressRanges","services","applicationCategories","applications","policyObjects","policyObjectGroups","applianceVlans"],"criteria":{"addressRanges":["1.1.1.1","2.2.2.2"],"ports":["22","42-46"],"services":[{"protocol":"tcp","ports":["80","443"]}],"applicationCategories":[{"id":"meraki:layer7/category/24","name":"Advertising","applications":[{"id":"meraki:layer7/application/5","name":"Advertising.com"}]}],"applications":[{"id":"meraki:layer7/application/5","name":"Advertising.com"}],"policyObjects":[{"id":"23"}],"policyObjectGroups":[{"id":"45"}],"applianceVlans":[{"interfaceId":"L_123456789012345678_vlan_200"}]}}},"required":["name","rulesetId","policy","sources","destinations"]}}},"required":true},"responses":{"201":{"description":"Successful operation","content":{"application/json":{"schema":{"type":"object","properties":{"ruleId":{"type":"string","description":"ID of the firewall rule"},"name":{"type":"string","description":"Name of the firewall rule"},"rulesetId":{"type":"string","description":"Firewall ruleset ID"},"policy":{"type":"string","description":"Rule policy (allow or deny)"},"enabled":{"type":"boolean","description":"Whether the rule is enabled"},"priority":{"type":"integer","description":"Rule priority"},"description":{"type":"string","description":"Description of the firewall rule"},"sources":{"type":"object","properties":{"matchCriteria":{"type":"array","items":{"type":"string"},"description":"Source match criteria types"},"criteria":{"type":"object","properties":{"addressRanges":{"type":"array","items":{"type":"string"},"description":"Address ranges or addresses"},"ports":{"type":"array","items":{"type":"string"},"description":"Port numbers or ranges"},"policyObjects":{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"Policy object ID"}}},"description":"Policy objects"},"policyObjectGroups":{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"Policy object group ID"}}},"description":"Policy object groups"},"applianceVlans":{"type":"array","items":{"type":"object","properties":{"interfaceId":{"type":"string","description":"Interface ID"}}},"description":"Appliance VLANs"},"siteSpecificVlans":{"type":"array","items":{"type":"object","properties":{"id":{"type":"integer","description":"VLAN ID (1-4094)"},"address":{"type":"object","properties":{"offsets":{"type":"object","properties":{"ipv4":{"type":"integer","description":"IPv4 address offset. Added to the base network address to determine the host address within the subnet."},"ipv6":{"type":"string","description":"IPv6 interface identifier offset in colon-separated hex format. Appended to the /64 network prefix."}},"description":"IP address offsets"}},"description":"Address offsets added to the VLAN's base network address to form the target host address"}}},"description":"Site-specific VLANs with address offset configuration. Maximum 100 items."}},"description":"Source criteria values"}},"description":"Source traffic criteria"},"destinations":{"type":"object","properties":{"matchCriteria":{"type":"array","items":{"type":"string"},"description":"Destination match criteria types"},"criteria":{"type":"object","properties":{"addressRanges":{"type":"array","items":{"type":"string"},"description":"Address ranges or addresses"},"ports":{"type":"array","items":{"type":"string"},"description":"Port numbers or ranges"},"services":{"type":"array","items":{"type":"object","properties":{"protocol":{"type":"string","description":"Protocol (tcp, udp, etc)"},"ports":{"type":"array","items":{"type":"string"},"description":"Port numbers or ranges"}}},"description":"Protocol and port services"},"applicationCategories":{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"Category ID"}}},"description":"Application categories"},"applications":{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"Application ID"},"name":{"type":"string","description":"Application name"}}},"description":"Applications"},"policyObjects":{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"Policy object ID"}}},"description":"Policy objects"},"policyObjectGroups":{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"Policy object group ID"}}},"description":"Policy object groups"},"applianceVlans":{"type":"array","items":{"type":"object","properties":{"interfaceId":{"type":"string","description":"Interface