Viewing docs for nsxt 3.12.0
published on Monday, May 18, 2026 by vmware
published on Monday, May 18, 2026 by vmware
Viewing docs for nsxt 3.12.0
published on Monday, May 18, 2026 by vmware
published on Monday, May 18, 2026 by vmware
This data source provides information about global IDPS settings configured in NSX Policy manager, including signature auto-update, syslog, oversubscription, and custom signature enablement settings.
ℹ️ Singleton Resource: This data source reads global IDPS settings which exist as a single instance per NSX-T environment.
This data source is applicable to NSX Policy Manager 4.2.0 onwards.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as nsxt from "@pulumi/nsxt";
const global = nsxt.getPolicyIdpsSettings({});
export const autoUpdateEnabled = global.then(global => global.autoUpdateSignatures);
export const syslogEnabled = global.then(global => global.enableSyslog);
export const oversubscriptionAction = global.then(global => global.oversubscription);
import pulumi
import pulumi_nsxt as nsxt
global_ = nsxt.get_policy_idps_settings()
pulumi.export("autoUpdateEnabled", global_.auto_update_signatures)
pulumi.export("syslogEnabled", global_.enable_syslog)
pulumi.export("oversubscriptionAction", global_.oversubscription)
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/nsxt/v3/nsxt"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
global, err := nsxt.LookupPolicyIdpsSettings(ctx, &nsxt.LookupPolicyIdpsSettingsArgs{}, nil)
if err != nil {
return err
}
ctx.Export("autoUpdateEnabled", global.AutoUpdateSignatures)
ctx.Export("syslogEnabled", global.EnableSyslog)
ctx.Export("oversubscriptionAction", global.Oversubscription)
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Nsxt = Pulumi.Nsxt;
return await Deployment.RunAsync(() =>
{
var @global = Nsxt.GetPolicyIdpsSettings.Invoke();
return new Dictionary<string, object?>
{
["autoUpdateEnabled"] = @global.Apply(@global => @global.Apply(getPolicyIdpsSettingsResult => getPolicyIdpsSettingsResult.AutoUpdateSignatures)),
["syslogEnabled"] = @global.Apply(@global => @global.Apply(getPolicyIdpsSettingsResult => getPolicyIdpsSettingsResult.EnableSyslog)),
["oversubscriptionAction"] = @global.Apply(@global => @global.Apply(getPolicyIdpsSettingsResult => getPolicyIdpsSettingsResult.Oversubscription)),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.nsxt.NsxtFunctions;
import com.pulumi.nsxt.inputs.GetPolicyIdpsSettingsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var global = NsxtFunctions.getPolicyIdpsSettings(GetPolicyIdpsSettingsArgs.builder()
.build());
ctx.export("autoUpdateEnabled", global.autoUpdateSignatures());
ctx.export("syslogEnabled", global.enableSyslog());
ctx.export("oversubscriptionAction", global.oversubscription());
}
}
variables:
global:
fn::invoke:
function: nsxt:getPolicyIdpsSettings
arguments: {}
outputs:
autoUpdateEnabled: ${global.autoUpdateSignatures}
syslogEnabled: ${global.enableSyslog}
oversubscriptionAction: ${global.oversubscription}
Example coming soon!
With Custom Signature Version
import * as pulumi from "@pulumi/pulumi";
import * as nsxt from "@pulumi/nsxt";
// Read IDPS settings with custom signature configuration
const global = nsxt.getPolicyIdpsSettings({
customSignatureVersionId: "version-1",
});
export const customSignaturesEnabled = global.then(global => global.enableCustomSignatures);
import pulumi
import pulumi_nsxt as nsxt
# Read IDPS settings with custom signature configuration
global_ = nsxt.get_policy_idps_settings(custom_signature_version_id="version-1")
pulumi.export("customSignaturesEnabled", global_.enable_custom_signatures)
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/nsxt/v3/nsxt"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Read IDPS settings with custom signature configuration
global, err := nsxt.LookupPolicyIdpsSettings(ctx, &nsxt.LookupPolicyIdpsSettingsArgs{
CustomSignatureVersionId: pulumi.StringRef("version-1"),
}, nil)
if err != nil {
return err
}
ctx.Export("customSignaturesEnabled", global.EnableCustomSignatures)
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Nsxt = Pulumi.Nsxt;
return await Deployment.RunAsync(() =>
{
// Read IDPS settings with custom signature configuration
var @global = Nsxt.GetPolicyIdpsSettings.Invoke(new()
{
CustomSignatureVersionId = "version-1",
});
return new Dictionary<string, object?>
{
["customSignaturesEnabled"] = @global.Apply(@global => @global.Apply(getPolicyIdpsSettingsResult => getPolicyIdpsSettingsResult.EnableCustomSignatures)),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.nsxt.NsxtFunctions;
import com.pulumi.nsxt.inputs.GetPolicyIdpsSettingsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Read IDPS settings with custom signature configuration
final var global = NsxtFunctions.getPolicyIdpsSettings(GetPolicyIdpsSettingsArgs.builder()
.customSignatureVersionId("version-1")
.build());
ctx.export("customSignaturesEnabled", global.enableCustomSignatures());
}
}
variables:
# Read IDPS settings with custom signature configuration
global:
fn::invoke:
function: nsxt:getPolicyIdpsSettings
arguments:
customSignatureVersionId: version-1
outputs:
customSignaturesEnabled: ${global.enableCustomSignatures}
Example coming soon!
