nsxt.PolicyIntrusionServiceGatewayPolicyRule

nsxt 3.12.0, May 18 26

Viewing docs for nsxt 3.12.0
published on Monday, May 18, 2026 by vmware

Create PolicyIntrusionServiceGatewayPolicyRule Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new PolicyIntrusionServiceGatewayPolicyRule(name: string, args: PolicyIntrusionServiceGatewayPolicyRuleArgs, opts?: CustomResourceOptions);

@overload
def PolicyIntrusionServiceGatewayPolicyRule(resource_name: str,
                                            args: PolicyIntrusionServiceGatewayPolicyRuleInitArgs,
                                            opts: Optional[ResourceOptions] = None)

@overload
def PolicyIntrusionServiceGatewayPolicyRule(resource_name: str,
                                            opts: Optional[ResourceOptions] = None,
                                            display_name: Optional[str] = None,
                                            sequence_number: Optional[float] = None,
                                            scopes: Optional[Sequence[str]] = None,
                                            policy_path: Optional[str] = None,
                                            ids_profiles: Optional[Sequence[str]] = None,
                                            disabled: Optional[bool] = None,
                                            nsx_id: Optional[str] = None,
                                            direction: Optional[str] = None,
                                            ip_version: Optional[str] = None,
                                            log_label: Optional[str] = None,
                                            logged: Optional[bool] = None,
                                            notes: Optional[str] = None,
                                            action: Optional[str] = None,
                                            policy_intrusion_service_gateway_policy_rule_id: Optional[str] = None,
                                            destinations_excluded: Optional[bool] = None,
                                            destination_groups: Optional[Sequence[str]] = None,
                                            description: Optional[str] = None,
                                            services: Optional[Sequence[str]] = None,
                                            source_groups: Optional[Sequence[str]] = None,
                                            sources_excluded: Optional[bool] = None,
                                            tags: Optional[Sequence[PolicyIntrusionServiceGatewayPolicyRuleTagArgs]] = None)

func NewPolicyIntrusionServiceGatewayPolicyRule(ctx *Context, name string, args PolicyIntrusionServiceGatewayPolicyRuleArgs, opts ...ResourceOption) (*PolicyIntrusionServiceGatewayPolicyRule, error)

public PolicyIntrusionServiceGatewayPolicyRule(string name, PolicyIntrusionServiceGatewayPolicyRuleArgs args, CustomResourceOptions? opts = null)

public PolicyIntrusionServiceGatewayPolicyRule(String name, PolicyIntrusionServiceGatewayPolicyRuleArgs args)
public PolicyIntrusionServiceGatewayPolicyRule(String name, PolicyIntrusionServiceGatewayPolicyRuleArgs args, CustomResourceOptions options)

type: nsxt:PolicyIntrusionServiceGatewayPolicyRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

resource "nsxt_policyintrusionservicegatewaypolicyrule" "name" {
    # resource properties
}

Parameters

name string: The unique name of the resource.
args PolicyIntrusionServiceGatewayPolicyRuleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args PolicyIntrusionServiceGatewayPolicyRuleInitArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args PolicyIntrusionServiceGatewayPolicyRuleArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args PolicyIntrusionServiceGatewayPolicyRuleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args PolicyIntrusionServiceGatewayPolicyRuleArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var policyIntrusionServiceGatewayPolicyRuleResource = new Nsxt.PolicyIntrusionServiceGatewayPolicyRule("policyIntrusionServiceGatewayPolicyRuleResource", new()
{
    DisplayName = "string",
    SequenceNumber = 0,
    Scopes = new[]
    {
        "string",
    },
    PolicyPath = "string",
    IdsProfiles = new[]
    {
        "string",
    },
    Disabled = false,
    NsxId = "string",
    Direction = "string",
    IpVersion = "string",
    LogLabel = "string",
    Logged = false,
    Notes = "string",
    Action = "string",
    PolicyIntrusionServiceGatewayPolicyRuleId = "string",
    DestinationsExcluded = false,
    DestinationGroups = new[]
    {
        "string",
    },
    Description = "string",
    Services = new[]
    {
        "string",
    },
    SourceGroups = new[]
    {
        "string",
    },
    SourcesExcluded = false,
    Tags = new[]
    {
        new Nsxt.Inputs.PolicyIntrusionServiceGatewayPolicyRuleTagArgs
        {
            Scope = "string",
            Tag = "string",
        },
    },
});

