nsxt 3.8.1, Apr 30 25

nsxt 3.8.1 published on Wednesday, Apr 30, 2025 by vmware

nsxt.PolicyGroup

Explore with Pulumi AI

nsxt 3.8.1 published on Wednesday, Apr 30, 2025 by vmware

Create PolicyGroup Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new PolicyGroup(name: string, args: PolicyGroupArgs, opts?: CustomResourceOptions);

@overload
def PolicyGroup(resource_name: str,
                args: PolicyGroupArgs,
                opts: Optional[ResourceOptions] = None)

@overload
def PolicyGroup(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                display_name: Optional[str] = None,
                conjunctions: Optional[Sequence[PolicyGroupConjunctionArgs]] = None,
                context: Optional[PolicyGroupContextArgs] = None,
                criterias: Optional[Sequence[PolicyGroupCriteriaArgs]] = None,
                description: Optional[str] = None,
                domain: Optional[str] = None,
                extended_criteria: Optional[PolicyGroupExtendedCriteriaArgs] = None,
                group_type: Optional[str] = None,
                nsx_id: Optional[str] = None,
                policy_group_id: Optional[str] = None,
                tags: Optional[Sequence[PolicyGroupTagArgs]] = None)

func NewPolicyGroup(ctx *Context, name string, args PolicyGroupArgs, opts ...ResourceOption) (*PolicyGroup, error)

public PolicyGroup(string name, PolicyGroupArgs args, CustomResourceOptions? opts = null)

public PolicyGroup(String name, PolicyGroupArgs args)
public PolicyGroup(String name, PolicyGroupArgs args, CustomResourceOptions options)

type: nsxt:PolicyGroup
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args PolicyGroupArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args PolicyGroupArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args PolicyGroupArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args PolicyGroupArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args PolicyGroupArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var policyGroupResource = new Nsxt.PolicyGroup("policyGroupResource", new()
{
    DisplayName = "string",
    Conjunctions = new[]
    {
        new Nsxt.Inputs.PolicyGroupConjunctionArgs
        {
            Operator = "string",
        },
    },
    Context = new Nsxt.Inputs.PolicyGroupContextArgs
    {
        ProjectId = "string",
    },
    Criterias = new[]
    {
        new Nsxt.Inputs.PolicyGroupCriteriaArgs
        {
            Conditions = new[]
            {
                new Nsxt.Inputs.PolicyGroupCriteriaConditionArgs
                {
                    Key = "string",
                    MemberType = "string",
                    Operator = "string",
                    Value = "string",
                },
            },
            ExternalIdExpressions = new[]
            {
                new Nsxt.Inputs.PolicyGroupCriteriaExternalIdExpressionArgs
                {
                    ExternalIds = new[]
                    {
                        "string",
                    },
                    MemberType = "string",
                },
            },
            IpaddressExpression = new Nsxt.Inputs.PolicyGroupCriteriaIpaddressExpressionArgs
            {
                IpAddresses = new[]
                {
                    "string",
                },
            },
            MacaddressExpression = new Nsxt.Inputs.PolicyGroupCriteriaMacaddressExpressionArgs
            {
                MacAddresses = new[]
                {
                    "string",
                },
            },
            PathExpression = new Nsxt.Inputs.PolicyGroupCriteriaPathExpressionArgs
            {
                MemberPaths = new[]
                {
                    "string",
                },
            },
        },
    },
    Description = "string",
    Domain = "string",
    ExtendedCriteria = new Nsxt.Inputs.PolicyGroupExtendedCriteriaArgs
    {
        IdentityGroups = new[]
        {
            new Nsxt.Inputs.PolicyGroupExtendedCriteriaIdentityGroupArgs
            {
                DistinguishedName = "string",
                DomainBaseDistinguishedName = "string",
                Sid = "string",
            },
        },
    },
    GroupType = "string",
    NsxId = "string",
    PolicyGroupId = "string",
    Tags = new[]
    {
        new Nsxt.Inputs.PolicyGroupTagArgs
        {
            Scope = "string",
            Tag = "string",
        },
    },
});

example, err := nsxt.NewPolicyGroup(ctx, "policyGroupResource", &nsxt.PolicyGroupArgs{
	DisplayName: pulumi.String("string"),
	Conjunctions: nsxt.PolicyGroupConjunctionArray{
		&nsxt.PolicyGroupConjunctionArgs{
			Operator: pulumi.String("string"),
		},
	},
	Context: &nsxt.PolicyGroupContextArgs{
		ProjectId: pulumi.String("string"),
	},
	Criterias: nsxt.PolicyGroupCriteriaArray{
		&nsxt.PolicyGroupCriteriaArgs{
			Conditions: nsxt.PolicyGroupCriteriaConditionArray{
				&nsxt.PolicyGroupCriteriaConditionArgs{
					Key:        pulumi.String("string"),
					MemberType: pulumi.String("string"),
					Operator:   pulumi.String("string"),
					Value:      pulumi.String("string"),
				},
			},
			ExternalIdExpressions: nsxt.PolicyGroupCriteriaExternalIdExpressionArray{
				&nsxt.PolicyGroupCriteriaExternalIdExpressionArgs{
					ExternalIds: pulumi.StringArray{
						pulumi.String("string"),
					},
					MemberType: pulumi.String("string"),
				},
			},
			IpaddressExpression: &nsxt.PolicyGroupCriteriaIpaddressExpressionArgs{
				IpAddresses: pulumi.StringArray{
					pulumi.String("string"),
				},
			},
			MacaddressExpression: &nsxt.PolicyGroupCriteriaMacaddressExpressionArgs{
				MacAddresses: pulumi.StringArray{
					pulumi.String("string"),
				},
			},
			PathExpression: &nsxt.PolicyGroupCriteriaPathExpressionArgs{
				MemberPaths: pulumi.StringArray{
					pulumi.String("string"),
				},
			},
		},
	},
	Description: pulumi.String("string"),
	Domain:      pulumi.String("string"),
	ExtendedCriteria: &nsxt.PolicyGroupExtendedCriteriaArgs{
		IdentityGroups: nsxt.PolicyGroupExtendedCriteriaIdentityGroupArray{
			&nsxt.PolicyGroupExtendedCriteriaIdentityGroupArgs{
				DistinguishedName:           pulumi.String("string"),
				DomainBaseDistinguishedName: pulumi.String("string"),
				Sid:                         pulumi.String("string"),
			},
		},
	},
	GroupType:     pulumi.String("string"),
	NsxId:         pulumi.String("string"),
	PolicyGroupId: pulumi.String("string"),
	Tags: nsxt.PolicyGroupTagArray{
		&nsxt.PolicyGroupTagArgs{
			Scope: pulumi.String("string"),
			Tag:   pulumi.String("string"),
		},
	},
})

