Viewing docs for nsxt 3.12.0
published on Monday, May 18, 2026 by vmware
published on Monday, May 18, 2026 by vmware
Viewing docs for nsxt 3.12.0
published on Monday, May 18, 2026 by vmware
published on Monday, May 18, 2026 by vmware
This data source provides information about an existing Intrusion Service Policy Rule configured on NSX. It can be useful to retrieve individual IDPS DFW rules that are managed separately from their parent policy.
NOTE: This data source retrieves standalone rules that are managed separately from their parent policy, allowing you to refer specific IDPS DFW rule in other resources. For different use cases, consider:
nsxt.PolicyIntrusionServicePolicy- For IDPS DFW Policy with embedded rulesnsxt.PolicyParentIntrusionServicePolicy- For parent IDPS DFW Policy metadata only
This data source is applicable to NSX Policy Manager (NSX version 4.2.0 onwards).
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as nsxt from "@pulumi/nsxt";
// Get parent policy for its path
const idsPolicy = nsxt.getPolicyParentIntrusionServicePolicy({
displayName: "my-ids-policy",
});
// Get individual rule from that policy
const idsRule = idsPolicy.then(idsPolicy => nsxt.getPolicyIntrusionServicePolicyRule({
displayName: "detect-threats",
policyPath: idsPolicy.path,
}));
import pulumi
import pulumi_nsxt as nsxt
# Get parent policy for its path
ids_policy = nsxt.get_policy_parent_intrusion_service_policy(display_name="my-ids-policy")
# Get individual rule from that policy
ids_rule = nsxt.get_policy_intrusion_service_policy_rule(display_name="detect-threats",
policy_path=ids_policy.path)
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/nsxt/v3/nsxt"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Get parent policy for its path
idsPolicy, err := nsxt.LookupPolicyParentIntrusionServicePolicy(ctx, &nsxt.LookupPolicyParentIntrusionServicePolicyArgs{
DisplayName: pulumi.StringRef("my-ids-policy"),
}, nil)
if err != nil {
return err
}
// Get individual rule from that policy
_, err = nsxt.LookupPolicyIntrusionServicePolicyRule(ctx, &nsxt.LookupPolicyIntrusionServicePolicyRuleArgs{
DisplayName: pulumi.StringRef("detect-threats"),
PolicyPath: idsPolicy.Path,
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Nsxt = Pulumi.Nsxt;
return await Deployment.RunAsync(() =>
{
// Get parent policy for its path
var idsPolicy = Nsxt.GetPolicyParentIntrusionServicePolicy.Invoke(new()
{
DisplayName = "my-ids-policy",
});
// Get individual rule from that policy
var idsRule = Nsxt.GetPolicyIntrusionServicePolicyRule.Invoke(new()
{
DisplayName = "detect-threats",
PolicyPath = idsPolicy.Apply(getPolicyParentIntrusionServicePolicyResult => getPolicyParentIntrusionServicePolicyResult.Path),
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.nsxt.NsxtFunctions;
import com.pulumi.nsxt.inputs.GetPolicyParentIntrusionServicePolicyArgs;
import com.pulumi.nsxt.inputs.GetPolicyIntrusionServicePolicyRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Get parent policy for its path
final var idsPolicy = NsxtFunctions.getPolicyParentIntrusionServicePolicy(GetPolicyParentIntrusionServicePolicyArgs.builder()
.displayName("my-ids-policy")
.build());
// Get individual rule from that policy
final var idsRule = NsxtFunctions.getPolicyIntrusionServicePolicyRule(GetPolicyIntrusionServicePolicyRuleArgs.builder()
.displayName("detect-threats")
.policyPath(idsPolicy.path())
.build());
}
}
variables:
# Get parent policy for its path
idsPolicy:
fn::invoke:
function: nsxt:getPolicyParentIntrusionServicePolicy
arguments:
displayName: my-ids-policy
# Get individual rule from that policy
idsRule:
fn::invoke:
function: nsxt:getPolicyIntrusionServicePolicyRule
arguments:
displayName: detect-threats
policyPath: ${idsPolicy.path}
Example coming soon!
