Viewing docs for nsxt 3.12.0
published on Monday, May 18, 2026 by vmware
published on Monday, May 18, 2026 by vmware
Viewing docs for nsxt 3.12.0
published on Monday, May 18, 2026 by vmware
published on Monday, May 18, 2026 by vmware
This data source provides information about an existing Intrusion Service Policy configured on NSX. It can be useful for fetching the IDPS DFW Policy including all its embedded rules.
NOTE: This data source retrieves the policy including embedded rules, allowing you to refer IDPS DFW policy details and its rules in other resources. For different use cases, consider:
nsxt.PolicyParentIntrusionServicePolicy- For IDPS DFW Policy metadata only (no rules)nsxt.PolicyIntrusionServicePolicyRule- For individual standalone IDPS DFW rules
This data source is applicable to NSX Policy Manager (NSX version 4.2.0 onwards).
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as nsxt from "@pulumi/nsxt";
const idsPolicy = nsxt.getPolicyIntrusionServicePolicy({
displayName: "intrusion-service-policy",
});
import pulumi
import pulumi_nsxt as nsxt
ids_policy = nsxt.get_policy_intrusion_service_policy(display_name="intrusion-service-policy")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/nsxt/v3/nsxt"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := nsxt.LookupPolicyIntrusionServicePolicy(ctx, &nsxt.LookupPolicyIntrusionServicePolicyArgs{
DisplayName: pulumi.StringRef("intrusion-service-policy"),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Nsxt = Pulumi.Nsxt;
return await Deployment.RunAsync(() =>
{
var idsPolicy = Nsxt.GetPolicyIntrusionServicePolicy.Invoke(new()
{
DisplayName = "intrusion-service-policy",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.nsxt.NsxtFunctions;
import com.pulumi.nsxt.inputs.GetPolicyIntrusionServicePolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var idsPolicy = NsxtFunctions.getPolicyIntrusionServicePolicy(GetPolicyIntrusionServicePolicyArgs.builder()
.displayName("intrusion-service-policy")
.build());
}
}
variables:
idsPolicy:
fn::invoke:
function: nsxt:getPolicyIntrusionServicePolicy
arguments:
displayName: intrusion-service-policy
Example coming soon!
Multi-Tenancy
import * as pulumi from "@pulumi/pulumi";
import * as nsxt from "@pulumi/nsxt";
const demoproj = nsxt.getPolicyProject({
displayName: "demoproj",
});
const idsPolicy = demoproj.then(demoproj => nsxt.getPolicyIntrusionServicePolicy({
context: {
projectId: demoproj.id,
},
displayName: "intrusion-service-policy",
}));
import pulumi
import pulumi_nsxt as nsxt
demoproj = nsxt.get_policy_project(display_name="demoproj")
ids_policy = nsxt.get_policy_intrusion_service_policy(context={
"project_id": demoproj.id,
},
display_name="intrusion-service-policy")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/nsxt/v3/nsxt"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
demoproj, err := nsxt.LookupPolicyProject(ctx, &nsxt.LookupPolicyProjectArgs{
DisplayName: pulumi.StringRef("demoproj"),
}, nil)
if err != nil {
return err
}
_, err = nsxt.LookupPolicyIntrusionServicePolicy(ctx, &nsxt.LookupPolicyIntrusionServicePolicyArgs{
Context: nsxt.GetPolicyIntrusionServicePolicyContext{
ProjectId: demoproj.Id,
},
DisplayName: pulumi.StringRef("intrusion-service-policy"),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Nsxt = Pulumi.Nsxt;
return await Deployment.RunAsync(() =>
{
var demoproj = Nsxt.GetPolicyProject.Invoke(new()
{
DisplayName = "demoproj",
});
var idsPolicy = Nsxt.GetPolicyIntrusionServicePolicy.Invoke(new()
{
Context = new Nsxt.Inputs.GetPolicyIntrusionServicePolicyContextInputArgs
{
ProjectId = demoproj.Apply(getPolicyProjectResult => getPolicyProjectResult.Id),
},
DisplayName = "intrusion-service-policy",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.nsxt.NsxtFunctions;
import com.pulumi.nsxt.inputs.GetPolicyProjectArgs;
import com.pulumi.nsxt.inputs.GetPolicyIntrusionServicePolicyArgs;
import com.pulumi.nsxt.inputs.GetPolicyIntrusionServicePolicyContextArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var demoproj = NsxtFunctions.getPolicyProject(GetPolicyProjectArgs.builder()
.displayName("demoproj")
.build());
final var idsPolicy = NsxtFunctions.getPolicyIntrusionServicePolicy(GetPolicyIntrusionServicePolicyArgs.builder()
.context(GetPolicyIntrusionServicePolicyContextArgs.builder()
.projectId(demoproj.id())
.build())
.displayName("intrusion-service-policy")
.build());
}
}
variables:
demoproj:
fn::invoke:
function: nsxt:getPolicyProject
arguments:
displayName: demoproj
idsPolicy:
fn::invoke:
function: nsxt:getPolicyIntrusionServicePolicy
arguments:
context:
projectId: ${demoproj.id}
displayName: intrusion-service-policy
Example coming soon!