var policyGroupResource = new PolicyGroup("policyGroupResource", PolicyGroupArgs.builder()
    .displayName("string")
    .conjunctions(PolicyGroupConjunctionArgs.builder()
        .operator("string")
        .build())
    .context(PolicyGroupContextArgs.builder()
        .projectId("string")
        .build())
    .criterias(PolicyGroupCriteriaArgs.builder()
        .conditions(PolicyGroupCriteriaConditionArgs.builder()
            .key("string")
            .memberType("string")
            .operator("string")
            .value("string")
            .build())
        .externalIdExpressions(PolicyGroupCriteriaExternalIdExpressionArgs.builder()
            .externalIds("string")
            .memberType("string")
            .build())
        .ipaddressExpression(PolicyGroupCriteriaIpaddressExpressionArgs.builder()
            .ipAddresses("string")
            .build())
        .macaddressExpression(PolicyGroupCriteriaMacaddressExpressionArgs.builder()
            .macAddresses("string")
            .build())
        .pathExpression(PolicyGroupCriteriaPathExpressionArgs.builder()
            .memberPaths("string")
            .build())
        .build())
    .description("string")
    .domain("string")
    .extendedCriteria(PolicyGroupExtendedCriteriaArgs.builder()
        .identityGroups(PolicyGroupExtendedCriteriaIdentityGroupArgs.builder()
            .distinguishedName("string")
            .domainBaseDistinguishedName("string")
            .sid("string")
            .build())
        .build())
    .groupType("string")
    .nsxId("string")
    .policyGroupId("string")
    .tags(PolicyGroupTagArgs.builder()
        .scope("string")
        .tag("string")
        .build())
    .build());

policy_group_resource = nsxt.PolicyGroup("policyGroupResource",
    display_name="string",
    conjunctions=[{
        "operator": "string",
    }],
    context={
        "project_id": "string",
    },
    criterias=[{
        "conditions": [{
            "key": "string",
            "member_type": "string",
            "operator": "string",
            "value": "string",
        }],
        "external_id_expressions": [{
            "external_ids": ["string"],
            "member_type": "string",
        }],
        "ipaddress_expression": {
            "ip_addresses": ["string"],
        },
        "macaddress_expression": {
            "mac_addresses": ["string"],
        },
        "path_expression": {
            "member_paths": ["string"],
        },
    }],
    description="string",
    domain="string",
    extended_criteria={
        "identity_groups": [{
            "distinguished_name": "string",
            "domain_base_distinguished_name": "string",
            "sid": "string",
        }],
    },
    group_type="string",
    nsx_id="string",
    policy_group_id="string",
    tags=[{
        "scope": "string",
        "tag": "string",
    }])

const policyGroupResource = new nsxt.PolicyGroup("policyGroupResource", {
    displayName: "string",
    conjunctions: [{
        operator: "string",
    }],
    context: {
        projectId: "string",
    },
    criterias: [{
        conditions: [{
            key: "string",
            memberType: "string",
            operator: "string",
            value: "string",
        }],
        externalIdExpressions: [{
            externalIds: ["string"],
            memberType: "string",
        }],
        ipaddressExpression: {
            ipAddresses: ["string"],
        },
        macaddressExpression: {
            macAddresses: ["string"],
        },
        pathExpression: {
            memberPaths: ["string"],
        },
    }],
    description: "string",
    domain: "string",
    extendedCriteria: {
        identityGroups: [{
            distinguishedName: "string",
            domainBaseDistinguishedName: "string",
            sid: "string",
        }],
    },
    groupType: "string",
    nsxId: "string",
    policyGroupId: "string",
    tags: [{
        scope: "string",
        tag: "string",
    }],
});

type: nsxt:PolicyGroup
properties:
    conjunctions:
        - operator: string
    context:
        projectId: string
    criterias:
        - conditions:
            - key: string
              memberType: string
              operator: string
              value: string
          externalIdExpressions:
            - externalIds:
                - string
              memberType: string
          ipaddressExpression:
            ipAddresses:
                - string
          macaddressExpression:
            macAddresses:
                - string
          pathExpression:
            memberPaths:
                - string
    description: string
    displayName: string
    domain: string
    extendedCriteria:
        identityGroups:
            - distinguishedName: string
              domainBaseDistinguishedName: string
              sid: string
    groupType: string
    nsxId: string
    policyGroupId: string
    tags:
        - scope: string
          tag: string

PolicyGroup Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The PolicyGroup resource accepts the following input properties:

DisplayName string: Display name of the resource.
Conjunctions List<PolicyGroupConjunction>: When specifying multiple criteria, a conjunction is used to specify if the criteria should selected using AND or OR.
Context PolicyGroupContext: The context which the object belongs to
Criterias List<PolicyGroupCriteria>: A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a conjunction. In a criteria block the following membership selection expressions can be used:
Description string: Description of the resource.
Domain string: The domain to use for the Group. This domain must already exist. For VMware Cloud on AWS use cgw. For Global Manager, please use site id for this field. If not specified, this field is default to default.
ExtendedCriteria PolicyGroupExtendedCriteria: A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that extended_criteria is implicitly AND with criteria.
GroupType string: One of IPAddress, ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. Note that updating this attribute will trigger recreation of the group.
NsxId string: The NSX ID of this resource. If set, this ID will be used to create the group resource.
PolicyGroupId string: ID of the Group.
Tags List<PolicyGroupTag>: A list of scope + tag pairs to associate with this Group.

