Policy Assignment
Location in GUI: There is no single GUI location for this feature. Assignment of the policy to the desired device is done under a specific device configuration. In yaml, under the device configuration, there are attributes to assign the policy to the configured device. It is not possible to delete the policy that has been previously assigned to the device.
The option after_destroy_policy allows assigning a different policy before destroying the current policy.
Diagram
Section titled “Diagram”
Classes
Section titled “Classes”system (fmc)
Section titled “system (fmc)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| policy_assignment | Class | [policy_assignment] | No |
policy_assignment (fmc.system)
Section titled “policy_assignment (fmc.system)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| after_destroy_policy | String | No |
Examples
Section titled “Examples”fmc: system: policy_assignment: after_destroy_policy: Initial_ACP domains: - name: Global devices: devices: - name: MyDeviceName1 access_policy: MyAccessPolicyName1 nat_policy: MyFTDNatPolicyName1