Using getPolicyIdpsSettings
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getPolicyIdpsSettings(args: GetPolicyIdpsSettingsArgs, opts?: InvokeOptions): Promise<GetPolicyIdpsSettingsResult>
function getPolicyIdpsSettingsOutput(args: GetPolicyIdpsSettingsOutputArgs, opts?: InvokeOptions): Output<GetPolicyIdpsSettingsResult>def get_policy_idps_settings(custom_signature_version_id: Optional[str] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetPolicyIdpsSettingsResult
def get_policy_idps_settings_output(custom_signature_version_id: pulumi.Input[Optional[str]] = None,
description: pulumi.Input[Optional[str]] = None,
display_name: pulumi.Input[Optional[str]] = None,
id: pulumi.Input[Optional[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetPolicyIdpsSettingsResult]func LookupPolicyIdpsSettings(ctx *Context, args *LookupPolicyIdpsSettingsArgs, opts ...InvokeOption) (*LookupPolicyIdpsSettingsResult, error)
func LookupPolicyIdpsSettingsOutput(ctx *Context, args *LookupPolicyIdpsSettingsOutputArgs, opts ...InvokeOption) LookupPolicyIdpsSettingsResultOutput> Note: This function is named LookupPolicyIdpsSettings in the Go SDK.
public static class GetPolicyIdpsSettings
{
public static Task<GetPolicyIdpsSettingsResult> InvokeAsync(GetPolicyIdpsSettingsArgs args, InvokeOptions? opts = null)
public static Output<GetPolicyIdpsSettingsResult> Invoke(GetPolicyIdpsSettingsInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetPolicyIdpsSettingsResult> getPolicyIdpsSettings(GetPolicyIdpsSettingsArgs args, InvokeOptions options)
public static Output<GetPolicyIdpsSettingsResult> getPolicyIdpsSettings(GetPolicyIdpsSettingsArgs args, InvokeOptions options)
fn::invoke:
function: nsxt:index/getPolicyIdpsSettings:getPolicyIdpsSettings
arguments:
# arguments dictionarydata "nsxt_getpolicyidpssettings" "name" {
# arguments
}The following arguments are supported:
- Custom
Signature stringVersion Id - The custom signature version ID to query for custom signature enablement status. If provided, the data source will also retrieve the custom signature settings for this version.
- Description string
- The description of the resource.
- Display
Name string - The display name of the resource.
- Id string
- The ID of the IDPS settings (always
intrusion-servicesfor this singleton resource).
- Custom
Signature stringVersion Id - The custom signature version ID to query for custom signature enablement status. If provided, the data source will also retrieve the custom signature settings for this version.
- Description string
- The description of the resource.
- Display
Name string - The display name of the resource.
- Id string
- The ID of the IDPS settings (always
intrusion-servicesfor this singleton resource).
- custom_
signature_ stringversion_ id - The custom signature version ID to query for custom signature enablement status. If provided, the data source will also retrieve the custom signature settings for this version.
- description string
- The description of the resource.
- display_
name string - The display name of the resource.
- id string
- The ID of the IDPS settings (always
intrusion-servicesfor this singleton resource).
- custom
Signature StringVersion Id - The custom signature version ID to query for custom signature enablement status. If provided, the data source will also retrieve the custom signature settings for this version.
- description String
- The description of the resource.