DisplayName string: Display name of the resource.
Conjunctions []PolicyGroupConjunctionArgs: When specifying multiple criteria, a conjunction is used to specify if the criteria should selected using AND or OR.
Context PolicyGroupContextArgs: The context which the object belongs to
Criterias []PolicyGroupCriteriaArgs: A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a conjunction. In a criteria block the following membership selection expressions can be used:
Description string: Description of the resource.
Domain string: The domain to use for the Group. This domain must already exist. For VMware Cloud on AWS use cgw. For Global Manager, please use site id for this field. If not specified, this field is default to default.
ExtendedCriteria PolicyGroupExtendedCriteriaArgs: A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that extended_criteria is implicitly AND with criteria.
GroupType string: One of IPAddress, ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. Note that updating this attribute will trigger recreation of the group.
NsxId string: The NSX ID of this resource. If set, this ID will be used to create the group resource.
PolicyGroupId string: ID of the Group.
Tags []PolicyGroupTagArgs: A list of scope + tag pairs to associate with this Group.

displayName String: Display name of the resource.
conjunctions List<PolicyGroupConjunction>: When specifying multiple criteria, a conjunction is used to specify if the criteria should selected using AND or OR.
context PolicyGroupContext: The context which the object belongs to
criterias List<PolicyGroupCriteria>: A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a conjunction. In a criteria block the following membership selection expressions can be used:
description String: Description of the resource.
domain String: The domain to use for the Group. This domain must already exist. For VMware Cloud on AWS use cgw. For Global Manager, please use site id for this field. If not specified, this field is default to default.
extendedCriteria PolicyGroupExtendedCriteria: A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that extended_criteria is implicitly AND with criteria.
groupType String: One of IPAddress, ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. Note that updating this attribute will trigger recreation of the group.
nsxId String: The NSX ID of this resource. If set, this ID will be used to create the group resource.
policyGroupId String: ID of the Group.
tags List<PolicyGroupTag>: A list of scope + tag pairs to associate with this Group.

displayName string: Display name of the resource.
conjunctions PolicyGroupConjunction[]: When specifying multiple criteria, a conjunction is used to specify if the criteria should selected using AND or OR.
context PolicyGroupContext: The context which the object belongs to
criterias PolicyGroupCriteria[]: A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a conjunction. In a criteria block the following membership selection expressions can be used:
description string: Description of the resource.
domain string: The domain to use for the Group. This domain must already exist. For VMware Cloud on AWS use cgw. For Global Manager, please use site id for this field. If not specified, this field is default to default.
extendedCriteria PolicyGroupExtendedCriteria: A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that extended_criteria is implicitly AND with criteria.
groupType string: One of IPAddress, ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. Note that updating this attribute will trigger recreation of the group.
nsxId string: The NSX ID of this resource. If set, this ID will be used to create the group resource.
policyGroupId string: ID of the Group.
tags PolicyGroupTag[]: A list of scope + tag pairs to associate with this Group.

display_name str: Display name of the resource.
conjunctions Sequence[PolicyGroupConjunctionArgs]: When specifying multiple criteria, a conjunction is used to specify if the criteria should selected using AND or OR.
context PolicyGroupContextArgs: The context which the object belongs to
criterias Sequence[PolicyGroupCriteriaArgs]: A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a conjunction. In a criteria block the following membership selection expressions can be used:
description str: Description of the resource.
domain str: The domain to use for the Group. This domain must already exist. For VMware Cloud on AWS use cgw. For Global Manager, please use site id for this field. If not specified, this field is default to default.
extended_criteria PolicyGroupExtendedCriteriaArgs: A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that extended_criteria is implicitly AND with criteria.
group_type str: One of IPAddress, ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. Note that updating this attribute will trigger recreation of the group.
nsx_id str: The NSX ID of this resource. If set, this ID will be used to create the group resource.
policy_group_id str: ID of the Group.
tags Sequence[PolicyGroupTagArgs]: A list of scope + tag pairs to associate with this Group.

displayName String: Display name of the resource.
conjunctions List<Property Map>: When specifying multiple criteria, a conjunction is used to specify if the criteria should selected using AND or OR.
context Property Map: The context which the object belongs to
criterias List<Property Map>: A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a conjunction. In a criteria block the following membership selection expressions can be used:
description String: Description of the resource.
domain String: The domain to use for the Group. This domain must already exist. For VMware Cloud on AWS use cgw. For Global Manager, please use site id for this field. If not specified, this field is default to default.
extendedCriteria Property Map: A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that extended_criteria is implicitly AND with criteria.
groupType String: One of IPAddress, ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. Note that updating this attribute will trigger recreation of the group.
nsxId String: The NSX ID of this resource. If set, this ID will be used to create the group resource.
policyGroupId String: ID of the Group.
tags List<Property Map>: A list of scope + tag pairs to associate with this Group.