Using getPolicyIntrusionServicePolicy
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getPolicyIntrusionServicePolicy(args: GetPolicyIntrusionServicePolicyArgs, opts?: InvokeOptions): Promise<GetPolicyIntrusionServicePolicyResult>
function getPolicyIntrusionServicePolicyOutput(args: GetPolicyIntrusionServicePolicyOutputArgs, opts?: InvokeOptions): Output<GetPolicyIntrusionServicePolicyResult>def get_policy_intrusion_service_policy(category: Optional[str] = None,
context: Optional[GetPolicyIntrusionServicePolicyContext] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
domain: Optional[str] = None,
id: Optional[str] = None,
rules: Optional[Sequence[GetPolicyIntrusionServicePolicyRule]] = None,
tags: Optional[Sequence[GetPolicyIntrusionServicePolicyTag]] = None,
opts: Optional[InvokeOptions] = None) -> GetPolicyIntrusionServicePolicyResult
def get_policy_intrusion_service_policy_output(category: pulumi.Input[Optional[str]] = None,
context: pulumi.Input[Optional[GetPolicyIntrusionServicePolicyContextArgs]] = None,
description: pulumi.Input[Optional[str]] = None,
display_name: pulumi.Input[Optional[str]] = None,
domain: pulumi.Input[Optional[str]] = None,
id: pulumi.Input[Optional[str]] = None,
rules: pulumi.Input[Optional[Sequence[pulumi.Input[GetPolicyIntrusionServicePolicyRuleArgs]]]] = None,
tags: pulumi.Input[Optional[Sequence[pulumi.Input[GetPolicyIntrusionServicePolicyTagArgs]]]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetPolicyIntrusionServicePolicyResult]func LookupPolicyIntrusionServicePolicy(ctx *Context, args *LookupPolicyIntrusionServicePolicyArgs, opts ...InvokeOption) (*LookupPolicyIntrusionServicePolicyResult, error)
func LookupPolicyIntrusionServicePolicyOutput(ctx *Context, args *LookupPolicyIntrusionServicePolicyOutputArgs, opts ...InvokeOption) LookupPolicyIntrusionServicePolicyResultOutput> Note: This function is named LookupPolicyIntrusionServicePolicy in the Go SDK.
public static class GetPolicyIntrusionServicePolicy
{
public static Task<GetPolicyIntrusionServicePolicyResult> InvokeAsync(GetPolicyIntrusionServicePolicyArgs args, InvokeOptions? opts = null)
public static Output<GetPolicyIntrusionServicePolicyResult> Invoke(GetPolicyIntrusionServicePolicyInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetPolicyIntrusionServicePolicyResult> getPolicyIntrusionServicePolicy(GetPolicyIntrusionServicePolicyArgs args, InvokeOptions options)
public static Output<GetPolicyIntrusionServicePolicyResult> getPolicyIntrusionServicePolicy(GetPolicyIntrusionServicePolicyArgs args, InvokeOptions options)
fn::invoke:
function: nsxt:index/getPolicyIntrusionServicePolicy:getPolicyIntrusionServicePolicy
arguments:
# arguments dictionarydata "nsxt_getpolicyintrusionservicepolicy" "name" {
# arguments
}The following arguments are supported:
- Category string
- Category of the policy.
- Context
Get
Policy Intrusion Service Policy Context - The context which the object belongs to
- Description string
- The description of the rule.
- Display
Name string - The display name of the policy to retrieve.
- Domain string
- The domain of the policy. Defaults to
default. - Id string
- The ID of the policy to retrieve.
- Rules
List<Get
Policy Intrusion Service Policy Rule> - A list of rules in this policy. Each rule contains:
-
List<Get
Policy Intrusion Service Policy Tag> - A list of scope + tag pairs associated with this rule.
- Category string
- Category of the policy.
- Context
Get
Policy Intrusion Service Policy Context - The context which the object belongs to
- Description string
- The description of the rule.
- Display
Name string - The display name of the policy to retrieve.
- Domain string
- The domain of the policy. Defaults to
default. - Id string
- The ID of the policy to retrieve.
- Rules
[]Get
Policy Intrusion Service Policy Rule Type - A list of rules in this policy. Each rule contains:
-
[]Get
Policy Intrusion Service Policy Tag - A list of scope + tag pairs associated with this rule.
- category string
- Category of the policy.
- context object
- The context which the object belongs to
- description string
- The description of the rule.
- display_
name string - The display name of the policy to retrieve.
- domain string
- The domain of the policy. Defaults to
default. - id string
- The ID of the policy to retrieve.
- rules list(object)
- A list of rules in this policy. Each rule contains:
- list(object)
- A list of scope + tag pairs associated with this rule.
- category String
- Category of the policy.
- context
Get
Policy Intrusion Service Policy Context - The context which the object belongs to
- description String
- The description of the rule.
- display
Name String - The display name of the policy to retrieve.
- domain String
- The domain of the policy. Defaults to
default. - id String
- The ID of the policy to retrieve.