example, err := nsxt.NewPolicyIntrusionServiceGatewayPolicyRule(ctx, "policyIntrusionServiceGatewayPolicyRuleResource", &nsxt.PolicyIntrusionServiceGatewayPolicyRuleArgs{
	DisplayName:    pulumi.String("string"),
	SequenceNumber: pulumi.Float64(0),
	Scopes: pulumi.StringArray{
		pulumi.String("string"),
	},
	PolicyPath: pulumi.String("string"),
	IdsProfiles: pulumi.StringArray{
		pulumi.String("string"),
	},
	Disabled:  pulumi.Bool(false),
	NsxId:     pulumi.String("string"),
	Direction: pulumi.String("string"),
	IpVersion: pulumi.String("string"),
	LogLabel:  pulumi.String("string"),
	Logged:    pulumi.Bool(false),
	Notes:     pulumi.String("string"),
	Action:    pulumi.String("string"),
	PolicyIntrusionServiceGatewayPolicyRuleId: pulumi.String("string"),
	DestinationsExcluded:                      pulumi.Bool(false),
	DestinationGroups: pulumi.StringArray{
		pulumi.String("string"),
	},
	Description: pulumi.String("string"),
	Services: pulumi.StringArray{
		pulumi.String("string"),
	},
	SourceGroups: pulumi.StringArray{
		pulumi.String("string"),
	},
	SourcesExcluded: pulumi.Bool(false),
	Tags: nsxt.PolicyIntrusionServiceGatewayPolicyRuleTagArray{
		&nsxt.PolicyIntrusionServiceGatewayPolicyRuleTagArgs{
			Scope: pulumi.String("string"),
			Tag:   pulumi.String("string"),
		},
	},
})

resource "nsxt_policyintrusionservicegatewaypolicyrule" "policyIntrusionServiceGatewayPolicyRuleResource" {
  display_name                                    = "string"
  sequence_number                                 = 0
  scopes                                          = ["string"]
  policy_path                                     = "string"
  ids_profiles                                    = ["string"]
  disabled                                        = false
  nsx_id                                          = "string"
  direction                                       = "string"
  ip_version                                      = "string"
  log_label                                       = "string"
  logged                                          = false
  notes                                           = "string"
  action                                          = "string"
  policy_intrusion_service_gateway_policy_rule_id = "string"
  destinations_excluded                           = false
  destination_groups                              = ["string"]
  description                                     = "string"
  services                                        = ["string"]
  source_groups                                   = ["string"]
  sources_excluded                                = false
  tags {
    scope = "string"
    tag   = "string"
  }
}

var policyIntrusionServiceGatewayPolicyRuleResource = new PolicyIntrusionServiceGatewayPolicyRule("policyIntrusionServiceGatewayPolicyRuleResource", PolicyIntrusionServiceGatewayPolicyRuleArgs.builder()
    .displayName("string")
    .sequenceNumber(0.0)
    .scopes("string")
    .policyPath("string")
    .idsProfiles("string")
    .disabled(false)
    .nsxId("string")
    .direction("string")
    .ipVersion("string")
    .logLabel("string")
    .logged(false)
    .notes("string")
    .action("string")
    .policyIntrusionServiceGatewayPolicyRuleId("string")
    .destinationsExcluded(false)
    .destinationGroups("string")
    .description("string")
    .services("string")
    .sourceGroups("string")
    .sourcesExcluded(false)
    .tags(PolicyIntrusionServiceGatewayPolicyRuleTagArgs.builder()
        .scope("string")
        .tag("string")
        .build())
    .build());

policy_intrusion_service_gateway_policy_rule_resource = nsxt.PolicyIntrusionServiceGatewayPolicyRule("policyIntrusionServiceGatewayPolicyRuleResource",
    display_name="string",
    sequence_number=float(0),
    scopes=["string"],
    policy_path="string",
    ids_profiles=["string"],
    disabled=False,
    nsx_id="string",
    direction="string",
    ip_version="string",
    log_label="string",
    logged=False,
    notes="string",
    action="string",
    policy_intrusion_service_gateway_policy_rule_id="string",
    destinations_excluded=False,
    destination_groups=["string"],
    description="string",
    services=["string"],
    source_groups=["string"],
    sources_excluded=False,
    tags=[{
        "scope": "string",
        "tag": "string",
    }])