Outputs

All input properties are implicitly available as output properties. Additionally, the PolicyGroup resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
Path string: The NSX path of the policy resource.
Revision double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

Id string: The provider-assigned unique ID for this managed resource.
Path string: The NSX path of the policy resource.
Revision float64: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id String: The provider-assigned unique ID for this managed resource.
path String: The NSX path of the policy resource.
revision Double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id string: The provider-assigned unique ID for this managed resource.
path string: The NSX path of the policy resource.
revision number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id str: The provider-assigned unique ID for this managed resource.
path str: The NSX path of the policy resource.
revision float: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id String: The provider-assigned unique ID for this managed resource.
path String: The NSX path of the policy resource.
revision Number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

Look up Existing PolicyGroup Resource

Get an existing PolicyGroup resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: PolicyGroupState, opts?: CustomResourceOptions): PolicyGroup

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        conjunctions: Optional[Sequence[PolicyGroupConjunctionArgs]] = None,
        context: Optional[PolicyGroupContextArgs] = None,
        criterias: Optional[Sequence[PolicyGroupCriteriaArgs]] = None,
        description: Optional[str] = None,
        display_name: Optional[str] = None,
        domain: Optional[str] = None,
        extended_criteria: Optional[PolicyGroupExtendedCriteriaArgs] = None,
        group_type: Optional[str] = None,
        nsx_id: Optional[str] = None,
        path: Optional[str] = None,
        policy_group_id: Optional[str] = None,
        revision: Optional[float] = None,
        tags: Optional[Sequence[PolicyGroupTagArgs]] = None) -> PolicyGroup

func GetPolicyGroup(ctx *Context, name string, id IDInput, state *PolicyGroupState, opts ...ResourceOption) (*PolicyGroup, error)

public static PolicyGroup Get(string name, Input<string> id, PolicyGroupState? state, CustomResourceOptions? opts = null)

public static PolicyGroup get(String name, Output<String> id, PolicyGroupState state, CustomResourceOptions options)

resources:  _:    type: nsxt:PolicyGroup    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Conjunctions List<PolicyGroupConjunction>: When specifying multiple criteria, a conjunction is used to specify if the criteria should selected using AND or OR.
Context PolicyGroupContext: The context which the object belongs to
Criterias List<PolicyGroupCriteria>: A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a conjunction. In a criteria block the following membership selection expressions can be used:
Description string: Description of the resource.
DisplayName string: Display name of the resource.
Domain string: The domain to use for the Group. This domain must already exist. For VMware Cloud on AWS use cgw. For Global Manager, please use site id for this field. If not specified, this field is default to default.
ExtendedCriteria PolicyGroupExtendedCriteria: A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that extended_criteria is implicitly AND with criteria.
GroupType string: One of IPAddress, ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. Note that updating this attribute will trigger recreation of the group.
NsxId string: The NSX ID of this resource. If set, this ID will be used to create the group resource.
Path string: The NSX path of the policy resource.
PolicyGroupId string: ID of the Group.
Revision double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
Tags List<PolicyGroupTag>: A list of scope + tag pairs to associate with this Group.

Conjunctions []PolicyGroupConjunctionArgs: When specifying multiple criteria, a conjunction is used to specify if the criteria should selected using AND or OR.
Context PolicyGroupContextArgs: The context which the object belongs to
Criterias []PolicyGroupCriteriaArgs: A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a conjunction. In a criteria block the following membership selection expressions can be used:
Description string: Description of the resource.
DisplayName string: Display name of the resource.
Domain string: The domain to use for the Group. This domain must already exist. For VMware Cloud on AWS use cgw. For Global Manager, please use site id for this field. If not specified, this field is default to default.
ExtendedCriteria PolicyGroupExtendedCriteriaArgs: A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that extended_criteria is implicitly AND with criteria.
GroupType string: One of IPAddress, ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. Note that updating this attribute will trigger recreation of the group.
NsxId string: The NSX ID of this resource. If set, this ID will be used to create the group resource.
Path string: The NSX path of the policy resource.
PolicyGroupId string: ID of the Group.
Revision float64: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
Tags []PolicyGroupTagArgs: A list of scope + tag pairs to associate with this Group.

conjunctions List<PolicyGroupConjunction>: When specifying multiple criteria, a conjunction is used to specify if the criteria should selected using AND or OR.
context PolicyGroupContext: The context which the object belongs to
criterias List<PolicyGroupCriteria>: A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a conjunction. In a criteria block the following membership selection expressions can be used:
description String: Description of the resource.
displayName String: Display name of the resource.
domain String: The domain to use for the Group. This domain must already exist. For VMware Cloud on AWS use cgw. For Global Manager, please use site id for this field. If not specified, this field is default to default.
extendedCriteria PolicyGroupExtendedCriteria: A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that extended_criteria is implicitly AND with criteria.
groupType String: One of IPAddress, ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. Note that updating this attribute will trigger recreation of the group.
nsxId String: The NSX ID of this resource. If set, this ID will be used to create the group resource.
path String: The NSX path of the policy resource.
policyGroupId String: ID of the Group.
revision Double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
tags List<PolicyGroupTag>: A list of scope + tag pairs to associate with this Group.

conjunctions PolicyGroupConjunction[]: When specifying multiple criteria, a conjunction is used to specify if the criteria should selected using AND or OR.
context PolicyGroupContext: The context which the object belongs to
criterias PolicyGroupCriteria[]: A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a conjunction. In a criteria block the following membership selection expressions can be used:
description string: Description of the resource.
displayName string: Display name of the resource.
domain string: The domain to use for the Group. This domain must already exist. For VMware Cloud on AWS use cgw. For Global Manager, please use site id for this field. If not specified, this field is default to default.
extendedCriteria PolicyGroupExtendedCriteria: A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that extended_criteria is implicitly AND with criteria.
groupType string: One of IPAddress, ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. Note that updating this attribute will trigger recreation of the group.
nsxId string: The NSX ID of this resource. If set, this ID will be used to create the group resource.
path string: The NSX path of the policy resource.
policyGroupId string: ID of the Group.
revision number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
tags PolicyGroupTag[]: A list of scope + tag pairs to associate with this Group.

