Policy Assignment
Location in GUI:
There is no single GUI location for this feature. Assignment of the policy to the desired device is done under a specific device configuration. In yaml, under the device configuration, there are attributes to assign the policy to the configured device. It is not possible to delete the policy that has been previously assigned to the device.
The option after_destroy_policy allows assigning a different policy before destroying the current policy.
Diagram
Classes
system (fmc)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| policy_assignment | Class | [policy_assignment] | No |
policy_assignment (fmc.system)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| after_destroy_policy | String | No |
Examples
fmc:
system:
policy_assignment:
after_destroy_policy: Initial_ACP
domains:
devices:
devices:
- name: MyDeviceName1
access_policy: MyAccessPolicyName1
nat_policy: MyFTDNatPolicyName1