template
Template management commands for NDCLI. Templates are collections of snippets that define firewall configurations. Templates are assigned to OUs, and all devices in that OU receive the template’s configuration.
Commands
Section titled “Commands”| Command | Description |
|---|---|
template list | List templates |
template describe | Show template details |
template create | Create a new template |
template update | Update a template |
template delete | Delete a template |
template add-snippet | Add a snippet to a template |
template remove-snippet | Remove a snippet from a template |
template list
Section titled “template list”List templates in your organization.
ndcli template list [flags]| Flag | Type | Default | Description |
|---|---|---|---|
--created-after | string | Filter by created date | |
--created-before | string | Filter by created date | |
--updated-after | string | Filter by updated date | |
--updated-before | string | Filter by updated date | |
--sort-by | string | name:asc | Sort field and direction |
--page | int | 1 | Page number |
--per-page | int | 30 | Items per page |
Date Filter Formats
Section titled “Date Filter Formats”Date filters accept:
- Relative:
30m,2h,7d,2w(minutes, hours, days, weeks ago) - ISO 8601:
2024-01-15T10:30:00Z
Examples
Section titled “Examples”ndcli template list
ndcli template list --updated-after 7d
ndcli template list --sort-by created_at:desctemplate describe
Section titled “template describe”Show detailed information about a template including its snippets.
ndcli template describe [name]Arguments
Section titled “Arguments”| Argument | Required | Description |
|---|---|---|
name | Yes | Template name |
Output
Section titled “Output”Shows:
- Template name and description
- Creation and update timestamps
- List of assigned snippets with their types and priorities
Examples
Section titled “Examples”ndcli template describe base-configndcli template describe production-firewall -f jsontemplate create
Section titled “template create”Create a new template.
ndcli template create [name] [flags]Arguments
Section titled “Arguments”| Argument | Required | Description |
|---|---|---|
name | Yes | Template name |
| Flag | Type | Description |
|---|---|---|
--description | string | Template description |
Examples
Section titled “Examples”ndcli template create base-firewall
ndcli template create production-config \ --description "Production firewall baseline configuration"template update
Section titled “template update”Update an existing template’s name or description.
ndcli template update [name] [flags]Arguments
Section titled “Arguments”| Argument | Required | Description |
|---|---|---|
name | Yes | Current template name |
| Flag | Type | Description |
|---|---|---|
--name | string | New template name |
--description | string | New description |
Examples
Section titled “Examples”ndcli template update base-config --description "Updated baseline"
ndcli template update old-name --name new-name
ndcli template update legacy-config \ --name modern-config \ --description "Modernized firewall configuration"template delete
Section titled “template delete”Delete a template.
ndcli template delete [name]Arguments
Section titled “Arguments”| Argument | Required | Description |
|---|---|---|
name | Yes | Template name to delete |
Examples
Section titled “Examples”ndcli template delete deprecated-templatetemplate add-snippet
Section titled “template add-snippet”Add a snippet to a template. Snippets are configuration blocks that make up the template.
ndcli template add-snippet [template] [snippet]Arguments
Section titled “Arguments”| Argument | Required | Description |
|---|---|---|
template | Yes | Template name |
snippet | Yes | Snippet name to add |
Examples
Section titled “Examples”ndcli template add-snippet production-config admin-usersndcli template add-snippet production-config firewall-rules- The snippet must exist before adding it to a template
- A snippet can be added to multiple templates
- Snippet order is determined by snippet priority
template remove-snippet
Section titled “template remove-snippet”Remove a snippet from a template.
ndcli template remove-snippet [template] [snippet]Arguments
Section titled “Arguments”| Argument | Required | Description |
|---|---|---|
template | Yes | Template name |
snippet | Yes | Snippet name to remove |
Examples
Section titled “Examples”ndcli template remove-snippet staging-config old-rules- This only removes the snippet from the template
- The snippet itself is not deleted and remains available
template add-software
Section titled “template add-software”Attach a software policy to a template. During sync, NetDefense will reconcile the device’s installed packages against every software policy attached to the templates that match it.
ndcli template add-software [template] [software-policy]Arguments
Section titled “Arguments”| Argument | Required | Description |
|---|---|---|
template | Yes | Template name |
software-policy | Yes | Software policy name to attach |
Examples
Section titled “Examples”ndcli template add-software network-monitoring monitoring-toolstemplate remove-software
Section titled “template remove-software”Detach a software policy from a template. Already-installed packages stay
on the device unless they’re also covered by another policy’s absent
list.
ndcli template remove-software [template] [software-policy]Examples
Section titled “Examples”ndcli template remove-software network-monitoring monitoring-tools