- rules
List<Get
Policy Intrusion Service Policy Rule> - A list of rules in this policy. Each rule contains:
-
List<Get
Policy Intrusion Service Policy Tag> - A list of scope + tag pairs associated with this rule.
- category string
- Category of the policy.
- context
Get
Policy Intrusion Service Policy Context - The context which the object belongs to
- description string
- The description of the rule.
- display
Name string - The display name of the policy to retrieve.
- domain string
- The domain of the policy. Defaults to
default. - id string
- The ID of the policy to retrieve.
- rules
Get
Policy Intrusion Service Policy Rule[] - A list of rules in this policy. Each rule contains:
-
Get
Policy Intrusion Service Policy Tag[] - A list of scope + tag pairs associated with this rule.
- category str
- Category of the policy.
- context
Get
Policy Intrusion Service Policy Context - The context which the object belongs to
- description str
- The description of the rule.
- display_
name str - The display name of the policy to retrieve.
- domain str
- The domain of the policy. Defaults to
default. - id str
- The ID of the policy to retrieve.
- rules
Sequence[Get
Policy Intrusion Service Policy Rule] - A list of rules in this policy. Each rule contains:
-
Sequence[Get
Policy Intrusion Service Policy Tag] - A list of scope + tag pairs associated with this rule.
- category String
- Category of the policy.
- context Property Map
- The context which the object belongs to
- description String
- The description of the rule.
- display
Name String - The display name of the policy to retrieve.
- domain String
- The domain of the policy. Defaults to
default. - id String
- The ID of the policy to retrieve.
- rules List<Property Map>
- A list of rules in this policy. Each rule contains:
- List<Property Map>
- A list of scope + tag pairs associated with this rule.
getPolicyIntrusionServicePolicy Result
The following output properties are available:
- Category string
- Comments string
- Comments for security policy lock/unlock.
- Description string
- The description of the rule.
- Display
Name string - The display name of the rule.
- Id string
- Locked bool
- Indicates whether a security policy should be locked.
- Path string
- The NSX path of the policy resource.
- Revision double
- Indicates current revision number of the rule.
- Sequence
Number double - The sequence number of the rule.
- Stateful bool
- When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Note: Intrusion Service Policies are always stateful.
- Context
Get
Policy Intrusion Service Policy Context - Domain string
- Rules
List<Get
Policy Intrusion Service Policy Rule> - A list of rules in this policy. Each rule contains:
-
List<Get
Policy Intrusion Service Policy Tag> - A list of scope + tag pairs associated with this rule.
- Category string
- Comments string
- Comments for security policy lock/unlock.
- Description string
- The description of the rule.
- Display
Name string - The display name of the rule.
- Id string
- Locked bool
- Indicates whether a security policy should be locked.
- Path string
- The NSX path of the policy resource.
- Revision float64
- Indicates current revision number of the rule.
- Sequence
Number float64 - The sequence number of the rule.
- Stateful bool
- When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Note: Intrusion Service Policies are always stateful.
- Context
Get
Policy Intrusion Service Policy Context - Domain string
- Rules
[]Get
Policy Intrusion Service Policy Rule Type - A list of rules in this policy. Each rule contains:
-
[]Get
Policy Intrusion Service Policy Tag - A list of scope + tag pairs associated with this rule.
- category string
- comments string
- Comments for security policy lock/unlock.
- description string
- The description of the rule.
- display_
name string - The display name of the rule.
- id string
- locked bool
- Indicates whether a security policy should be locked.
- path string
- The NSX path of the policy resource.
- revision number
- Indicates current revision number of the rule.
- sequence_
number number - The sequence number of the rule.
- stateful bool
- When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Note: Intrusion Service Policies are always stateful.
- context object
- domain string
- rules list(object)
- A list of rules in this policy. Each rule contains:
- list(object)
- A list of scope + tag pairs associated with this rule.
- category String
- comments String
- Comments for security policy lock/unlock.
- description String
- The description of the rule.
- display
Name String - The display name of the rule.
- id String
- locked Boolean
- Indicates whether a security policy should be locked.
- path String
- The NSX path of the policy resource.
- revision Double
- Indicates current revision number of the rule.
- sequence
Number Double - The sequence number of the rule.
- stateful Boolean
- When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Note: Intrusion Service Policies are always stateful.
- context
Get
Policy Intrusion Service Policy Context - domain String
- rules
List<Get
Policy Intrusion Service Policy Rule> - A list of rules in this policy. Each rule contains:
-
List<Get
Policy Intrusion Service Policy Tag> - A list of scope + tag pairs associated with this rule.
- category string
- comments string
- Comments for security policy lock/unlock.
- description string
- The description of the rule.
- display
Name string - The display name of the rule.
- id string
- locked boolean
- Indicates whether a security policy should be locked.
- path string
- The NSX path of the policy resource.
- revision number
- Indicates current revision number of the rule.
- sequence
Number number - The sequence number of the rule.
- stateful boolean
- When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Note: Intrusion Service Policies are always stateful.