- display
Name String - The display name of the resource.
- id String
- The ID of the IDPS settings (always
intrusion-servicesfor this singleton resource).
- custom
Signature stringVersion Id - The custom signature version ID to query for custom signature enablement status. If provided, the data source will also retrieve the custom signature settings for this version.
- description string
- The description of the resource.
- display
Name string - The display name of the resource.
- id string
- The ID of the IDPS settings (always
intrusion-servicesfor this singleton resource).
- custom_
signature_ strversion_ id - The custom signature version ID to query for custom signature enablement status. If provided, the data source will also retrieve the custom signature settings for this version.
- description str
- The description of the resource.
- display_
name str - The display name of the resource.
- id str
- The ID of the IDPS settings (always
intrusion-servicesfor this singleton resource).
- custom
Signature StringVersion Id - The custom signature version ID to query for custom signature enablement status. If provided, the data source will also retrieve the custom signature settings for this version.
- description String
- The description of the resource.
- display
Name String - The display name of the resource.
- id String
- The ID of the IDPS settings (always
intrusion-servicesfor this singleton resource).
getPolicyIdpsSettings Result
The following output properties are available:
- Auto
Update boolSignatures - Whether automatic update of IDS/IPS signatures is enabled. When
true, NSX-T automatically downloads and installs the latest signature updates. - Description string
- The description of the resource.
- Display
Name string - The display name of the resource.
- Enable
Custom boolSignatures - Whether custom signatures are enabled globally. When
true, user-defined custom signatures in the configured version are active. This attribute is only populated whencustom_signature_version_idis provided. - Enable
Syslog bool - Whether sending IDS/IPS events to syslog server is enabled. When
true, IDPS events are forwarded to configured syslog servers (configured separately in NSX-T). - Id string
- The ID of the IDPS settings (always
intrusion-servicesfor this singleton resource). - Oversubscription string
- Action to take when IDPS engine is oversubscribed (processing capacity exceeded). Possible values:
BYPASSED- Traffic bypasses IDPS inspection when oversubscribed (maintains connectivity)DROPPED- Traffic is dropped when oversubscribed (maintains security)
- Path string
- The NSX policy path of the resource.
- Custom
Signature stringVersion Id
- Auto
Update boolSignatures - Whether automatic update of IDS/IPS signatures is enabled. When
true, NSX-T automatically downloads and installs the latest signature updates. - Description string
- The description of the resource.
- Display
Name string - The display name of the resource.
- Enable
Custom boolSignatures - Whether custom signatures are enabled globally. When
true, user-defined custom signatures in the configured version are active. This attribute is only populated whencustom_signature_version_idis provided. - Enable
Syslog bool - Whether sending IDS/IPS events to syslog server is enabled. When
true, IDPS events are forwarded to configured syslog servers (configured separately in NSX-T). - Id string
- The ID of the IDPS settings (always
intrusion-servicesfor this singleton resource). - Oversubscription string
- Action to take when IDPS engine is oversubscribed (processing capacity exceeded). Possible values:
BYPASSED- Traffic bypasses IDPS inspection when oversubscribed (maintains connectivity)DROPPED- Traffic is dropped when oversubscribed (maintains security)
- Path string
- The NSX policy path of the resource.
- Custom
Signature stringVersion Id
- auto_
update_ boolsignatures - Whether automatic update of IDS/IPS signatures is enabled. When
true, NSX-T automatically downloads and installs the latest signature updates. - description string
- The description of the resource.
- display_
name string - The display name of the resource.
- enable_
custom_ boolsignatures - Whether custom signatures are enabled globally. When
true, user-defined custom signatures in the configured version are active. This attribute is only populated whencustom_signature_version_idis provided. - enable_
syslog bool - Whether sending IDS/IPS events to syslog server is enabled. When
true, IDPS events are forwarded to configured syslog servers (configured separately in NSX-T). - id string
- The ID of the IDPS settings (always
intrusion-servicesfor this singleton resource). - oversubscription string
- Action to take when IDPS engine is oversubscribed (processing capacity exceeded). Possible values:
BYPASSED- Traffic bypasses IDPS inspection when oversubscribed (maintains connectivity)DROPPED- Traffic is dropped when oversubscribed (maintains security)
- path string
- The NSX policy path of the resource.
- custom_
signature_ stringversion_ id
- auto
Update BooleanSignatures - Whether automatic update of IDS/IPS signatures is enabled. When
true, NSX-T automatically downloads and installs the latest signature updates. - description String
- The description of the resource.
