Endpoint IP Tag
Location in GUI: Tenants
» XXX
» Policies
» Endpoint Tags
» Endpoint IP
Diagram
Section titled “Diagram”Classes
Section titled “Classes”policies (apic.tenants)
Section titled “policies (apic.tenants)”Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
endpoint_ip_tags | List | [endpoint_ip_tags] | No |
endpoint_ip_tags (apic.tenants.policies)
Section titled “endpoint_ip_tags (apic.tenants.policies)”Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
ip | IP | Yes | ||
vrf | String | Regex: ^[a-zA-Z0-9_.:-]{1,64}$ | Yes | |
tags | List | [tags] | No |
tags (apic.tenants.policies.endpoint_ip_tags)
Section titled “tags (apic.tenants.policies.endpoint_ip_tags)”Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
key | String | Regex: ^[a-zA-Z0-9_.:-]{1,64}$ | Yes | |
value | String | Regex: ^[a-zA-Z0-9_.:-]{1,128}$ | Yes |
Examples
Section titled “Examples”Example-1: This data model associates Endpoint Tags based on source IP addresses, supporting both IPv4 and IPv6 formats. This tagging mechanism enables the classification of endpoints into Endpoint Security Groups (ESGs) through tag selectors, thereby facilitating the application and management of security policies. Endpoint Tag objects represent the IP address of an endpoint independently of its learning state. These tags serve as metadata or descriptors for the IP address within a specific VRF and can be created and maintained even before the fabric learns the IP address.
IP Tags are more suitable when IP addresses are stable and VMM integration or routing is in place.
apic: tenants: - name: ABC policies: endpoint_ip_tags: - ip: 1.1.1.1 vrf: VRF1 tags: - key: Environment value: Prod - ip: 2001::1 vrf: VRF1 tags: - key: Environment value: Prod - key: Protocol value: IPv6