const policyIntrusionServiceGatewayPolicyRuleResource = new nsxt.PolicyIntrusionServiceGatewayPolicyRule("policyIntrusionServiceGatewayPolicyRuleResource", {
    displayName: "string",
    sequenceNumber: 0,
    scopes: ["string"],
    policyPath: "string",
    idsProfiles: ["string"],
    disabled: false,
    nsxId: "string",
    direction: "string",
    ipVersion: "string",
    logLabel: "string",
    logged: false,
    notes: "string",
    action: "string",
    policyIntrusionServiceGatewayPolicyRuleId: "string",
    destinationsExcluded: false,
    destinationGroups: ["string"],
    description: "string",
    services: ["string"],
    sourceGroups: ["string"],
    sourcesExcluded: false,
    tags: [{
        scope: "string",
        tag: "string",
    }],
});

type: nsxt:PolicyIntrusionServiceGatewayPolicyRule
properties:
    action: string
    description: string
    destinationGroups:
        - string
    destinationsExcluded: false
    direction: string
    disabled: false
    displayName: string
    idsProfiles:
        - string
    ipVersion: string
    logLabel: string
    logged: false
    notes: string
    nsxId: string
    policyIntrusionServiceGatewayPolicyRuleId: string
    policyPath: string
    scopes:
        - string
    sequenceNumber: 0
    services:
        - string
    sourceGroups:
        - string
    sourcesExcluded: false
    tags:
        - scope: string
          tag: string

PolicyIntrusionServiceGatewayPolicyRule Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The PolicyIntrusionServiceGatewayPolicyRule resource accepts the following input properties:

DisplayName string: Display name of the resource.
IdsProfiles List<string>: Set of IDS profile paths for this rule. These profiles define the intrusion detection signatures to be applied.
PolicyPath string: Path of the Intrusion Service Gateway Policy this rule belongs to.
Scopes List<string>: Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
SequenceNumber double: Sequence number to determine the order of rule processing within the parent policy.
Action string: Rule action for intrusion detection/prevention. One of DETECT or DETECT_PREVENT. Default is DETECT.
Description string: Description of the resource.
DestinationGroups List<string>: Set of group paths that serve as the destination for this rule. An empty set can be used to specify ANY. Default is ANY.
DestinationsExcluded bool: A boolean value indicating negation of destination groups. Default is false.
Direction string: The traffic direction for the rule. Must be one of: IN, OUT or IN_OUT. Default is IN_OUT.
Disabled bool: A boolean value to indicate the rule is disabled. Default is false.
IpVersion string: The IP Protocol for the rule. Must be one of: IPV4, IPV6 or IPV4_IPV6. Default is IPV4_IPV6.
LogLabel string: Additional information (string) which will be propagated to the rule syslog for this rule.
Logged bool: A boolean flag to enable packet logging. Default is false.
Notes string: Text for additional notes on changes for this rule.
NsxId string: The NSX ID of this resource. If set, this ID will be used to create the resource.
PolicyIntrusionServiceGatewayPolicyRuleId string: ID of the resource.
Services List<string>: Set of service paths to match for this rule. An empty set can be used to specify ANY. Default is ANY.
SourceGroups List<string>: Set of group paths that serve as the source for this rule. An empty set can be used to specify ANY. Default is ANY.
SourcesExcluded bool: A boolean value indicating negation of source groups. Default is false.
Tags List<PolicyIntrusionServiceGatewayPolicyRuleTag>: A list of scope + tag pairs to associate with this rule.