Multi-Tenancy
import * as pulumi from "@pulumi/pulumi";
import * as nsxt from "@pulumi/nsxt";
const demoproj = nsxt.getPolicyProject({
displayName: "demoproj",
});
// Get parent policy for its path
const idsPolicy = demoproj.then(demoproj => nsxt.getPolicyParentIntrusionServicePolicy({
context: {
projectId: demoproj.id,
},
displayName: "my-ids-policy",
}));
// Get individual rule from that policy
const idsRule = Promise.all([demoproj, idsPolicy]).then(([demoproj, idsPolicy]) => nsxt.getPolicyIntrusionServicePolicyRule({
context: {
projectId: demoproj.id,
},
displayName: "detect-threats",
policyPath: idsPolicy.path,
}));
import pulumi
import pulumi_nsxt as nsxt
demoproj = nsxt.get_policy_project(display_name="demoproj")
# Get parent policy for its path
ids_policy = nsxt.get_policy_parent_intrusion_service_policy(context={
"project_id": demoproj.id,
},
display_name="my-ids-policy")
# Get individual rule from that policy
ids_rule = nsxt.get_policy_intrusion_service_policy_rule(context={
"project_id": demoproj.id,
},
display_name="detect-threats",
policy_path=ids_policy.path)
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/nsxt/v3/nsxt"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
demoproj, err := nsxt.LookupPolicyProject(ctx, &nsxt.LookupPolicyProjectArgs{
DisplayName: pulumi.StringRef("demoproj"),
}, nil)
if err != nil {
return err
}
// Get parent policy for its path
idsPolicy, err := nsxt.LookupPolicyParentIntrusionServicePolicy(ctx, &nsxt.LookupPolicyParentIntrusionServicePolicyArgs{
Context: nsxt.GetPolicyParentIntrusionServicePolicyContext{
ProjectId: demoproj.Id,
},
DisplayName: pulumi.StringRef("my-ids-policy"),
}, nil)
if err != nil {
return err
}
// Get individual rule from that policy
_, err = nsxt.LookupPolicyIntrusionServicePolicyRule(ctx, &nsxt.LookupPolicyIntrusionServicePolicyRuleArgs{
Context: nsxt.GetPolicyIntrusionServicePolicyRuleContext{
ProjectId: demoproj.Id,
},
DisplayName: pulumi.StringRef("detect-threats"),
PolicyPath: idsPolicy.Path,
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Nsxt = Pulumi.Nsxt;
return await Deployment.RunAsync(() =>
{
var demoproj = Nsxt.GetPolicyProject.Invoke(new()
{
DisplayName = "demoproj",
});
// Get parent policy for its path
var idsPolicy = Nsxt.GetPolicyParentIntrusionServicePolicy.Invoke(new()
{
Context = new Nsxt.Inputs.GetPolicyParentIntrusionServicePolicyContextInputArgs
{
ProjectId = demoproj.Apply(getPolicyProjectResult => getPolicyProjectResult.Id),
},
DisplayName = "my-ids-policy",
});
// Get individual rule from that policy
var idsRule = Nsxt.GetPolicyIntrusionServicePolicyRule.Invoke(new()
{
Context = new Nsxt.Inputs.GetPolicyIntrusionServicePolicyRuleContextInputArgs
{
ProjectId = demoproj.Apply(getPolicyProjectResult => getPolicyProjectResult.Id),
},
DisplayName = "detect-threats",
PolicyPath = idsPolicy.Apply(getPolicyParentIntrusionServicePolicyResult => getPolicyParentIntrusionServicePolicyResult.Path),
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.nsxt.NsxtFunctions;
import com.pulumi.nsxt.inputs.GetPolicyProjectArgs;
import com.pulumi.nsxt.inputs.GetPolicyParentIntrusionServicePolicyArgs;
import com.pulumi.nsxt.inputs.GetPolicyParentIntrusionServicePolicyContextArgs;
import com.pulumi.nsxt.inputs.GetPolicyIntrusionServicePolicyRuleArgs;
import com.pulumi.nsxt.inputs.GetPolicyIntrusionServicePolicyRuleContextArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var demoproj = NsxtFunctions.getPolicyProject(GetPolicyProjectArgs.builder()