conjunctions Sequence[PolicyGroupConjunctionArgs]: When specifying multiple criteria, a conjunction is used to specify if the criteria should selected using AND or OR.
context PolicyGroupContextArgs: The context which the object belongs to
criterias Sequence[PolicyGroupCriteriaArgs]: A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a conjunction. In a criteria block the following membership selection expressions can be used:
description str: Description of the resource.
display_name str: Display name of the resource.
domain str: The domain to use for the Group. This domain must already exist. For VMware Cloud on AWS use cgw. For Global Manager, please use site id for this field. If not specified, this field is default to default.
extended_criteria PolicyGroupExtendedCriteriaArgs: A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that extended_criteria is implicitly AND with criteria.
group_type str: One of IPAddress, ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. Note that updating this attribute will trigger recreation of the group.
nsx_id str: The NSX ID of this resource. If set, this ID will be used to create the group resource.
path str: The NSX path of the policy resource.
policy_group_id str: ID of the Group.
revision float: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
tags Sequence[PolicyGroupTagArgs]: A list of scope + tag pairs to associate with this Group.

conjunctions List<Property Map>: When specifying multiple criteria, a conjunction is used to specify if the criteria should selected using AND or OR.
context Property Map: The context which the object belongs to
criterias List<Property Map>: A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a conjunction. In a criteria block the following membership selection expressions can be used:
description String: Description of the resource.
displayName String: Display name of the resource.
domain String: The domain to use for the Group. This domain must already exist. For VMware Cloud on AWS use cgw. For Global Manager, please use site id for this field. If not specified, this field is default to default.
extendedCriteria Property Map: A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that extended_criteria is implicitly AND with criteria.
groupType String: One of IPAddress, ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. Note that updating this attribute will trigger recreation of the group.
nsxId String: The NSX ID of this resource. If set, this ID will be used to create the group resource.
path String: The NSX path of the policy resource.
policyGroupId String: ID of the Group.
revision Number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
tags List<Property Map>: A list of scope + tag pairs to associate with this Group.

Supporting Types

PolicyGroupConjunction, PolicyGroupConjunctionArgs

Operator string: The operator to use. Must be one of AND or OR. If AND is used, then the criteria block before/after must be of the same type and if using condition then also must use the same member_type.

Operator string: The operator to use. Must be one of AND or OR. If AND is used, then the criteria block before/after must be of the same type and if using condition then also must use the same member_type.

operator String: The operator to use. Must be one of AND or OR. If AND is used, then the criteria block before/after must be of the same type and if using condition then also must use the same member_type.

operator string: The operator to use. Must be one of AND or OR. If AND is used, then the criteria block before/after must be of the same type and if using condition then also must use the same member_type.

operator str: The operator to use. Must be one of AND or OR. If AND is used, then the criteria block before/after must be of the same type and if using condition then also must use the same member_type.

operator String: The operator to use. Must be one of AND or OR. If AND is used, then the criteria block before/after must be of the same type and if using condition then also must use the same member_type.

PolicyGroupContext, PolicyGroupContextArgs

ProjectId string: The ID of the project which the object belongs to

ProjectId string: The ID of the project which the object belongs to

projectId String: The ID of the project which the object belongs to

projectId string: The ID of the project which the object belongs to

project_id str: The ID of the project which the object belongs to

projectId String: The ID of the project which the object belongs to

PolicyGroupCriteria, PolicyGroupCriteriaArgs

Conditions List<PolicyGroupCriteriaCondition>: A repeatable condition block to select this Group's members. When multiple condition blocks are used in a single criteria they form a nested expression that's implicitly ANDed together and each nested condition must used the same member_type.
ExternalIdExpressions List<PolicyGroupCriteriaExternalIdExpression>: An expression block to specify external IDs for the specified member type for this Group.
IpaddressExpression PolicyGroupCriteriaIpaddressExpression: An expression block to specify individual IP Addresses, ranges of IP Addresses or subnets for this Group.
MacaddressExpression PolicyGroupCriteriaMacaddressExpression: An expression block to specify individual MAC Addresses for this Group.
PathExpression PolicyGroupCriteriaPathExpression: An expression block to specify direct group members by policy path.

Conditions []PolicyGroupCriteriaCondition: A repeatable condition block to select this Group's members. When multiple condition blocks are used in a single criteria they form a nested expression that's implicitly ANDed together and each nested condition must used the same member_type.
ExternalIdExpressions []PolicyGroupCriteriaExternalIdExpression: An expression block to specify external IDs for the specified member type for this Group.
IpaddressExpression PolicyGroupCriteriaIpaddressExpression: An expression block to specify individual IP Addresses, ranges of IP Addresses or subnets for this Group.
MacaddressExpression PolicyGroupCriteriaMacaddressExpression: An expression block to specify individual MAC Addresses for this Group.
PathExpression PolicyGroupCriteriaPathExpression: An expression block to specify direct group members by policy path.

conditions List<PolicyGroupCriteriaCondition>: A repeatable condition block to select this Group's members. When multiple condition blocks are used in a single criteria they form a nested expression that's implicitly ANDed together and each nested condition must used the same member_type.
externalIdExpressions List<PolicyGroupCriteriaExternalIdExpression>: An expression block to specify external IDs for the specified member type for this Group.
ipaddressExpression PolicyGroupCriteriaIpaddressExpression: An expression block to specify individual IP Addresses, ranges of IP Addresses or subnets for this Group.
macaddressExpression PolicyGroupCriteriaMacaddressExpression: An expression block to specify individual MAC Addresses for this Group.
pathExpression PolicyGroupCriteriaPathExpression: An expression block to specify direct group members by policy path.