DisplayName string: Display name of the resource.
IdsProfiles []string: Set of IDS profile paths for this rule. These profiles define the intrusion detection signatures to be applied.
PolicyPath string: Path of the Intrusion Service Gateway Policy this rule belongs to.
Scopes []string: Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
SequenceNumber float64: Sequence number to determine the order of rule processing within the parent policy.
Action string: Rule action for intrusion detection/prevention. One of DETECT or DETECT_PREVENT. Default is DETECT.
Description string: Description of the resource.
DestinationGroups []string: Set of group paths that serve as the destination for this rule. An empty set can be used to specify ANY. Default is ANY.
DestinationsExcluded bool: A boolean value indicating negation of destination groups. Default is false.
Direction string: The traffic direction for the rule. Must be one of: IN, OUT or IN_OUT. Default is IN_OUT.
Disabled bool: A boolean value to indicate the rule is disabled. Default is false.
IpVersion string: The IP Protocol for the rule. Must be one of: IPV4, IPV6 or IPV4_IPV6. Default is IPV4_IPV6.
LogLabel string: Additional information (string) which will be propagated to the rule syslog for this rule.
Logged bool: A boolean flag to enable packet logging. Default is false.
Notes string: Text for additional notes on changes for this rule.
NsxId string: The NSX ID of this resource. If set, this ID will be used to create the resource.
PolicyIntrusionServiceGatewayPolicyRuleId string: ID of the resource.
Services []string: Set of service paths to match for this rule. An empty set can be used to specify ANY. Default is ANY.
SourceGroups []string: Set of group paths that serve as the source for this rule. An empty set can be used to specify ANY. Default is ANY.
SourcesExcluded bool: A boolean value indicating negation of source groups. Default is false.
Tags []PolicyIntrusionServiceGatewayPolicyRuleTagArgs: A list of scope + tag pairs to associate with this rule.

display_name string: Display name of the resource.
ids_profiles list(string): Set of IDS profile paths for this rule. These profiles define the intrusion detection signatures to be applied.
policy_path string: Path of the Intrusion Service Gateway Policy this rule belongs to.
scopes list(string): Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
sequence_number number: Sequence number to determine the order of rule processing within the parent policy.
action string: Rule action for intrusion detection/prevention. One of DETECT or DETECT_PREVENT. Default is DETECT.
description string: Description of the resource.
destination_groups list(string): Set of group paths that serve as the destination for this rule. An empty set can be used to specify ANY. Default is ANY.
destinations_excluded bool: A boolean value indicating negation of destination groups. Default is false.
direction string: The traffic direction for the rule. Must be one of: IN, OUT or IN_OUT. Default is IN_OUT.
disabled bool: A boolean value to indicate the rule is disabled. Default is false.
ip_version string: The IP Protocol for the rule. Must be one of: IPV4, IPV6 or IPV4_IPV6. Default is IPV4_IPV6.
log_label string: Additional information (string) which will be propagated to the rule syslog for this rule.
logged bool: A boolean flag to enable packet logging. Default is false.
notes string: Text for additional notes on changes for this rule.
nsx_id string: The NSX ID of this resource. If set, this ID will be used to create the resource.
policy_intrusion_service_gateway_policy_rule_id string: ID of the resource.
services list(string): Set of service paths to match for this rule. An empty set can be used to specify ANY. Default is ANY.
source_groups list(string): Set of group paths that serve as the source for this rule. An empty set can be used to specify ANY. Default is ANY.
sources_excluded bool: A boolean value indicating negation of source groups. Default is false.
tags list(object): A list of scope + tag pairs to associate with this rule.

displayName String: Display name of the resource.
idsProfiles List<String>: Set of IDS profile paths for this rule. These profiles define the intrusion detection signatures to be applied.
policyPath String: Path of the Intrusion Service Gateway Policy this rule belongs to.
scopes List<String>: Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
sequenceNumber Double: Sequence number to determine the order of rule processing within the parent policy.
action String: Rule action for intrusion detection/prevention. One of DETECT or DETECT_PREVENT. Default is DETECT.
description String: Description of the resource.
destinationGroups List<String>: Set of group paths that serve as the destination for this rule. An empty set can be used to specify ANY. Default is ANY.
destinationsExcluded Boolean: A boolean value indicating negation of destination groups. Default is false.
direction String: The traffic direction for the rule. Must be one of: IN, OUT or IN_OUT. Default is IN_OUT.
disabled Boolean: A boolean value to indicate the rule is disabled. Default is false.
ipVersion String: The IP Protocol for the rule. Must be one of: IPV4, IPV6 or IPV4_IPV6. Default is IPV4_IPV6.
logLabel String: Additional information (string) which will be propagated to the rule syslog for this rule.
logged Boolean: A boolean flag to enable packet logging. Default is false.
notes String: Text for additional notes on changes for this rule.
nsxId String: The NSX ID of this resource. If set, this ID will be used to create the resource.
policyIntrusionServiceGatewayPolicyRuleId String: ID of the resource.
services List<String>: Set of service paths to match for this rule. An empty set can be used to specify ANY. Default is ANY.
sourceGroups List<String>: Set of group paths that serve as the source for this rule. An empty set can be used to specify ANY. Default is ANY.
sourcesExcluded Boolean: A boolean value indicating negation of source groups. Default is false.
tags List<PolicyIntrusionServiceGatewayPolicyRuleTag>: A list of scope + tag pairs to associate with this rule.