- context
Get
Policy Intrusion Service Policy Context - domain string
- rules
Get
Policy Intrusion Service Policy Rule[] - A list of rules in this policy. Each rule contains:
-
Get
Policy Intrusion Service Policy Tag[] - A list of scope + tag pairs associated with this rule.
- category str
- comments str
- Comments for security policy lock/unlock.
- description str
- The description of the rule.
- display_
name str - The display name of the rule.
- id str
- locked bool
- Indicates whether a security policy should be locked.
- path str
- The NSX path of the policy resource.
- revision float
- Indicates current revision number of the rule.
- sequence_
number float - The sequence number of the rule.
- stateful bool
- When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Note: Intrusion Service Policies are always stateful.
- context
Get
Policy Intrusion Service Policy Context - domain str
- rules
Sequence[Get
Policy Intrusion Service Policy Rule] - A list of rules in this policy. Each rule contains:
-
Sequence[Get
Policy Intrusion Service Policy Tag] - A list of scope + tag pairs associated with this rule.
- category String
- comments String
- Comments for security policy lock/unlock.
- description String
- The description of the rule.
- display
Name String - The display name of the rule.
- id String
- locked Boolean
- Indicates whether a security policy should be locked.
- path String
- The NSX path of the policy resource.
- revision Number
- Indicates current revision number of the rule.
- sequence
Number Number - The sequence number of the rule.
- stateful Boolean
- When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Note: Intrusion Service Policies are always stateful.
- context Property Map
- domain String
- rules List<Property Map>
- A list of rules in this policy. Each rule contains:
- List<Property Map>
- A list of scope + tag pairs associated with this rule.
Supporting Types
GetPolicyIntrusionServicePolicyContext
- Project
Id string - The ID of the project which the object belongs to
- Project
Id string - The ID of the project which the object belongs to
- project_
id string - The ID of the project which the object belongs to
- project
Id String - The ID of the project which the object belongs to
- project
Id string - The ID of the project which the object belongs to
- project_
id str - The ID of the project which the object belongs to
- project
Id String - The ID of the project which the object belongs to
GetPolicyIntrusionServicePolicyRule
- Display
Name string - The display name of the policy to retrieve.
- Ids
Profiles List<string> - List of IDS profiles for this rule.
- Nsx
Id string - NSX ID for this resource
- Path string
- The NSX path of the policy resource.
- Revision double
- Indicates current revision number of the rule.
- Rule
Id double - Unique positive number assigned by the system.
- Sequence
Number double - The sequence number of the rule.
- Action string
- Action for this rule (DETECT, DETECT_PREVENT, EXEMPT). Note: EXEMPT action requires NSX version 9.1.0 or higher.
- Description string
- The description of the rule.
- Destination
Groups List<string> - List of destination groups.
- Destinations
Excluded bool - Flag to indicate whether destinations are negated.
- Direction string
- Traffic direction.
- Disabled bool
- Flag to disable the rule.
- Ip
Version string - IP version.
- Log
Label string - Additional information which will be propagated to the rule syslog.
- Logged bool
- Flag to enable logging.
- Notes string
- Additional notes for the rule.
- Oversubscription string
- Indicates how rule performs when oversubscribed.
- Profiles List<string>
- List of profiles
- Scopes List<string>
- List of objects where the rule is enforced.
- Service
Entries GetPolicy Intrusion Service Policy Rule Service Entries - List of services to match
- Services List<string>
- List of services.
- Source
Groups List<string> - List of source groups.
- Sources
Excluded bool - Flag to indicate whether sources are negated.
-
List<Get
Policy Intrusion Service Policy Rule Tag> - A list of scope + tag pairs associated with this rule.
- Display
Name string - The display name of the policy to retrieve.
- Ids
Profiles []string - List of IDS profiles for this rule.
- Nsx
Id string - NSX ID for this resource
- Path string
- The NSX path of the policy resource.
- Revision float64
- Indicates current revision number of the rule.
- Rule
Id float64 - Unique positive number assigned by the system.
- Sequence
Number float64 - The sequence number of the rule.
- Action string
- Action for this rule (DETECT, DETECT_PREVENT, EXEMPT). Note: EXEMPT action requires NSX version 9.1.0 or higher.
- Description string
- The description of the rule.
- Destination
Groups []string - List of destination groups.
- Destinations
Excluded bool - Flag to indicate whether destinations are negated.
- Direction string
- Traffic direction.
- Disabled bool
- Flag to disable the rule.
- Ip
Version string - IP version.
- Log
Label string - Additional information which will be propagated to the rule syslog.
- Logged bool
- Flag to enable logging.
- Notes string
- Additional notes for the rule.
- Oversubscription string
- Indicates how rule performs when oversubscribed.
- Profiles []string
- List of profiles
- Scopes []string
- List of objects where the rule is enforced.
- Service
Entries GetPolicy Intrusion Service Policy Rule Service Entries - List of services to match
- Services []string
- List of services.
- Source
Groups []string - List of source groups.
- Sources
Excluded bool - Flag to indicate whether sources are negated.
-
[]Get
Policy Intrusion Service Policy Rule Tag - A list of scope + tag pairs associated with this rule.
- display_
name string - The display name of the policy to retrieve.