.displayName("demoproj")
.build());
// Get parent policy for its path
final var idsPolicy = NsxtFunctions.getPolicyParentIntrusionServicePolicy(GetPolicyParentIntrusionServicePolicyArgs.builder()
.context(GetPolicyParentIntrusionServicePolicyContextArgs.builder()
.projectId(demoproj.id())
.build())
.displayName("my-ids-policy")
.build());
// Get individual rule from that policy
final var idsRule = NsxtFunctions.getPolicyIntrusionServicePolicyRule(GetPolicyIntrusionServicePolicyRuleArgs.builder()
.context(GetPolicyIntrusionServicePolicyRuleContextArgs.builder()
.projectId(demoproj.id())
.build())
.displayName("detect-threats")
.policyPath(idsPolicy.path())
.build());
}
}
variables:
demoproj:
fn::invoke:
function: nsxt:getPolicyProject
arguments:
displayName: demoproj
# Get parent policy for its path
idsPolicy:
fn::invoke:
function: nsxt:getPolicyParentIntrusionServicePolicy
arguments:
context:
projectId: ${demoproj.id}
displayName: my-ids-policy
# Get individual rule from that policy
idsRule:
fn::invoke:
function: nsxt:getPolicyIntrusionServicePolicyRule
arguments:
context:
projectId: ${demoproj.id}
displayName: detect-threats
policyPath: ${idsPolicy.path}
Example coming soon!
Using getPolicyIntrusionServicePolicyRule
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getPolicyIntrusionServicePolicyRule(args: GetPolicyIntrusionServicePolicyRuleArgs, opts?: InvokeOptions): Promise<GetPolicyIntrusionServicePolicyRuleResult>
function getPolicyIntrusionServicePolicyRuleOutput(args: GetPolicyIntrusionServicePolicyRuleOutputArgs, opts?: InvokeOptions): Output<GetPolicyIntrusionServicePolicyRuleResult>def get_policy_intrusion_service_policy_rule(context: Optional[GetPolicyIntrusionServicePolicyRuleContext] = None,
description: Optional[str] = None,
direction: Optional[str] = None,
display_name: Optional[str] = None,
domain: Optional[str] = None,
id: Optional[str] = None,
ip_version: Optional[str] = None,
oversubscription: Optional[str] = None,
policy_path: Optional[str] = None,
tags: Optional[Sequence[GetPolicyIntrusionServicePolicyRuleTag]] = None,
opts: Optional[InvokeOptions] = None) -> GetPolicyIntrusionServicePolicyRuleResult
def get_policy_intrusion_service_policy_rule_output(context: pulumi.Input[Optional[GetPolicyIntrusionServicePolicyRuleContextArgs]] = None,
description: pulumi.Input[Optional[str]] = None,
direction: pulumi.Input[Optional[str]] = None,
display_name: pulumi.Input[Optional[str]] = None,
domain: pulumi.Input[Optional[str]] = None,
id: pulumi.Input[Optional[str]] = None,
ip_version: pulumi.Input[Optional[str]] = None,
oversubscription: pulumi.Input[Optional[str]] = None,
policy_path: pulumi.Input[Optional[str]] = None,
tags: pulumi.Input[Optional[Sequence[pulumi.Input[GetPolicyIntrusionServicePolicyRuleTagArgs]]]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetPolicyIntrusionServicePolicyRuleResult]func LookupPolicyIntrusionServicePolicyRule(ctx *Context, args *LookupPolicyIntrusionServicePolicyRuleArgs, opts ...InvokeOption) (*LookupPolicyIntrusionServicePolicyRuleResult, error)
func LookupPolicyIntrusionServicePolicyRuleOutput(ctx *Context, args *LookupPolicyIntrusionServicePolicyRuleOutputArgs, opts ...InvokeOption) LookupPolicyIntrusionServicePolicyRuleResultOutput> Note: This function is named LookupPolicyIntrusionServicePolicyRule in the Go SDK.