conditions PolicyGroupCriteriaCondition[]: A repeatable condition block to select this Group's members. When multiple condition blocks are used in a single criteria they form a nested expression that's implicitly ANDed together and each nested condition must used the same member_type.
externalIdExpressions PolicyGroupCriteriaExternalIdExpression[]: An expression block to specify external IDs for the specified member type for this Group.
ipaddressExpression PolicyGroupCriteriaIpaddressExpression: An expression block to specify individual IP Addresses, ranges of IP Addresses or subnets for this Group.
macaddressExpression PolicyGroupCriteriaMacaddressExpression: An expression block to specify individual MAC Addresses for this Group.
pathExpression PolicyGroupCriteriaPathExpression: An expression block to specify direct group members by policy path.

conditions Sequence[PolicyGroupCriteriaCondition]: A repeatable condition block to select this Group's members. When multiple condition blocks are used in a single criteria they form a nested expression that's implicitly ANDed together and each nested condition must used the same member_type.
external_id_expressions Sequence[PolicyGroupCriteriaExternalIdExpression]: An expression block to specify external IDs for the specified member type for this Group.
ipaddress_expression PolicyGroupCriteriaIpaddressExpression: An expression block to specify individual IP Addresses, ranges of IP Addresses or subnets for this Group.
macaddress_expression PolicyGroupCriteriaMacaddressExpression: An expression block to specify individual MAC Addresses for this Group.
path_expression PolicyGroupCriteriaPathExpression: An expression block to specify direct group members by policy path.

conditions List<Property Map>: A repeatable condition block to select this Group's members. When multiple condition blocks are used in a single criteria they form a nested expression that's implicitly ANDed together and each nested condition must used the same member_type.
externalIdExpressions List<Property Map>: An expression block to specify external IDs for the specified member type for this Group.
ipaddressExpression Property Map: An expression block to specify individual IP Addresses, ranges of IP Addresses or subnets for this Group.
macaddressExpression Property Map: An expression block to specify individual MAC Addresses for this Group.
pathExpression Property Map: An expression block to specify direct group members by policy path.

PolicyGroupCriteriaCondition, PolicyGroupCriteriaConditionArgs

Key string: Specifies the attribute to query. Must be one of: Tag, ComputerName, OSName, Name, NodeType, GroupType, ALL, IPAddress, PodCidr. Please note that certain keys are only applicable to certain member types.
MemberType string: Specifies the type of resource to query. Must be one of: IPSet, LogicalPort, LogicalSwitch, Segment, SegmentPort, VirtualMachine, Group, DVPG, DVPort, IPAddress, TransportNode, Pod. Service, Namespace, KubernetesCluster, KubernetesNamespace, KubernetesIngress, KubernetesService, KubernetesNode, AntreaEgress, AntreaIPPool. Not that certain member types are only applicable to certain environments.
Operator string: Specifies the query operator to use. Must be one of: CONTAINS, ENDSWITH, EQUALS, NOTEQUALS, STARTSWITH, IN, NOTIN, MATCHES. Not that certain operators are only applicable to certain keys/member types.:w
Value string: User specified string value to use in the query. For Tag criteria, use 'scope|value' notation if you wish to specify scope in criteria.

Key string: Specifies the attribute to query. Must be one of: Tag, ComputerName, OSName, Name, NodeType, GroupType, ALL, IPAddress, PodCidr. Please note that certain keys are only applicable to certain member types.
MemberType string: Specifies the type of resource to query. Must be one of: IPSet, LogicalPort, LogicalSwitch, Segment, SegmentPort, VirtualMachine, Group, DVPG, DVPort, IPAddress, TransportNode, Pod. Service, Namespace, KubernetesCluster, KubernetesNamespace, KubernetesIngress, KubernetesService, KubernetesNode, AntreaEgress, AntreaIPPool. Not that certain member types are only applicable to certain environments.
Operator string: Specifies the query operator to use. Must be one of: CONTAINS, ENDSWITH, EQUALS, NOTEQUALS, STARTSWITH, IN, NOTIN, MATCHES. Not that certain operators are only applicable to certain keys/member types.:w
Value string: User specified string value to use in the query. For Tag criteria, use 'scope|value' notation if you wish to specify scope in criteria.

key String: Specifies the attribute to query. Must be one of: Tag, ComputerName, OSName, Name, NodeType, GroupType, ALL, IPAddress, PodCidr. Please note that certain keys are only applicable to certain member types.
memberType String: Specifies the type of resource to query. Must be one of: IPSet, LogicalPort, LogicalSwitch, Segment, SegmentPort, VirtualMachine, Group, DVPG, DVPort, IPAddress, TransportNode, Pod. Service, Namespace, KubernetesCluster, KubernetesNamespace, KubernetesIngress, KubernetesService, KubernetesNode, AntreaEgress, AntreaIPPool. Not that certain member types are only applicable to certain environments.
operator String: Specifies the query operator to use. Must be one of: CONTAINS, ENDSWITH, EQUALS, NOTEQUALS, STARTSWITH, IN, NOTIN, MATCHES. Not that certain operators are only applicable to certain keys/member types.:w
value String: User specified string value to use in the query. For Tag criteria, use 'scope|value' notation if you wish to specify scope in criteria.

key string: Specifies the attribute to query. Must be one of: Tag, ComputerName, OSName, Name, NodeType, GroupType, ALL, IPAddress, PodCidr. Please note that certain keys are only applicable to certain member types.
memberType string: Specifies the type of resource to query. Must be one of: IPSet, LogicalPort, LogicalSwitch, Segment, SegmentPort, VirtualMachine, Group, DVPG, DVPort, IPAddress, TransportNode, Pod. Service, Namespace, KubernetesCluster, KubernetesNamespace, KubernetesIngress, KubernetesService, KubernetesNode, AntreaEgress, AntreaIPPool. Not that certain member types are only applicable to certain environments.
operator string: Specifies the query operator to use. Must be one of: CONTAINS, ENDSWITH, EQUALS, NOTEQUALS, STARTSWITH, IN, NOTIN, MATCHES. Not that certain operators are only applicable to certain keys/member types.:w
value string: User specified string value to use in the query. For Tag criteria, use 'scope|value' notation if you wish to specify scope in criteria.

