Viewing docs for nsxt 3.11.0
published on Monday, Dec 15, 2025 by vmware
published on Monday, Dec 15, 2025 by vmware
Viewing docs for nsxt 3.11.0
published on Monday, Dec 15, 2025 by vmware
published on Monday, Dec 15, 2025 by vmware
This data source builds a “name to policy path” map of the whole policy Services table. Such map can be referenced in configuration to obtain object identifier attributes by display name at a cost of single roundtrip to NSX, which improves apply and refresh
time at scale, compared to multiple instances of nsxt.PolicyService data source.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as nsxt from "@pulumi/nsxt";
const map = nsxt.getPolicyServices({});
const dnat1 = new nsxt.PolicyNatRule("dnat1", {
displayName: "dnat_rule1",
action: "DNAT",
sourceNetworks: [
"9.1.1.1",
"9.2.1.1",
],
destinationNetworks: ["11.1.1.1"],
translatedNetworks: ["10.1.1.1"],
gatewayPath: t1gateway.path,
logging: false,
firewallMatch: "MATCH_INTERNAL_ADDRESS",
policyBasedVpnMode: "BYPASS",
service: map.then(map => map.items?.["DNS-UDP"]),
tags: [{
scope: "color",
tag: "blue",
}],
});
import pulumi
import pulumi_nsxt as nsxt
map = nsxt.get_policy_services()
dnat1 = nsxt.PolicyNatRule("dnat1",
display_name="dnat_rule1",
action="DNAT",
source_networks=[
"9.1.1.1",
"9.2.1.1",
],
destination_networks=["11.1.1.1"],
translated_networks=["10.1.1.1"],
gateway_path=t1gateway["path"],
logging=False,
firewall_match="MATCH_INTERNAL_ADDRESS",
policy_based_vpn_mode="BYPASS",
service=map.items["DNS-UDP"],
tags=[{
"scope": "color",
"tag": "blue",
}])
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/nsxt/v3/nsxt"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_map, err := nsxt.GetPolicyServices(ctx, &nsxt.GetPolicyServicesArgs{}, nil)
if err != nil {
return err
}
_, err = nsxt.NewPolicyNatRule(ctx, "dnat1", &nsxt.PolicyNatRuleArgs{
DisplayName: pulumi.String("dnat_rule1"),
Action: pulumi.String("DNAT"),
SourceNetworks: pulumi.StringArray{
pulumi.String("9.1.1.1"),
pulumi.String("9.2.1.1"),
},
DestinationNetworks: pulumi.StringArray{
pulumi.String("11.1.1.1"),
},
TranslatedNetworks: pulumi.StringArray{
pulumi.String("10.1.1.1"),
},
GatewayPath: pulumi.Any(t1gateway.Path),
Logging: pulumi.Bool(false),
FirewallMatch: pulumi.String("MATCH_INTERNAL_ADDRESS"),
PolicyBasedVpnMode: pulumi.String("BYPASS"),
Service: pulumi.String(_map.Items.DNSUDP),
Tags: nsxt.PolicyNatRuleTagArray{
&nsxt.PolicyNatRuleTagArgs{
Scope: pulumi.String("color"),
Tag: pulumi.String("blue"),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Nsxt = Pulumi.Nsxt;
return await Deployment.RunAsync(() =>
{
var map = Nsxt.GetPolicyServices.Invoke();
var dnat1 = new Nsxt.PolicyNatRule("dnat1", new()
{
DisplayName = "dnat_rule1",
Action = "DNAT",
SourceNetworks = new[]
{
"9.1.1.1",
"9.2.1.1",
},
DestinationNetworks = new[]
{
"11.1.1.1",
},
TranslatedNetworks = new[]
{
"10.1.1.1",
},
GatewayPath = t1gateway.Path,
Logging = false,
FirewallMatch = "MATCH_INTERNAL_ADDRESS",
PolicyBasedVpnMode = "BYPASS",
Service = map.Apply(getPolicyServicesResult => getPolicyServicesResult.Items?.DNS_UDP),
Tags = new[]
{
new Nsxt.Inputs.PolicyNatRuleTagArgs
{
Scope = "color",
Tag = "blue",
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.nsxt.NsxtFunctions;
import com.pulumi.nsxt.inputs.GetPolicyServicesArgs;
import com.pulumi.nsxt.PolicyNatRule;
import com.pulumi.nsxt.PolicyNatRuleArgs;
import com.pulumi.nsxt.inputs.PolicyNatRuleTagArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var map = NsxtFunctions.getPolicyServices(GetPolicyServicesArgs.builder()
.build());
var dnat1 = new PolicyNatRule("dnat1", PolicyNatRuleArgs.builder()
.displayName("dnat_rule1")
.action("DNAT")
.sourceNetworks(
"9.1.1.1",
"9.2.1.1")
.destinationNetworks("11.1.1.1")
.translatedNetworks("10.1.1.1")
.gatewayPath(t1gateway.path())
.logging(false)
.firewallMatch("MATCH_INTERNAL_ADDRESS")
.policyBasedVpnMode("BYPASS")
.service(map.items().DNS-UDP())
.tags(PolicyNatRuleTagArgs.builder()
.scope("color")
.tag("blue")
.build())
.build());
}
}
resources:
dnat1:
type: nsxt:PolicyNatRule
properties:
displayName: dnat_rule1