displayName string: Display name of the resource.
idsProfiles string[]: Set of IDS profile paths for this rule. These profiles define the intrusion detection signatures to be applied.
policyPath string: Path of the Intrusion Service Gateway Policy this rule belongs to.
scopes string[]: Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
sequenceNumber number: Sequence number to determine the order of rule processing within the parent policy.
action string: Rule action for intrusion detection/prevention. One of DETECT or DETECT_PREVENT. Default is DETECT.
description string: Description of the resource.
destinationGroups string[]: Set of group paths that serve as the destination for this rule. An empty set can be used to specify ANY. Default is ANY.
destinationsExcluded boolean: A boolean value indicating negation of destination groups. Default is false.
direction string: The traffic direction for the rule. Must be one of: IN, OUT or IN_OUT. Default is IN_OUT.
disabled boolean: A boolean value to indicate the rule is disabled. Default is false.
ipVersion string: The IP Protocol for the rule. Must be one of: IPV4, IPV6 or IPV4_IPV6. Default is IPV4_IPV6.
logLabel string: Additional information (string) which will be propagated to the rule syslog for this rule.
logged boolean: A boolean flag to enable packet logging. Default is false.
notes string: Text for additional notes on changes for this rule.
nsxId string: The NSX ID of this resource. If set, this ID will be used to create the resource.
policyIntrusionServiceGatewayPolicyRuleId string: ID of the resource.
services string[]: Set of service paths to match for this rule. An empty set can be used to specify ANY. Default is ANY.
sourceGroups string[]: Set of group paths that serve as the source for this rule. An empty set can be used to specify ANY. Default is ANY.
sourcesExcluded boolean: A boolean value indicating negation of source groups. Default is false.
tags PolicyIntrusionServiceGatewayPolicyRuleTag[]: A list of scope + tag pairs to associate with this rule.

display_name str: Display name of the resource.
ids_profiles Sequence[str]: Set of IDS profile paths for this rule. These profiles define the intrusion detection signatures to be applied.
policy_path str: Path of the Intrusion Service Gateway Policy this rule belongs to.
scopes Sequence[str]: Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
sequence_number float: Sequence number to determine the order of rule processing within the parent policy.
action str: Rule action for intrusion detection/prevention. One of DETECT or DETECT_PREVENT. Default is DETECT.
description str: Description of the resource.
destination_groups Sequence[str]: Set of group paths that serve as the destination for this rule. An empty set can be used to specify ANY. Default is ANY.
destinations_excluded bool: A boolean value indicating negation of destination groups. Default is false.
direction str: The traffic direction for the rule. Must be one of: IN, OUT or IN_OUT. Default is IN_OUT.
disabled bool: A boolean value to indicate the rule is disabled. Default is false.
ip_version str: The IP Protocol for the rule. Must be one of: IPV4, IPV6 or IPV4_IPV6. Default is IPV4_IPV6.
log_label str: Additional information (string) which will be propagated to the rule syslog for this rule.
logged bool: A boolean flag to enable packet logging. Default is false.
notes str: Text for additional notes on changes for this rule.
nsx_id str: The NSX ID of this resource. If set, this ID will be used to create the resource.
policy_intrusion_service_gateway_policy_rule_id str: ID of the resource.
services Sequence[str]: Set of service paths to match for this rule. An empty set can be used to specify ANY. Default is ANY.
source_groups Sequence[str]: Set of group paths that serve as the source for this rule. An empty set can be used to specify ANY. Default is ANY.
sources_excluded bool: A boolean value indicating negation of source groups. Default is false.
tags Sequence[PolicyIntrusionServiceGatewayPolicyRuleTagArgs]: A list of scope + tag pairs to associate with this rule.