- display
Name String - The display name of the resource.
- enable
Custom BooleanSignatures - Whether custom signatures are enabled globally. When
true, user-defined custom signatures in the configured version are active. This attribute is only populated whencustom_signature_version_idis provided. - enable
Syslog Boolean - Whether sending IDS/IPS events to syslog server is enabled. When
true, IDPS events are forwarded to configured syslog servers (configured separately in NSX-T). - id String
- The ID of the IDPS settings (always
intrusion-servicesfor this singleton resource). - oversubscription String
- Action to take when IDPS engine is oversubscribed (processing capacity exceeded). Possible values:
BYPASSED- Traffic bypasses IDPS inspection when oversubscribed (maintains connectivity)DROPPED- Traffic is dropped when oversubscribed (maintains security)
- path String
- The NSX policy path of the resource.
- custom
Signature StringVersion Id
- auto
Update booleanSignatures - Whether automatic update of IDS/IPS signatures is enabled. When
true, NSX-T automatically downloads and installs the latest signature updates. - description string
- The description of the resource.
- display
Name string - The display name of the resource.
- enable
Custom booleanSignatures - Whether custom signatures are enabled globally. When
true, user-defined custom signatures in the configured version are active. This attribute is only populated whencustom_signature_version_idis provided. - enable
Syslog boolean - Whether sending IDS/IPS events to syslog server is enabled. When
true, IDPS events are forwarded to configured syslog servers (configured separately in NSX-T). - id string
- The ID of the IDPS settings (always
intrusion-servicesfor this singleton resource). - oversubscription string
- Action to take when IDPS engine is oversubscribed (processing capacity exceeded). Possible values:
BYPASSED- Traffic bypasses IDPS inspection when oversubscribed (maintains connectivity)DROPPED- Traffic is dropped when oversubscribed (maintains security)
- path string
- The NSX policy path of the resource.
- custom
Signature stringVersion Id
- auto_
update_ boolsignatures - Whether automatic update of IDS/IPS signatures is enabled. When
true, NSX-T automatically downloads and installs the latest signature updates. - description str
- The description of the resource.
- display_
name str - The display name of the resource.
- enable_
custom_ boolsignatures - Whether custom signatures are enabled globally. When
true, user-defined custom signatures in the configured version are active. This attribute is only populated whencustom_signature_version_idis provided. - enable_
syslog bool - Whether sending IDS/IPS events to syslog server is enabled. When
true, IDPS events are forwarded to configured syslog servers (configured separately in NSX-T). - id str
- The ID of the IDPS settings (always
intrusion-servicesfor this singleton resource). - oversubscription str
- Action to take when IDPS engine is oversubscribed (processing capacity exceeded). Possible values:
BYPASSED- Traffic bypasses IDPS inspection when oversubscribed (maintains connectivity)DROPPED- Traffic is dropped when oversubscribed (maintains security)
- path str
- The NSX policy path of the resource.
- custom_
signature_ strversion_ id
- auto
Update BooleanSignatures - Whether automatic update of IDS/IPS signatures is enabled. When
true, NSX-T automatically downloads and installs the latest signature updates. - description String
- The description of the resource.
- display
Name String - The display name of the resource.
- enable
Custom BooleanSignatures - Whether custom signatures are enabled globally. When
true, user-defined custom signatures in the configured version are active. This attribute is only populated whencustom_signature_version_idis provided. - enable
Syslog Boolean - Whether sending IDS/IPS events to syslog server is enabled. When
true, IDPS events are forwarded to configured syslog servers (configured separately in NSX-T). - id String
- The ID of the IDPS settings (always
intrusion-servicesfor this singleton resource). - oversubscription String
- Action to take when IDPS engine is oversubscribed (processing capacity exceeded). Possible values:
BYPASSED- Traffic bypasses IDPS inspection when oversubscribed (maintains connectivity)DROPPED- Traffic is dropped when oversubscribed (maintains security)
- path String
- The NSX policy path of the resource.
- custom
Signature StringVersion Id
Package Details
- Repository
- nsxt vmware/terraform-provider-nsxt
- License
- Notes
- This Pulumi package is based on the
nsxtTerraform Provider.
Viewing docs for nsxt 3.12.0
published on Monday, May 18, 2026 by vmware
published on Monday, May 18, 2026 by vmware