key str: Specifies the attribute to query. Must be one of: Tag, ComputerName, OSName, Name, NodeType, GroupType, ALL, IPAddress, PodCidr. Please note that certain keys are only applicable to certain member types.
member_type str: Specifies the type of resource to query. Must be one of: IPSet, LogicalPort, LogicalSwitch, Segment, SegmentPort, VirtualMachine, Group, DVPG, DVPort, IPAddress, TransportNode, Pod. Service, Namespace, KubernetesCluster, KubernetesNamespace, KubernetesIngress, KubernetesService, KubernetesNode, AntreaEgress, AntreaIPPool. Not that certain member types are only applicable to certain environments.
operator str: Specifies the query operator to use. Must be one of: CONTAINS, ENDSWITH, EQUALS, NOTEQUALS, STARTSWITH, IN, NOTIN, MATCHES. Not that certain operators are only applicable to certain keys/member types.:w
value str: User specified string value to use in the query. For Tag criteria, use 'scope|value' notation if you wish to specify scope in criteria.

key String: Specifies the attribute to query. Must be one of: Tag, ComputerName, OSName, Name, NodeType, GroupType, ALL, IPAddress, PodCidr. Please note that certain keys are only applicable to certain member types.
memberType String: Specifies the type of resource to query. Must be one of: IPSet, LogicalPort, LogicalSwitch, Segment, SegmentPort, VirtualMachine, Group, DVPG, DVPort, IPAddress, TransportNode, Pod. Service, Namespace, KubernetesCluster, KubernetesNamespace, KubernetesIngress, KubernetesService, KubernetesNode, AntreaEgress, AntreaIPPool. Not that certain member types are only applicable to certain environments.
operator String: Specifies the query operator to use. Must be one of: CONTAINS, ENDSWITH, EQUALS, NOTEQUALS, STARTSWITH, IN, NOTIN, MATCHES. Not that certain operators are only applicable to certain keys/member types.:w
value String: User specified string value to use in the query. For Tag criteria, use 'scope|value' notation if you wish to specify scope in criteria.

PolicyGroupCriteriaExternalIdExpression, PolicyGroupCriteriaExternalIdExpressionArgs

ExternalIds List<string>: List of external IDs for the specified member type.
MemberType string: External ID member type. Must be one of: VirtualMachine, VirtualNetworkInterface, CloudNativeServiceInstance, or PhysicalServer. Defaults to VirtualMachine.

ExternalIds []string: List of external IDs for the specified member type.
MemberType string: External ID member type. Must be one of: VirtualMachine, VirtualNetworkInterface, CloudNativeServiceInstance, or PhysicalServer. Defaults to VirtualMachine.

externalIds List<String>: List of external IDs for the specified member type.
memberType String: External ID member type. Must be one of: VirtualMachine, VirtualNetworkInterface, CloudNativeServiceInstance, or PhysicalServer. Defaults to VirtualMachine.

externalIds string[]: List of external IDs for the specified member type.
memberType string: External ID member type. Must be one of: VirtualMachine, VirtualNetworkInterface, CloudNativeServiceInstance, or PhysicalServer. Defaults to VirtualMachine.

external_ids Sequence[str]: List of external IDs for the specified member type.
member_type str: External ID member type. Must be one of: VirtualMachine, VirtualNetworkInterface, CloudNativeServiceInstance, or PhysicalServer. Defaults to VirtualMachine.

externalIds List<String>: List of external IDs for the specified member type.
memberType String: External ID member type. Must be one of: VirtualMachine, VirtualNetworkInterface, CloudNativeServiceInstance, or PhysicalServer. Defaults to VirtualMachine.

PolicyGroupCriteriaIpaddressExpression, PolicyGroupCriteriaIpaddressExpressionArgs

IpAddresses List<string>: This list can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed.

IpAddresses []string: This list can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed.

ipAddresses List<String>: This list can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed.

ipAddresses string[]: This list can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed.

ip_addresses Sequence[str]: This list can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed.

ipAddresses List<String>: This list can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed.

PolicyGroupCriteriaMacaddressExpression, PolicyGroupCriteriaMacaddressExpressionArgs

MacAddresses List<string>: List of MAC addresses.

MacAddresses []string: List of MAC addresses.

macAddresses List<String>: List of MAC addresses.

macAddresses string[]: List of MAC addresses.

mac_addresses Sequence[str]: List of MAC addresses.

macAddresses List<String>: List of MAC addresses.

PolicyGroupCriteriaPathExpression, PolicyGroupCriteriaPathExpressionArgs

MemberPaths List<string>: List of policy paths for direct members for this Group (such as Segments, Segment ports, Groups etc).

MemberPaths []string: List of policy paths for direct members for this Group (such as Segments, Segment ports, Groups etc).

memberPaths List<String>: List of policy paths for direct members for this Group (such as Segments, Segment ports, Groups etc).

memberPaths string[]: List of policy paths for direct members for this Group (such as Segments, Segment ports, Groups etc).

member_paths Sequence[str]: List of policy paths for direct members for this Group (such as Segments, Segment ports, Groups etc).

memberPaths List<String>: List of policy paths for direct members for this Group (such as Segments, Segment ports, Groups etc).

PolicyGroupExtendedCriteria, PolicyGroupExtendedCriteriaArgs

IdentityGroups List<PolicyGroupExtendedCriteriaIdentityGroup>: A repeatable condition block selecting user AD groups to be included in this Group. Note that identity_groups are OR with each other.