- ids_
profiles list(string) - List of IDS profiles for this rule.
- nsx_
id string - NSX ID for this resource
- path string
- The NSX path of the policy resource.
- revision number
- Indicates current revision number of the rule.
- rule_
id number - Unique positive number assigned by the system.
- sequence_
number number - The sequence number of the rule.
- action string
- Action for this rule (DETECT, DETECT_PREVENT, EXEMPT). Note: EXEMPT action requires NSX version 9.1.0 or higher.
- description string
- The description of the rule.
- destination_
groups list(string) - List of destination groups.
- destinations_
excluded bool - Flag to indicate whether destinations are negated.
- direction string
- Traffic direction.
- disabled bool
- Flag to disable the rule.
- ip_
version string - IP version.
- log_
label string - Additional information which will be propagated to the rule syslog.
- logged bool
- Flag to enable logging.
- notes string
- Additional notes for the rule.
- oversubscription string
- Indicates how rule performs when oversubscribed.
- profiles list(string)
- List of profiles
- scopes list(string)
- List of objects where the rule is enforced.
- service_
entries object - List of services to match
- services list(string)
- List of services.
- source_
groups list(string) - List of source groups.
- sources_
excluded bool - Flag to indicate whether sources are negated.
- list(object)
- A list of scope + tag pairs associated with this rule.
- display
Name String - The display name of the policy to retrieve.
- ids
Profiles List<String> - List of IDS profiles for this rule.
- nsx
Id String - NSX ID for this resource
- path String
- The NSX path of the policy resource.
- revision Double
- Indicates current revision number of the rule.
- rule
Id Double - Unique positive number assigned by the system.
- sequence
Number Double - The sequence number of the rule.
- action String
- Action for this rule (DETECT, DETECT_PREVENT, EXEMPT). Note: EXEMPT action requires NSX version 9.1.0 or higher.
- description String
- The description of the rule.
- destination
Groups List<String> - List of destination groups.
- destinations
Excluded Boolean - Flag to indicate whether destinations are negated.
- direction String
- Traffic direction.
- disabled Boolean
- Flag to disable the rule.
- ip
Version String - IP version.
- log
Label String - Additional information which will be propagated to the rule syslog.
- logged Boolean
- Flag to enable logging.
- notes String
- Additional notes for the rule.
- oversubscription String
- Indicates how rule performs when oversubscribed.
- profiles List<String>
- List of profiles
- scopes List<String>
- List of objects where the rule is enforced.
- service
Entries GetPolicy Intrusion Service Policy Rule Service Entries - List of services to match
- services List<String>
- List of services.
- source
Groups List<String> - List of source groups.
- sources
Excluded Boolean - Flag to indicate whether sources are negated.
-
List<Get
Policy Intrusion Service Policy Rule Tag> - A list of scope + tag pairs associated with this rule.
- display
Name string - The display name of the policy to retrieve.
- ids
Profiles string[] - List of IDS profiles for this rule.
- nsx
Id string - NSX ID for this resource
- path string
- The NSX path of the policy resource.
- revision number
- Indicates current revision number of the rule.
- rule
Id number - Unique positive number assigned by the system.
- sequence
Number number - The sequence number of the rule.
- action string
- Action for this rule (DETECT, DETECT_PREVENT, EXEMPT). Note: EXEMPT action requires NSX version 9.1.0 or higher.
- description string
- The description of the rule.
- destination
Groups string[] - List of destination groups.
- destinations
Excluded boolean - Flag to indicate whether destinations are negated.
- direction string
- Traffic direction.
- disabled boolean
- Flag to disable the rule.
- ip
Version string - IP version.
- log
Label string - Additional information which will be propagated to the rule syslog.
- logged boolean
- Flag to enable logging.
- notes string
- Additional notes for the rule.
- oversubscription string
- Indicates how rule performs when oversubscribed.
- profiles string[]
- List of profiles
- scopes string[]
- List of objects where the rule is enforced.
- service
Entries GetPolicy Intrusion Service Policy Rule Service Entries - List of services to match
- services string[]
- List of services.
- source
Groups string[] - List of source groups.
- sources
Excluded boolean - Flag to indicate whether sources are negated.
-
Get
Policy Intrusion Service Policy Rule Tag[] - A list of scope + tag pairs associated with this rule.
- display_
name str - The display name of the policy to retrieve.
- ids_
profiles Sequence[str] - List of IDS profiles for this rule.
- nsx_
id str - NSX ID for this resource
- path str
- The NSX path of the policy resource.
- revision float
- Indicates current revision number of the rule.
- rule_
id float - Unique positive number assigned by the system.
- sequence_
number float - The sequence number of the rule.
- action str
- Action for this rule (DETECT, DETECT_PREVENT, EXEMPT). Note: EXEMPT action requires NSX version 9.1.0 or higher.
- description str
- The description of the rule.
- destination_
groups Sequence[str] - List of destination groups.
- destinations_
excluded bool - Flag to indicate whether destinations are negated.
- direction str
- Traffic direction.
- disabled bool
- Flag to disable the rule.
- ip_
version str - IP version.
