Create Access Control Rules Using Dynamic Attributes Filters
This topic discusses how to create access control rules using dynamic objects (these dynamic objects are named after the dynamic attributes filters you created previously).
Before you begin
Note | You cannot create dynamic attributes filters for AWS, Azure, Azure Service Tags, Cisco Multicloud Defense, Generic Text, GitHub, Google Cloud, and Outlook 365, pxGrid cloud identity source, vCenter, Webex, and Zoom). These types of cloud objects provide their own IP addresses. |
Procedure
Step 1 | Log in to Security Cloud Control. |
Step 2 | Click . |
Step 3 | Click Edit () next to an access control policy. |
Step 4 | Click Add Rule. |
Step 5 | Click the Dynamic Attributes tab. |
Step 6 | In the Available Attributes section, from the list, click Dynamic Objects. The following figure shows an example. The preceding example shows a dynamic object named FinanceNetwork that corresponds to the dynamic attribute filter created in the Cisco Secure
Dynamic Attributes Connector. |
Step 7 | Add the desired object to source or destination attributes. |
Step 8 | Add other conditions to the rule if desired. |
What to do next
Dynamic Attributes Rule Conditions in the Cisco Secure Firewall Management Center Device Configuration Guide.