IdentityGroups []PolicyGroupExtendedCriteriaIdentityGroup: A repeatable condition block selecting user AD groups to be included in this Group. Note that identity_groups are OR with each other.

identityGroups List<PolicyGroupExtendedCriteriaIdentityGroup>: A repeatable condition block selecting user AD groups to be included in this Group. Note that identity_groups are OR with each other.

identityGroups PolicyGroupExtendedCriteriaIdentityGroup[]: A repeatable condition block selecting user AD groups to be included in this Group. Note that identity_groups are OR with each other.

identity_groups Sequence[PolicyGroupExtendedCriteriaIdentityGroup]: A repeatable condition block selecting user AD groups to be included in this Group. Note that identity_groups are OR with each other.

identityGroups List<Property Map>: A repeatable condition block selecting user AD groups to be included in this Group. Note that identity_groups are OR with each other.

PolicyGroupExtendedCriteriaIdentityGroup, PolicyGroupExtendedCriteriaIdentityGroupArgs

DistinguishedName string: LDAP distinguished name (DN). A valid fully qualified distinguished name should be provided here. This value is valid only if it matches to exactly 1 LDAP object on the LDAP server.
DomainBaseDistinguishedName string: Identity (Directory) domain base distinguished name. This is the base distinguished name for the domain where this identity group resides. (e.g. dc=example,dc=com)
Sid string: Identity (Directory) Group SID (security identifier). A security identifier (SID) is a unique value of variable length used to identify a trustee. This field is only populated for Microsoft Active Directory identity store.

DistinguishedName string: LDAP distinguished name (DN). A valid fully qualified distinguished name should be provided here. This value is valid only if it matches to exactly 1 LDAP object on the LDAP server.
DomainBaseDistinguishedName string: Identity (Directory) domain base distinguished name. This is the base distinguished name for the domain where this identity group resides. (e.g. dc=example,dc=com)
Sid string: Identity (Directory) Group SID (security identifier). A security identifier (SID) is a unique value of variable length used to identify a trustee. This field is only populated for Microsoft Active Directory identity store.

distinguishedName String: LDAP distinguished name (DN). A valid fully qualified distinguished name should be provided here. This value is valid only if it matches to exactly 1 LDAP object on the LDAP server.
domainBaseDistinguishedName String: Identity (Directory) domain base distinguished name. This is the base distinguished name for the domain where this identity group resides. (e.g. dc=example,dc=com)
sid String: Identity (Directory) Group SID (security identifier). A security identifier (SID) is a unique value of variable length used to identify a trustee. This field is only populated for Microsoft Active Directory identity store.

distinguishedName string: LDAP distinguished name (DN). A valid fully qualified distinguished name should be provided here. This value is valid only if it matches to exactly 1 LDAP object on the LDAP server.
domainBaseDistinguishedName string: Identity (Directory) domain base distinguished name. This is the base distinguished name for the domain where this identity group resides. (e.g. dc=example,dc=com)
sid string: Identity (Directory) Group SID (security identifier). A security identifier (SID) is a unique value of variable length used to identify a trustee. This field is only populated for Microsoft Active Directory identity store.

distinguished_name str: LDAP distinguished name (DN). A valid fully qualified distinguished name should be provided here. This value is valid only if it matches to exactly 1 LDAP object on the LDAP server.
domain_base_distinguished_name str: Identity (Directory) domain base distinguished name. This is the base distinguished name for the domain where this identity group resides. (e.g. dc=example,dc=com)
sid str: Identity (Directory) Group SID (security identifier). A security identifier (SID) is a unique value of variable length used to identify a trustee. This field is only populated for Microsoft Active Directory identity store.

distinguishedName String: LDAP distinguished name (DN). A valid fully qualified distinguished name should be provided here. This value is valid only if it matches to exactly 1 LDAP object on the LDAP server.
domainBaseDistinguishedName String: Identity (Directory) domain base distinguished name. This is the base distinguished name for the domain where this identity group resides. (e.g. dc=example,dc=com)
sid String: Identity (Directory) Group SID (security identifier). A security identifier (SID) is a unique value of variable length used to identify a trustee. This field is only populated for Microsoft Active Directory identity store.

PolicyGroupTag, PolicyGroupTagArgs

Scope string
Tag string: A list of scope + tag pairs to associate with this Group.

Scope string
Tag string: A list of scope + tag pairs to associate with this Group.

scope String
tag String: A list of scope + tag pairs to associate with this Group.

scope string
tag string: A list of scope + tag pairs to associate with this Group.

scope str
tag str: A list of scope + tag pairs to associate with this Group.

scope String
tag String: A list of scope + tag pairs to associate with this Group.

Package Details

Repository: nsxt vmware/terraform-provider-nsxt
License
Notes: This Pulumi package is based on the nsxt Terraform Provider.

nsxt 3.8.1 published on Wednesday, Apr 30, 2025 by vmware

vmware/terraform-provider-nsxt

nsxt.PolicyGroup

On this page

On this page

Create PolicyGroup Resource

Constructor syntax

Parameters

Constructor example

PolicyGroup Resource Properties

Inputs

Outputs

Look up Existing PolicyGroup Resource

Supporting Types

PolicyGroupConjunction, PolicyGroupConjunctionArgs

PolicyGroupContext, PolicyGroupContextArgs

PolicyGroupCriteria, PolicyGroupCriteriaArgs

PolicyGroupCriteriaCondition, PolicyGroupCriteriaConditionArgs

PolicyGroupCriteriaExternalIdExpression, PolicyGroupCriteriaExternalIdExpressionArgs

PolicyGroupCriteriaIpaddressExpression, PolicyGroupCriteriaIpaddressExpressionArgs

PolicyGroupCriteriaMacaddressExpression, PolicyGroupCriteriaMacaddressExpressionArgs

PolicyGroupCriteriaPathExpression, PolicyGroupCriteriaPathExpressionArgs

PolicyGroupExtendedCriteria, PolicyGroupExtendedCriteriaArgs

PolicyGroupExtendedCriteriaIdentityGroup, PolicyGroupExtendedCriteriaIdentityGroupArgs

PolicyGroupTag, PolicyGroupTagArgs

Package Details

On this page

On this page