public static class GetPolicyIntrusionServicePolicyRule
{
public static Task<GetPolicyIntrusionServicePolicyRuleResult> InvokeAsync(GetPolicyIntrusionServicePolicyRuleArgs args, InvokeOptions? opts = null)
public static Output<GetPolicyIntrusionServicePolicyRuleResult> Invoke(GetPolicyIntrusionServicePolicyRuleInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetPolicyIntrusionServicePolicyRuleResult> getPolicyIntrusionServicePolicyRule(GetPolicyIntrusionServicePolicyRuleArgs args, InvokeOptions options)
public static Output<GetPolicyIntrusionServicePolicyRuleResult> getPolicyIntrusionServicePolicyRule(GetPolicyIntrusionServicePolicyRuleArgs args, InvokeOptions options)
fn::invoke:
function: nsxt:index/getPolicyIntrusionServicePolicyRule:getPolicyIntrusionServicePolicyRule
arguments:
# arguments dictionarydata "nsxt_getpolicyintrusionservicepolicyrule" "name" {
# arguments
}The following arguments are supported:
- Policy
Path string - The path of the parent policy containing this rule.
- Context
Get
Policy Intrusion Service Policy Rule Context - The context which the object belongs to
- Description string
- The description of the resource.
- Direction string
- Traffic direction.
- Display
Name string - The display name of the rule to retrieve.
- Domain string
- The domain of the policy containing this rule. Defaults to
default. - Id string
- The ID of the rule to retrieve.
- Ip
Version string - IP version.
- Oversubscription string
- Indicates how rule performs when oversubscribed.
-
List<Get
Policy Intrusion Service Policy Rule Tag> - A list of scope + tag pairs to associate with this rule.
- Policy
Path string - The path of the parent policy containing this rule.
- Context
Get
Policy Intrusion Service Policy Rule Context - The context which the object belongs to
- Description string
- The description of the resource.
- Direction string
- Traffic direction.
- Display
Name string - The display name of the rule to retrieve.
- Domain string
- The domain of the policy containing this rule. Defaults to
default. - Id string
- The ID of the rule to retrieve.
- Ip
Version string - IP version.
- Oversubscription string
- Indicates how rule performs when oversubscribed.
-
[]Get
Policy Intrusion Service Policy Rule Tag - A list of scope + tag pairs to associate with this rule.
- policy_
path string - The path of the parent policy containing this rule.
- context object
- The context which the object belongs to
- description string
- The description of the resource.
- direction string
- Traffic direction.
- display_
name string - The display name of the rule to retrieve.
- domain string
- The domain of the policy containing this rule. Defaults to
default. - id string
- The ID of the rule to retrieve.
- ip_
version string - IP version.
- oversubscription string
- Indicates how rule performs when oversubscribed.
- list(object)
- A list of scope + tag pairs to associate with this rule.
- policy
Path String - The path of the parent policy containing this rule.
- context
Get
Policy Intrusion Service Policy Rule Context - The context which the object belongs to
- description String
- The description of the resource.
- direction String
- Traffic direction.
- display
Name String - The display name of the rule to retrieve.
- domain String
- The domain of the policy containing this rule. Defaults to
default. - id String
- The ID of the rule to retrieve.
- ip
Version String - IP version.
- oversubscription String
- Indicates how rule performs when oversubscribed.
-
List<Get
Policy Intrusion Service Policy Rule Tag> - A list of scope + tag pairs to associate with this rule.