displayName String: Display name of the resource.
idsProfiles List<String>: Set of IDS profile paths for this rule. These profiles define the intrusion detection signatures to be applied.
policyPath String: Path of the Intrusion Service Gateway Policy this rule belongs to.
scopes List<String>: Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
sequenceNumber Number: Sequence number to determine the order of rule processing within the parent policy.
action String: Rule action for intrusion detection/prevention. One of DETECT or DETECT_PREVENT. Default is DETECT.
description String: Description of the resource.
destinationGroups List<String>: Set of group paths that serve as the destination for this rule. An empty set can be used to specify ANY. Default is ANY.
destinationsExcluded Boolean: A boolean value indicating negation of destination groups. Default is false.
direction String: The traffic direction for the rule. Must be one of: IN, OUT or IN_OUT. Default is IN_OUT.
disabled Boolean: A boolean value to indicate the rule is disabled. Default is false.
ipVersion String: The IP Protocol for the rule. Must be one of: IPV4, IPV6 or IPV4_IPV6. Default is IPV4_IPV6.
logLabel String: Additional information (string) which will be propagated to the rule syslog for this rule.
logged Boolean: A boolean flag to enable packet logging. Default is false.
notes String: Text for additional notes on changes for this rule.
nsxId String: The NSX ID of this resource. If set, this ID will be used to create the resource.
policyIntrusionServiceGatewayPolicyRuleId String: ID of the resource.
services List<String>: Set of service paths to match for this rule. An empty set can be used to specify ANY. Default is ANY.
sourceGroups List<String>: Set of group paths that serve as the source for this rule. An empty set can be used to specify ANY. Default is ANY.
sourcesExcluded Boolean: A boolean value indicating negation of source groups. Default is false.
tags List<Property Map>: A list of scope + tag pairs to associate with this rule.

Outputs

All input properties are implicitly available as output properties. Additionally, the PolicyIntrusionServiceGatewayPolicyRule resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
Path string: The NSX path of the policy resource.
Revision double: Indicates current revision number of the object as seen by NSX-T API server.
RuleId double: Unique positive number that is assigned by the system and is useful for debugging.

Id string: The provider-assigned unique ID for this managed resource.
Path string: The NSX path of the policy resource.
Revision float64: Indicates current revision number of the object as seen by NSX-T API server.
RuleId float64: Unique positive number that is assigned by the system and is useful for debugging.

id string: The provider-assigned unique ID for this managed resource.
path string: The NSX path of the policy resource.
revision number: Indicates current revision number of the object as seen by NSX-T API server.
rule_id number: Unique positive number that is assigned by the system and is useful for debugging.

id String: The provider-assigned unique ID for this managed resource.
path String: The NSX path of the policy resource.
revision Double: Indicates current revision number of the object as seen by NSX-T API server.
ruleId Double: Unique positive number that is assigned by the system and is useful for debugging.

id string: The provider-assigned unique ID for this managed resource.
path string: The NSX path of the policy resource.
revision number: Indicates current revision number of the object as seen by NSX-T API server.
ruleId number: Unique positive number that is assigned by the system and is useful for debugging.

id str: The provider-assigned unique ID for this managed resource.
path str: The NSX path of the policy resource.
revision float: Indicates current revision number of the object as seen by NSX-T API server.
rule_id float: Unique positive number that is assigned by the system and is useful for debugging.

id String: The provider-assigned unique ID for this managed resource.
path String: The NSX path of the policy resource.
revision Number: Indicates current revision number of the object as seen by NSX-T API server.
ruleId Number: Unique positive number that is assigned by the system and is useful for debugging.

Look up Existing PolicyIntrusionServiceGatewayPolicyRule Resource

Get an existing PolicyIntrusionServiceGatewayPolicyRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: PolicyIntrusionServiceGatewayPolicyRuleState, opts?: CustomResourceOptions): PolicyIntrusionServiceGatewayPolicyRule