- log_
label str - Additional information which will be propagated to the rule syslog.
- logged bool
- Flag to enable logging.
- notes str
- Additional notes for the rule.
- oversubscription str
- Indicates how rule performs when oversubscribed.
- profiles Sequence[str]
- List of profiles
- scopes Sequence[str]
- List of objects where the rule is enforced.
- service_
entries GetPolicy Intrusion Service Policy Rule Service Entries - List of services to match
- services Sequence[str]
- List of services.
- source_
groups Sequence[str] - List of source groups.
- sources_
excluded bool - Flag to indicate whether sources are negated.
-
Sequence[Get
Policy Intrusion Service Policy Rule Tag] - A list of scope + tag pairs associated with this rule.
- display
Name String - The display name of the policy to retrieve.
- ids
Profiles List<String> - List of IDS profiles for this rule.
- nsx
Id String - NSX ID for this resource
- path String
- The NSX path of the policy resource.
- revision Number
- Indicates current revision number of the rule.
- rule
Id Number - Unique positive number assigned by the system.
- sequence
Number Number - The sequence number of the rule.
- action String
- Action for this rule (DETECT, DETECT_PREVENT, EXEMPT). Note: EXEMPT action requires NSX version 9.1.0 or higher.
- description String
- The description of the rule.
- destination
Groups List<String> - List of destination groups.
- destinations
Excluded Boolean - Flag to indicate whether destinations are negated.
- direction String
- Traffic direction.
- disabled Boolean
- Flag to disable the rule.
- ip
Version String - IP version.
- log
Label String - Additional information which will be propagated to the rule syslog.
- logged Boolean
- Flag to enable logging.
- notes String
- Additional notes for the rule.
- oversubscription String
- Indicates how rule performs when oversubscribed.
- profiles List<String>
- List of profiles
- scopes List<String>
- List of objects where the rule is enforced.
- service
Entries Property Map - List of services to match
- services List<String>
- List of services.
- source
Groups List<String> - List of source groups.
- sources
Excluded Boolean - Flag to indicate whether sources are negated.
- List<Property Map>
- A list of scope + tag pairs associated with this rule.
GetPolicyIntrusionServicePolicyRuleServiceEntries
- Algorithm
Entries List<GetPolicy Intrusion Service Policy Rule Service Entries Algorithm Entry> - Algorithm type service entry
- Ether
Type List<GetEntries Policy Intrusion Service Policy Rule Service Entries Ether Type Entry> - Ether type service entry
- Icmp
Entries List<GetPolicy Intrusion Service Policy Rule Service Entries Icmp Entry> - ICMP type service entry
- Igmp
Entries List<GetPolicy Intrusion Service Policy Rule Service Entries Igmp Entry> - IGMP type service entry
- Ip
Protocol List<GetEntries Policy Intrusion Service Policy Rule Service Entries Ip Protocol Entry> - IP Protocol type service entry
- L4Port
Set List<GetEntries Policy Intrusion Service Policy Rule Service Entries L4Port Set Entry> - L4 port set type service entry
- Algorithm
Entries []GetPolicy Intrusion Service Policy Rule Service Entries Algorithm Entry - Algorithm type service entry
- Ether
Type []GetEntries Policy Intrusion Service Policy Rule Service Entries Ether Type Entry - Ether type service entry
- Icmp
Entries []GetPolicy Intrusion Service Policy Rule Service Entries Icmp Entry - ICMP type service entry
- Igmp
Entries []GetPolicy Intrusion Service Policy Rule Service Entries Igmp Entry - IGMP type service entry
- Ip
Protocol []GetEntries Policy Intrusion Service Policy Rule Service Entries Ip Protocol Entry - IP Protocol type service entry
- L4Port
Set []GetEntries Policy Intrusion Service Policy Rule Service Entries L4Port Set Entry - L4 port set type service entry
- algorithm_
entries list(object) - Algorithm type service entry
- ether_
type_ list(object)entries - Ether type service entry
- icmp_
entries list(object) - ICMP type service entry
- igmp_
entries list(object) - IGMP type service entry
- ip_
protocol_ list(object)entries - IP Protocol type service entry
- l4_
port_ list(object)set_ entries - L4 port set type service entry
- algorithm
Entries List<GetPolicy Intrusion Service Policy Rule Service Entries Algorithm Entry> - Algorithm type service entry
- ether
Type List<GetEntries Policy Intrusion Service Policy Rule Service Entries Ether Type Entry> - Ether type service entry
- icmp
Entries List<GetPolicy Intrusion Service Policy Rule Service Entries Icmp Entry> - ICMP type service entry
- igmp
Entries List<GetPolicy Intrusion Service Policy Rule Service Entries Igmp Entry> - IGMP type service entry
- ip
Protocol List<GetEntries Policy Intrusion Service Policy Rule Service Entries Ip Protocol Entry> - IP Protocol type service entry
- l4Port
Set List<GetEntries Policy Intrusion Service Policy Rule Service Entries L4Port Set Entry> - L4 port set type service entry
- algorithm
Entries GetPolicy Intrusion Service Policy Rule Service Entries Algorithm Entry[] - Algorithm type service entry
- ether
Type GetEntries Policy Intrusion Service Policy Rule Service Entries Ether Type Entry[] - Ether type service entry
- icmp