ID"}}},"description":"Appliance VLANs"},"countries":{"type":"array","items":{"type":"object","properties":{"code":{"type":"string","enum":["AD","AE","AF","AG","AI","AL","AM","AN","AO","AQ","AR","AS","AT","AU","AW","AX","AZ","BA","BB","BD","BE","BF","BG","BH","BI","BJ","BL","BM","BN","BO","BR","BS","BT","BV","BW","BY","BZ","CA","CC","CD","CF","CG","CH","CI","CK","CL","CM","CN","CO","CR","CU","CV","CW","CX","CY","CZ","DE","DJ","DK","DM","DO","DZ","EC","EE","EG","EH","ER","ES","ET","FI","FJ","FK","FM","FO","FR","GA","GB","GD","GE","GF","GG","GH","GI","GL","GM","GN","GP","GQ","GR","GS","GT","GU","GW","GY","HK","HM","HN","HR","HT","HU","ID","IE","IL","IM","IN","IO","IQ","IR","IS","IT","JE","JM","JO","JP","KE","KG","KH","KI","KM","KN","KP","KR","KW","KY","KZ","LA","LB","LC","LI","LK","LR","LS","LT","LU","LV","LY","MA","MC","MD","ME","MF","MG","MH","MK","ML","MM","MN","MO","MP","MQ","MR","MS","MT","MU","MV","MW","MX","MY","MZ","NA","NC","NE","NF","NG","NI","NL","NO","NP","NR","NU","NZ","OM","PA","PE","PF","PG","PH","PK","PL","PM","PN","PR","PS","PT","PW","PY","QA","RE","RO","RS","RU","RW","SA","SB","SC","SD","SE","SG","SH","SI","SJ","SK","SL","SM","SN","SO","SR","SS","ST","SV","SY","SZ","TC","TD","TF","TG","TH","TJ","TK","TL","TM","TN","TO","TR","TT","TV","TW","TZ","UA","UG","UM","US","UY","UZ","VA","VC","VE","VG","VI","VN","VU","WF","WS","XK","YE","YT","ZA","ZM","ZW"],"description":"Country code (ISO 3166-1 alpha-2)"}}},"description":"Countries"},"fqdns":{"type":"array","items":{"type":"string"},"description":"Fully qualified domain names or wildcard patterns"},"siteSpecificVlans":{"type":"array","items":{"type":"object","properties":{"id":{"type":"integer","description":"VLAN ID (1-4094)"},"address":{"type":"object","properties":{"offsets":{"type":"object","properties":{"ipv4":{"type":"integer","description":"IPv4 address offset. Added to the base network address to determine the host address within the subnet."},"ipv6":{"type":"string","description":"IPv6 interface identifier offset in colon-separated hex format. Appended to the /64 network prefix."}},"description":"IP address offsets"}},"description":"Address offsets added to the VLAN's base network address to form the target host address"}}},"description":"Site-specific VLANs with address offset configuration. Maximum 100 items."}},"description":"Destination criteria values"}},"description":"Destination traffic criteria"},"createdAt":{"type":"string","format":"date-time","description":"Rule creation time"},"lastUpdatedAt":{"type":"string","format":"date-time","description":"Rule last update time"}}},"example":{"ruleId":"123","name":"Allow developers","rulesetId":"32","policy":"deny","enabled":true,"priority":100,"description":"This is rule 1","sources":{"matchCriteria":["addressRanges","ports","policyObjects","policyObjectGroups","applianceVlans"],"criteria":{"addressRanges":["1.1.1.1","2.2.2.2"],"ports":["22","42-46"],"policyObjects":[{"id":"23"}],"policyObjectGroups":[{"id":"45"}],"applianceVlans":[{"interfaceId":"L_123456789012345678_vlan_200"}],"siteSpecificVlans":[{"id":100,"address":{"offsets":{"ipv4":25,"ipv6":"0:ff:fe01:0"}}}]}},"destinations":{"matchCriteria":["addressRanges","services","applicationCategories","applications","policyObjects","policyObjectGroups","applianceVlans"],"criteria":{"addressRanges":["1.1.1.1","2.2.2.2"],"ports":["22","42-46"],"services":[{"protocol":"tcp","ports":["80","443"]}],"applicationCategories":[{"id":"meraki:layer7/category/24"}],"applications":[{"id":"meraki:layer7/application/5","name":"Advertising.com"}],"policyObjects":[{"id":"23"}],"policyObjectGroups":[{"id":"45"}],"applianceVlans":[{"interfaceId":"L_123456789012345678_vlan_200"}],"countries":[{"code":"US"}],"fqdns":["*.example.com"],"siteSpecificVlans":[{"id":100,"address":{"offsets":{"ipv4":25,"ipv6":"0:ff:fe01:0"}}}]}},"createdAt":"2021-01-01T00:00:00Z","lastUpdatedAt":"2021-01-01T00:00:00Z"}}}}},"security":[{"oauth2":["dashboard:general:config:write"]}],"summary":"Create an Organization-Wide Policy Firewall Rule","tags":["organizations","configure","policies","global","firewall","rulesets","rules"],"x-release-stage":"beta","__originalOperationId":"createOrganizationPoliciesGlobalFirewallRulesetsRule","method":"post","path":"/organizations/{organizationId}/policies/global/firewall/rulesets/rules"}}