- policy
Path string - The path of the parent policy containing this rule.
- context
Get
Policy Intrusion Service Policy Rule Context - The context which the object belongs to
- description string
- The description of the resource.
- direction string
- Traffic direction.
- display
Name string - The display name of the rule to retrieve.
- domain string
- The domain of the policy containing this rule. Defaults to
default. - id string
- The ID of the rule to retrieve.
- ip
Version string - IP version.
- oversubscription string
- Indicates how rule performs when oversubscribed.
-
Get
Policy Intrusion Service Policy Rule Tag[] - A list of scope + tag pairs to associate with this rule.
- policy_
path str - The path of the parent policy containing this rule.
- context
Get
Policy Intrusion Service Policy Rule Context - The context which the object belongs to
- description str
- The description of the resource.
- direction str
- Traffic direction.
- display_
name str - The display name of the rule to retrieve.
- domain str
- The domain of the policy containing this rule. Defaults to
default. - id str
- The ID of the rule to retrieve.
- ip_
version str - IP version.
- oversubscription str
- Indicates how rule performs when oversubscribed.
-
Sequence[Get
Policy Intrusion Service Policy Rule Tag] - A list of scope + tag pairs to associate with this rule.
- policy
Path String - The path of the parent policy containing this rule.
- context Property Map
- The context which the object belongs to
- description String
- The description of the resource.
- direction String
- Traffic direction.
- display
Name String - The display name of the rule to retrieve.
- domain String
- The domain of the policy containing this rule. Defaults to
default. - id String
- The ID of the rule to retrieve.
- ip
Version String - IP version.
- oversubscription String
- Indicates how rule performs when oversubscribed.
- List<Property Map>
- A list of scope + tag pairs to associate with this rule.
getPolicyIntrusionServicePolicyRule Result
The following output properties are available:
- Action string
- Action for this rule.
- Description string
- The description of the resource.
- Destination
Groups List<string> - List of destination groups.
- Destinations
Excluded bool - Flag to indicate whether destinations are negated.
- Direction string
- Traffic direction.
- Disabled bool
- Flag to disable the rule.
- Display
Name string - Id string
- Ids
Profiles List<string> - List of IDS profiles for this rule.
- Ip
Version string - IP version.
- Log
Label string - Additional information which will be propagated to the rule syslog.
- Logged bool
- Flag to enable logging.
- Notes string
- Text for additional notes on changes for the rule.
- Oversubscription string
- Indicates how rule performs when oversubscribed.
- Path string
- The NSX path of the rule resource.
- Policy
Path string - Revision double
- Indicates current revision number of the object as seen by NSX-T API server.
- Rule
Id double - Unique positive number that is assigned by the system and is useful for debugging.
- Scopes List<string>
- List of policy objects where the rule is enforced.
- Sequence
Number double - The sequence number of the rule.
- Services List<string>
- List of services.
- Source
Groups List<string> - List of source groups.
- Sources
Excluded bool - Flag to indicate whether sources are negated.
- Context
Get
Policy Intrusion Service Policy Rule Context - Domain string
-
List<Get
Policy Intrusion Service Policy Rule Tag> - A list of scope + tag pairs to associate with this rule.
- Action string
- Action for this rule.
- Description string
- The description of the resource.
- Destination
Groups []string - List of destination groups.
- Destinations
Excluded bool - Flag to indicate whether destinations are negated.
- Direction string
- Traffic direction.
- Disabled bool
- Flag to disable the rule.
- Display
Name string - Id string
- Ids
Profiles []string - List of IDS profiles for this rule.
- Ip
Version string - IP version.
- Log
Label string - Additional information which will be propagated to the rule syslog.
- Logged bool
- Flag to enable logging.
- Notes string
- Text for additional notes on changes for the rule.
- Oversubscription string
- Indicates how rule performs when oversubscribed.
- Path string
- The NSX path of the rule resource.