Entries GetPolicy Intrusion Service Policy Rule Service Entries Icmp Entry[] - ICMP type service entry
- igmp
Entries GetPolicy Intrusion Service Policy Rule Service Entries Igmp Entry[] - IGMP type service entry
- ip
Protocol GetEntries Policy Intrusion Service Policy Rule Service Entries Ip Protocol Entry[] - IP Protocol type service entry
- l4Port
Set GetEntries Policy Intrusion Service Policy Rule Service Entries L4Port Set Entry[] - L4 port set type service entry
- algorithm_
entries Sequence[GetPolicy Intrusion Service Policy Rule Service Entries Algorithm Entry] - Algorithm type service entry
- ether_
type_ Sequence[Getentries Policy Intrusion Service Policy Rule Service Entries Ether Type Entry] - Ether type service entry
- icmp_
entries Sequence[GetPolicy Intrusion Service Policy Rule Service Entries Icmp Entry] - ICMP type service entry
- igmp_
entries Sequence[GetPolicy Intrusion Service Policy Rule Service Entries Igmp Entry] - IGMP type service entry
- ip_
protocol_ Sequence[Getentries Policy Intrusion Service Policy Rule Service Entries Ip Protocol Entry] - IP Protocol type service entry
- l4_
port_ Sequence[Getset_ entries Policy Intrusion Service Policy Rule Service Entries L4Port Set Entry] - L4 port set type service entry
- algorithm
Entries List<Property Map> - Algorithm type service entry
- ether
Type List<Property Map>Entries - Ether type service entry
- icmp
Entries List<Property Map> - ICMP type service entry
- igmp
Entries List<Property Map> - IGMP type service entry
- ip
Protocol List<Property Map>Entries - IP Protocol type service entry
- l4Port
Set List<Property Map>Entries - L4 port set type service entry
GetPolicyIntrusionServicePolicyRuleServiceEntriesAlgorithmEntry
- Algorithm string
- Algorithm
- Destination
Port string - A single destination port
- Description string
- The description of the rule.
- Display
Name string - The display name of the policy to retrieve.
- Source
Ports List<string> - Set of source ports or ranges
- Algorithm string
- Algorithm
- Destination
Port string - A single destination port
- Description string
- The description of the rule.
- Display
Name string - The display name of the policy to retrieve.
- Source
Ports []string - Set of source ports or ranges
- algorithm string
- Algorithm
- destination_
port string - A single destination port
- description string
- The description of the rule.
- display_
name string - The display name of the policy to retrieve.
- source_
ports list(string) - Set of source ports or ranges
- algorithm String
- Algorithm
- destination
Port String - A single destination port
- description String
- The description of the rule.
- display
Name String - The display name of the policy to retrieve.
- source
Ports List<String> - Set of source ports or ranges
- algorithm string
- Algorithm
- destination
Port string - A single destination port
- description string
- The description of the rule.
- display
Name string - The display name of the policy to retrieve.
- source
Ports string[] - Set of source ports or ranges
- algorithm str
- Algorithm
- destination_
port str - A single destination port
- description str
- The description of the rule.
- display_
name str - The display name of the policy to retrieve.
- source_
ports Sequence[str] - Set of source ports or ranges
- algorithm String
- Algorithm
- destination
Port String - A single destination port
- description String
- The description of the rule.
- display
Name String - The display name of the policy to retrieve.
- source
Ports List<String> - Set of source ports or ranges
GetPolicyIntrusionServicePolicyRuleServiceEntriesEtherTypeEntry
- Ether
Type double - Type of the encapsulated protocol
- Description string
- The description of the rule.
- Display
Name string - The display name of the policy to retrieve.
- Ether
Type float64 - Type of the encapsulated protocol
- Description string
- The description of the rule.
- Display
Name string - The display name of the policy to retrieve.
- ether_
type number - Type of the encapsulated protocol
- description string
- The description of the rule.
- display_
name string - The display name of the policy to retrieve.
- ether
Type Double - Type of the encapsulated protocol
- description String
- The description of the rule.
- display
Name String - The display name of the policy to retrieve.
- ether
Type number - Type of the encapsulated protocol
- description string
- The description of the rule.
- display
Name string - The display name of the policy to retrieve.
- ether_
type float - Type of the encapsulated protocol
- description str
- The description of the rule.
- display_
name str - The display name of the policy to retrieve.
- ether
Type Number - Type of the encapsulated protocol
- description String
- The description of the rule.
- display
Name String - The display name of the policy to retrieve.
GetPolicyIntrusionServicePolicyRuleServiceEntriesIcmpEntry
- Protocol string
- Version of ICMP protocol (ICMPv4/ICMPv6)
- Description string
- The description of the rule.
- Display
Name string - The display name of the policy to retrieve.
- Icmp
Code string - ICMP message code
- Icmp
Type string - ICMP message type
- Protocol string
- Version of ICMP protocol (ICMPv4/ICMPv6)
- Description string
- The description of the rule.
