Having been playing around with the Proxmox API for a bit now, I've been working on a way to programatically manage cluster-wide Security Groups and rules. From the API documentation, it appears as though a positional argument is accepted as part of a post request to this endpoint:
https://pve.proxmox.com/pve-docs/api-viewer/#/cluster/firewall/groups/{group}
Though the documentation seems to indicate that this is for 'updating' a rule at position 'pos'. When actually providing a position for a new rule, the pos appears to be functionally ignored, and the rule is placed at position 0, regardless of the position number provided.
Additionally, the moveto in the following endpoint:
https://pve.proxmox.com/pve-docs/api-viewer/#/cluster/firewall/groups/{group}/{pos}
Appears to require some +1 math, as attempting to set a rule at position 0 to position 1 in the Proxmox UI results in the rule not moving at all, however, setting the rule to position 2 will place the rule at actual position 1.
Are these expected and undocumented behaviour of the cluster firewall group security rule management endpoints, or am I missing some otherwise well documented process for placing security group rules in at the cluster level?
https://pve.proxmox.com/pve-docs/api-viewer/#/cluster/firewall/groups/{group}
Though the documentation seems to indicate that this is for 'updating' a rule at position 'pos'. When actually providing a position for a new rule, the pos appears to be functionally ignored, and the rule is placed at position 0, regardless of the position number provided.
Additionally, the moveto in the following endpoint:
https://pve.proxmox.com/pve-docs/api-viewer/#/cluster/firewall/groups/{group}/{pos}
Appears to require some +1 math, as attempting to set a rule at position 0 to position 1 in the Proxmox UI results in the rule not moving at all, however, setting the rule to position 2 will place the rule at actual position 1.
Are these expected and undocumented behaviour of the cluster firewall group security rule management endpoints, or am I missing some otherwise well documented process for placing security group rules in at the cluster level?