- Policy
Path string - Revision float64
- Indicates current revision number of the object as seen by NSX-T API server.
- Rule
Id float64 - Unique positive number that is assigned by the system and is useful for debugging.
- Scopes []string
- List of policy objects where the rule is enforced.
- Sequence
Number float64 - The sequence number of the rule.
- Services []string
- List of services.
- Source
Groups []string - List of source groups.
- Sources
Excluded bool - Flag to indicate whether sources are negated.
- Context
Get
Policy Intrusion Service Policy Rule Context - Domain string
-
[]Get
Policy Intrusion Service Policy Rule Tag - A list of scope + tag pairs to associate with this rule.
- action string
- Action for this rule.
- description string
- The description of the resource.
- destination_
groups list(string) - List of destination groups.
- destinations_
excluded bool - Flag to indicate whether destinations are negated.
- direction string
- Traffic direction.
- disabled bool
- Flag to disable the rule.
- display_
name string - id string
- ids_
profiles list(string) - List of IDS profiles for this rule.
- ip_
version string - IP version.
- log_
label string - Additional information which will be propagated to the rule syslog.
- logged bool
- Flag to enable logging.
- notes string
- Text for additional notes on changes for the rule.
- oversubscription string
- Indicates how rule performs when oversubscribed.
- path string
- The NSX path of the rule resource.
- policy_
path string - revision number
- Indicates current revision number of the object as seen by NSX-T API server.
- rule_
id number - Unique positive number that is assigned by the system and is useful for debugging.
- scopes list(string)
- List of policy objects where the rule is enforced.
- sequence_
number number - The sequence number of the rule.
- services list(string)
- List of services.
- source_
groups list(string) - List of source groups.
- sources_
excluded bool - Flag to indicate whether sources are negated.
- context object
- domain string
- list(object)
- A list of scope + tag pairs to associate with this rule.
- action String
- Action for this rule.
- description String
- The description of the resource.
- destination
Groups List<String> - List of destination groups.
- destinations
Excluded Boolean - Flag to indicate whether destinations are negated.
- direction String
- Traffic direction.
- disabled Boolean
- Flag to disable the rule.
- display
Name String - id String
- ids
Profiles List<String> - List of IDS profiles for this rule.
- ip
Version String - IP version.
- log
Label String - Additional information which will be propagated to the rule syslog.
- logged Boolean
- Flag to enable logging.
- notes String
- Text for additional notes on changes for the rule.
- oversubscription String
- Indicates how rule performs when oversubscribed.
- path String
- The NSX path of the rule resource.
- policy
Path String - revision Double
- Indicates current revision number of the object as seen by NSX-T API server.
- rule
Id Double - Unique positive number that is assigned by the system and is useful for debugging.
- scopes List<String>
- List of policy objects where the rule is enforced.
- sequence
Number Double - The sequence number of the rule.
- services List<String>
- List of services.
- source
Groups List<String> - List of source groups.
- sources
Excluded Boolean - Flag to indicate whether sources are negated.
- context
Get
Policy Intrusion Service Policy Rule Context - domain String
-
List<Get
Policy Intrusion Service Policy Rule Tag> - A list of scope + tag pairs to associate with this rule.
- action string
- Action for this rule.
- description string
- The description of the resource.
- destination
Groups string[] - List of destination groups.
- destinations
Excluded boolean - Flag to indicate whether destinations are negated.
- direction string
- Traffic direction.
- disabled boolean
- Flag to disable the rule.
- display
Name string - id string
- ids
Profiles string[] - List of IDS profiles for this rule.
- ip
Version string - IP version.
- log
Label string - Additional information which will be propagated to the rule syslog.
- logged boolean
- Flag to enable logging.
- notes string
- Text for additional notes on changes for the rule.
- oversubscription string
- Indicates how rule performs when oversubscribed.
- path string
- The NSX path of the rule resource.
- policy
Path string - revision number
- Indicates current revision number of the object as seen by NSX-T API server.