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        action: Optional[str] = None,
        description: Optional[str] = None,
        destination_groups: Optional[Sequence[str]] = None,
        destinations_excluded: Optional[bool] = None,
        direction: Optional[str] = None,
        disabled: Optional[bool] = None,
        display_name: Optional[str] = None,
        ids_profiles: Optional[Sequence[str]] = None,
        ip_version: Optional[str] = None,
        log_label: Optional[str] = None,
        logged: Optional[bool] = None,
        notes: Optional[str] = None,
        nsx_id: Optional[str] = None,
        path: Optional[str] = None,
        policy_intrusion_service_gateway_policy_rule_id: Optional[str] = None,
        policy_path: Optional[str] = None,
        revision: Optional[float] = None,
        rule_id: Optional[float] = None,
        scopes: Optional[Sequence[str]] = None,
        sequence_number: Optional[float] = None,
        services: Optional[Sequence[str]] = None,
        source_groups: Optional[Sequence[str]] = None,
        sources_excluded: Optional[bool] = None,
        tags: Optional[Sequence[PolicyIntrusionServiceGatewayPolicyRuleTagArgs]] = None) -> PolicyIntrusionServiceGatewayPolicyRule

func GetPolicyIntrusionServiceGatewayPolicyRule(ctx *Context, name string, id IDInput, state *PolicyIntrusionServiceGatewayPolicyRuleState, opts ...ResourceOption) (*PolicyIntrusionServiceGatewayPolicyRule, error)

public static PolicyIntrusionServiceGatewayPolicyRule Get(string name, Input<string> id, PolicyIntrusionServiceGatewayPolicyRuleState? state, CustomResourceOptions? opts = null)

public static PolicyIntrusionServiceGatewayPolicyRule get(String name, Output<String> id, PolicyIntrusionServiceGatewayPolicyRuleState state, CustomResourceOptions options)

resources:  _:    type: nsxt:PolicyIntrusionServiceGatewayPolicyRule    get:      id: ${id}

import {
  to = nsxt_policyintrusionservicegatewaypolicyrule.example
  id = "${id}"
}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Action string: Rule action for intrusion detection/prevention. One of DETECT or DETECT_PREVENT. Default is DETECT.
Description string: Description of the resource.
DestinationGroups List<string>: Set of group paths that serve as the destination for this rule. An empty set can be used to specify ANY. Default is ANY.
DestinationsExcluded bool: A boolean value indicating negation of destination groups. Default is false.
Direction string: The traffic direction for the rule. Must be one of: IN, OUT or IN_OUT. Default is IN_OUT.
Disabled bool: A boolean value to indicate the rule is disabled. Default is false.
DisplayName string: Display name of the resource.
IdsProfiles List<string>: Set of IDS profile paths for this rule. These profiles define the intrusion detection signatures to be applied.
IpVersion string: The IP Protocol for the rule. Must be one of: IPV4, IPV6 or IPV4_IPV6. Default is IPV4_IPV6.
LogLabel string: Additional information (string) which will be propagated to the rule syslog for this rule.
Logged bool: A boolean flag to enable packet logging. Default is false.
Notes string: Text for additional notes on changes for this rule.
NsxId string: The NSX ID of this resource. If set, this ID will be used to create the resource.
Path string: The NSX path of the policy resource.
PolicyIntrusionServiceGatewayPolicyRuleId string: ID of the resource.
PolicyPath string: Path of the Intrusion Service Gateway Policy this rule belongs to.
Revision double: Indicates current revision number of the object as seen by NSX-T API server.
RuleId double: Unique positive number that is assigned by the system and is useful for debugging.
Scopes List<string>: Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
SequenceNumber double: Sequence number to determine the order of rule processing within the parent policy.
Services List<string>: Set of service paths to match for this rule. An empty set can be used to specify ANY. Default is ANY.
SourceGroups List<string>: Set of group paths that serve as the source for this rule. An empty set can be used to specify ANY. Default is ANY.
SourcesExcluded bool: A boolean value indicating negation of source groups. Default is false.
Tags List<PolicyIntrusionServiceGatewayPolicyRuleTag>: A list of scope + tag pairs to associate with this rule.