- Display
Name string - The display name of the policy to retrieve.
- Icmp
Code string - ICMP message code
- Icmp
Type string - ICMP message type
- protocol string
- Version of ICMP protocol (ICMPv4/ICMPv6)
- description string
- The description of the rule.
- display_
name string - The display name of the policy to retrieve.
- icmp_
code string - ICMP message code
- icmp_
type string - ICMP message type
- protocol String
- Version of ICMP protocol (ICMPv4/ICMPv6)
- description String
- The description of the rule.
- display
Name String - The display name of the policy to retrieve.
- icmp
Code String - ICMP message code
- icmp
Type String - ICMP message type
- protocol string
- Version of ICMP protocol (ICMPv4/ICMPv6)
- description string
- The description of the rule.
- display
Name string - The display name of the policy to retrieve.
- icmp
Code string - ICMP message code
- icmp
Type string - ICMP message type
- protocol str
- Version of ICMP protocol (ICMPv4/ICMPv6)
- description str
- The description of the rule.
- display_
name str - The display name of the policy to retrieve.
- icmp_
code str - ICMP message code
- icmp_
type str - ICMP message type
- protocol String
- Version of ICMP protocol (ICMPv4/ICMPv6)
- description String
- The description of the rule.
- display
Name String - The display name of the policy to retrieve.
- icmp
Code String - ICMP message code
- icmp
Type String - ICMP message type
GetPolicyIntrusionServicePolicyRuleServiceEntriesIgmpEntry
- Description string
- The description of the rule.
- Display
Name string - The display name of the policy to retrieve.
- Description string
- The description of the rule.
- Display
Name string - The display name of the policy to retrieve.
- description string
- The description of the rule.
- display_
name string - The display name of the policy to retrieve.
- description String
- The description of the rule.
- display
Name String - The display name of the policy to retrieve.
- description string
- The description of the rule.
- display
Name string - The display name of the policy to retrieve.
- description str
- The description of the rule.
- display_
name str - The display name of the policy to retrieve.
- description String
- The description of the rule.
- display
Name String - The display name of the policy to retrieve.
GetPolicyIntrusionServicePolicyRuleServiceEntriesIpProtocolEntry
- Protocol double
- IP protocol number
- Description string
- The description of the rule.
- Display
Name string - The display name of the policy to retrieve.
- Protocol float64
- IP protocol number
- Description string
- The description of the rule.
- Display
Name string - The display name of the policy to retrieve.
- protocol number
- IP protocol number
- description string
- The description of the rule.
- display_
name string - The display name of the policy to retrieve.
- protocol Double
- IP protocol number
- description String
- The description of the rule.
- display
Name String - The display name of the policy to retrieve.
- protocol number
- IP protocol number
- description string
- The description of the rule.
- display
Name string - The display name of the policy to retrieve.
- protocol float
- IP protocol number
- description str
- The description of the rule.
- display_
name str - The display name of the policy to retrieve.
- protocol Number
- IP protocol number
- description String
- The description of the rule.
- display
Name String - The display name of the policy to retrieve.
GetPolicyIntrusionServicePolicyRuleServiceEntriesL4PortSetEntry
- Protocol string
- L4 Protocol
- Description string
- The description of the rule.
- Destination
Ports List<string> - Set of destination ports
- Display
Name string - The display name of the policy to retrieve.
- Source
Ports List<string> - Set of source ports
- Protocol string
- L4 Protocol
- Description string
- The description of the rule.
- Destination
Ports []string - Set of destination ports
- Display
Name string - The display name of the policy to retrieve.
- Source
Ports []string - Set of source ports
- protocol string
- L4 Protocol
- description string
- The description of the rule.
- destination_
ports list(string) - Set of destination ports
- display_
name string - The display name of the policy to retrieve.
- source_
ports list(string) - Set of source ports
- protocol String
- L4 Protocol
- description String
- The description of the rule.
- destination
Ports List<String> - Set of destination ports
- display
Name String - The display name of the policy to retrieve.
- source
Ports List<String> - Set of source ports
- protocol string
- L4 Protocol
- description string
- The description of the rule.
- destination
Ports string[] - Set of destination ports
- display
Name string - The display name of the policy to retrieve.
- source
Ports string[] - Set of source ports
- protocol str
- L4 Protocol
- description str
- The description of the rule.
- destination_
ports Sequence[str] - Set of destination ports
- display_
name str - The display name of the policy to retrieve.
- source_
ports Sequence[str] - Set of source ports
- protocol String
- L4 Protocol
- description String
- The description of the rule.
- destination
Ports List<String> - Set of destination ports
- display
Name String - The display name of the policy to retrieve.
- source
Ports List<String> - Set of source ports
GetPolicyIntrusionServicePolicyRuleTag
GetPolicyIntrusionServicePolicyTag
Package Details
- Repository
- nsxt vmware/terraform-provider-nsxt
- License
- Notes
- This Pulumi package is based on the
nsxtTerraform Provider.
Viewing docs for nsxt 3.12.0
published on Monday, May 18, 2026 by vmware
published on Monday, May 18, 2026 by vmware