- rule
Id number - Unique positive number that is assigned by the system and is useful for debugging.
- scopes string[]
- List of policy objects where the rule is enforced.
- sequence
Number number - The sequence number of the rule.
- services string[]
- List of services.
- source
Groups string[] - List of source groups.
- sources
Excluded boolean - Flag to indicate whether sources are negated.
- context
Get
Policy Intrusion Service Policy Rule Context - domain string
-
Get
Policy Intrusion Service Policy Rule Tag[] - A list of scope + tag pairs to associate with this rule.
- action str
- Action for this rule.
- description str
- The description of the resource.
- destination_
groups Sequence[str] - List of destination groups.
- destinations_
excluded bool - Flag to indicate whether destinations are negated.
- direction str
- Traffic direction.
- disabled bool
- Flag to disable the rule.
- display_
name str - id str
- ids_
profiles Sequence[str] - List of IDS profiles for this rule.
- ip_
version str - IP version.
- log_
label str - Additional information which will be propagated to the rule syslog.
- logged bool
- Flag to enable logging.
- notes str
- Text for additional notes on changes for the rule.
- oversubscription str
- Indicates how rule performs when oversubscribed.
- path str
- The NSX path of the rule resource.
- policy_
path str - revision float
- Indicates current revision number of the object as seen by NSX-T API server.
- rule_
id float - Unique positive number that is assigned by the system and is useful for debugging.
- scopes Sequence[str]
- List of policy objects where the rule is enforced.
- sequence_
number float - The sequence number of the rule.
- services Sequence[str]
- List of services.
- source_
groups Sequence[str] - List of source groups.
- sources_
excluded bool - Flag to indicate whether sources are negated.
- context
Get
Policy Intrusion Service Policy Rule Context - domain str
-
Sequence[Get
Policy Intrusion Service Policy Rule Tag] - A list of scope + tag pairs to associate with this rule.
- action String
- Action for this rule.
- description String
- The description of the resource.
- destination
Groups List<String> - List of destination groups.
- destinations
Excluded Boolean - Flag to indicate whether destinations are negated.
- direction String
- Traffic direction.
- disabled Boolean
- Flag to disable the rule.
- display
Name String - id String
- ids
Profiles List<String> - List of IDS profiles for this rule.
- ip
Version String - IP version.
- log
Label String - Additional information which will be propagated to the rule syslog.
- logged Boolean
- Flag to enable logging.
- notes String
- Text for additional notes on changes for the rule.
- oversubscription String
- Indicates how rule performs when oversubscribed.
- path String
- The NSX path of the rule resource.
- policy
Path String - revision Number
- Indicates current revision number of the object as seen by NSX-T API server.
- rule
Id Number - Unique positive number that is assigned by the system and is useful for debugging.
- scopes List<String>
- List of policy objects where the rule is enforced.
- sequence
Number Number - The sequence number of the rule.
- services List<String>
- List of services.
- source
Groups List<String> - List of source groups.
- sources
Excluded Boolean - Flag to indicate whether sources are negated.
- context Property Map
- domain String
- List<Property Map>
- A list of scope + tag pairs to associate with this rule.
Supporting Types
GetPolicyIntrusionServicePolicyRuleContext
- Project
Id string - The ID of the project which the object belongs to
- Project
Id string - The ID of the project which the object belongs to
- project_
id string - The ID of the project which the object belongs to
- project
Id String - The ID of the project which the object belongs to
- project
Id string - The ID of the project which the object belongs to
- project_
id str - The ID of the project which the object belongs to
- project
Id String - The ID of the project which the object belongs to
GetPolicyIntrusionServicePolicyRuleTag
Package Details
- Repository
- nsxt vmware/terraform-provider-nsxt
- License
- Notes
- This Pulumi package is based on the
nsxtTerraform Provider.
Viewing docs for nsxt 3.12.0
published on Monday, May 18, 2026 by vmware
published on Monday, May 18, 2026 by vmware