Multiple access control rules can be added with a POST command using the bulk insert feature. This feature allows as many as 1,000 rules to be addded at once.
This feature is only available for access rules.
The URL for this feature is:
indicates that that multiple rules will be used in the payload of this request.
All objects in the payload of the bulk POST request must be of the same type. You cannot mix different objects in the same bulk request.
Unlike a normal POST operation, the bulk POST requires a list of JSON objects. This list may have as many as 1,000 objects or as few as one. The individual JSON objects must be enclosed in braces. Each object must be separated by commas, and the entire list is enclosed in brackets:
The following query parameters are supported in bulk POST requests:
This parameter specifies that the bulk POST feature is being used in the query. This parameter is required for bulk rule posting.
This parameter specifies the section into which the rules will be added. If this parameter is not used the section will be the default section. If a section is specified it must exist or the request will fail. If a section is specified, a category cannot be specified.
category=<Name of the category>
This parameter specifies the category into which the rules will be added. If a category is specified it must exist or the request will fail. If a category is specified, a section cannot be specified.
insertAfter=<Index of rule>
This parameter specifies that the rules will be inserted after the specified rule index. If no section or category is specified, the rules will be added to the section or category after the insertion point.
insertBefore=<Index of rule>
This parameter specifies that the rules will be inserted before the specified rule index.If no section or category is specified, the rules will be added to the section or category before the insertion point. insertBefore takes precedence over insertAfter - if both are specified, the insertBefore parameter will apply.
When a rule or group of rules are inserted at an index which is part of either a section or a category, the category or section parameter can be used along with index to specify the insertion location of the rule(s). If an index is given along with a section or category, but the index is not in that section or category, you will receive an error.
If no index is specified, rules will be inserted after the end of the access policy. If a category or section is specified but no index is specified, rules will be inserted at the end of the category or section.
In any given POST all of the rules will be inserted at a single point. You cannot specify multiple insertion locations in a POST request.
Rule order affects how orders are parsed by the Firepower Management Center.