action: DNAT
sourceNetworks:
- 9.1.1.1
- 9.2.1.1
destinationNetworks:
- 11.1.1.1
translatedNetworks:
- 10.1.1.1
gatewayPath: ${t1gateway.path}
logging: false
firewallMatch: MATCH_INTERNAL_ADDRESS
policyBasedVpnMode: BYPASS
service: ${map.items"DNS-UDP"[%!s(MISSING)]}
tags:
- scope: color
tag: blue
variables:
map:
fn::invoke:
function: nsxt:getPolicyServices
arguments: {}
Using getPolicyServices
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getPolicyServices(args: GetPolicyServicesArgs, opts?: InvokeOptions): Promise<GetPolicyServicesResult>
function getPolicyServicesOutput(args: GetPolicyServicesOutputArgs, opts?: InvokeOptions): Output<GetPolicyServicesResult>def get_policy_services(context: Optional[GetPolicyServicesContext] = None,
id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetPolicyServicesResult
def get_policy_services_output(context: Optional[pulumi.Input[GetPolicyServicesContextArgs]] = None,
id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetPolicyServicesResult]func GetPolicyServices(ctx *Context, args *GetPolicyServicesArgs, opts ...InvokeOption) (*GetPolicyServicesResult, error)
func GetPolicyServicesOutput(ctx *Context, args *GetPolicyServicesOutputArgs, opts ...InvokeOption) GetPolicyServicesResultOutput> Note: This function is named GetPolicyServices in the Go SDK.
public static class GetPolicyServices
{
public static Task<GetPolicyServicesResult> InvokeAsync(GetPolicyServicesArgs args, InvokeOptions? opts = null)
public static Output<GetPolicyServicesResult> Invoke(GetPolicyServicesInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetPolicyServicesResult> getPolicyServices(GetPolicyServicesArgs args, InvokeOptions options)
public static Output<GetPolicyServicesResult> getPolicyServices(GetPolicyServicesArgs args, InvokeOptions options)
fn::invoke:
function: nsxt:index/getPolicyServices:getPolicyServices
arguments:
# arguments dictionaryThe following arguments are supported:
- Context
Get
Policy Services Context - The context which the object belongs to
- Id string
- Context
Get
Policy Services Context - The context which the object belongs to
- Id string
- context
Get
Policy Services Context - The context which the object belongs to
- id String
- context
Get
Policy Services Context - The context which the object belongs to
- id string
- context
Get
Policy Services Context - The context which the object belongs to
- id str
- context Property Map
- The context which the object belongs to
- id String
getPolicyServices Result
The following output properties are available:
- Id string
- Items Dictionary<string, string>
- Map of policy service policy paths keyed by display name.
- Context
Get
Policy Services Context
- Id string
- Items map[string]string
- Map of policy service policy paths keyed by display name.
- Context
Get
Policy Services Context
- id String
- items Map<String,String>
- Map of policy service policy paths keyed by display name.
- context
Get
Policy Services Context
- id string
- items {[key: string]: string}
- Map of policy service policy paths keyed by display name.
- context
Get
Policy Services Context
- id str
- items Mapping[str, str]
- Map of policy service policy paths keyed by display name.
- context
Get
Policy Services Context
- id String
- items Map<String>
- Map of policy service policy paths keyed by display name.
- context Property Map
Supporting Types
GetPolicyServicesContext
- Project
Id string - The ID of the project which the object belongs to
- Project
Id string - The ID of the project which the object belongs to
- project
Id String - The ID of the project which the object belongs to
- project
Id string - The ID of the project which the object belongs to
- project_
id str - The ID of the project which the object belongs to
- project
Id String - The ID of the project which the object belongs to
Package Details
- Repository
- nsxt vmware/terraform-provider-nsxt
- License
- Notes
- This Pulumi package is based on the
nsxtTerraform Provider.
Viewing docs for nsxt 3.11.0
published on Monday, Dec 15, 2025 by vmware
published on Monday, Dec 15, 2025 by vmware