Action string: Rule action for intrusion detection/prevention. One of DETECT or DETECT_PREVENT. Default is DETECT.
Description string: Description of the resource.
DestinationGroups []string: Set of group paths that serve as the destination for this rule. An empty set can be used to specify ANY. Default is ANY.
DestinationsExcluded bool: A boolean value indicating negation of destination groups. Default is false.
Direction string: The traffic direction for the rule. Must be one of: IN, OUT or IN_OUT. Default is IN_OUT.
Disabled bool: A boolean value to indicate the rule is disabled. Default is false.
DisplayName string: Display name of the resource.
IdsProfiles []string: Set of IDS profile paths for this rule. These profiles define the intrusion detection signatures to be applied.
IpVersion string: The IP Protocol for the rule. Must be one of: IPV4, IPV6 or IPV4_IPV6. Default is IPV4_IPV6.
LogLabel string: Additional information (string) which will be propagated to the rule syslog for this rule.
Logged bool: A boolean flag to enable packet logging. Default is false.
Notes string: Text for additional notes on changes for this rule.
NsxId string: The NSX ID of this resource. If set, this ID will be used to create the resource.
Path string: The NSX path of the policy resource.
PolicyIntrusionServiceGatewayPolicyRuleId string: ID of the resource.
PolicyPath string: Path of the Intrusion Service Gateway Policy this rule belongs to.
Revision float64: Indicates current revision number of the object as seen by NSX-T API server.
RuleId float64: Unique positive number that is assigned by the system and is useful for debugging.
Scopes []string: Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
SequenceNumber float64: Sequence number to determine the order of rule processing within the parent policy.
Services []string: Set of service paths to match for this rule. An empty set can be used to specify ANY. Default is ANY.
SourceGroups []string: Set of group paths that serve as the source for this rule. An empty set can be used to specify ANY. Default is ANY.
SourcesExcluded bool: A boolean value indicating negation of source groups. Default is false.
Tags []PolicyIntrusionServiceGatewayPolicyRuleTagArgs: A list of scope + tag pairs to associate with this rule.

action string: Rule action for intrusion detection/prevention. One of DETECT or DETECT_PREVENT. Default is DETECT.
description string: Description of the resource.
destination_groups list(string): Set of group paths that serve as the destination for this rule. An empty set can be used to specify ANY. Default is ANY.
destinations_excluded bool: A boolean value indicating negation of destination groups. Default is false.
direction string: The traffic direction for the rule. Must be one of: IN, OUT or IN_OUT. Default is IN_OUT.
disabled bool: A boolean value to indicate the rule is disabled. Default is false.
display_name string: Display name of the resource.
ids_profiles list(string): Set of IDS profile paths for this rule. These profiles define the intrusion detection signatures to be applied.
ip_version string: The IP Protocol for the rule. Must be one of: IPV4, IPV6 or IPV4_IPV6. Default is IPV4_IPV6.
log_label string: Additional information (string) which will be propagated to the rule syslog for this rule.
logged bool: A boolean flag to enable packet logging. Default is false.
notes string: Text for additional notes on changes for this rule.
nsx_id string: The NSX ID of this resource. If set, this ID will be used to create the resource.
path string: The NSX path of the policy resource.
policy_intrusion_service_gateway_policy_rule_id string: ID of the resource.
policy_path string: Path of the Intrusion Service Gateway Policy this rule belongs to.
revision number: Indicates current revision number of the object as seen by NSX-T API server.
rule_id number: Unique positive number that is assigned by the system and is useful for debugging.
scopes list(string): Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
sequence_number number: Sequence number to determine the order of rule processing within the parent policy.
services list(string): Set of service paths to match for this rule. An empty set can be used to specify ANY. Default is ANY.
source_groups list(string): Set of group paths that serve as the source for this rule. An empty set can be used to specify ANY. Default is ANY.
sources_excluded bool: A boolean value indicating negation of source groups. Default is false.
tags list(object): A list of scope + tag pairs to associate with this rule.

action String: Rule action for intrusion detection/prevention. One of DETECT or DETECT_PREVENT. Default is DETECT.
description String: Description of the resource.
destinationGroups List<String>: Set of group paths that serve as the destination for this rule. An empty set can be used to specify ANY. Default is ANY.
destinationsExcluded Boolean: A boolean value indicating negation of destination groups. Default is false.
direction String: The traffic direction for the rule. Must be one of: IN, OUT or IN_OUT. Default is IN_OUT.
disabled Boolean: A boolean value to indicate the rule is disabled. Default is false.
displayName String: Display name of the resource.
idsProfiles List<String>: Set of IDS profile paths for this rule. These profiles define the intrusion detection signatures to be applied.
ipVersion String: The IP Protocol for the rule. Must be one of: IPV4, IPV6 or IPV4_IPV6. Default is IPV4_IPV6.
logLabel String: Additional information (string) which will be propagated to the rule syslog for this rule.
logged Boolean: A boolean flag to enable packet logging. Default is false.
notes String: Text for additional notes on changes for this rule.
nsxId String: The NSX ID of this resource. If set, this ID will be used to create the resource.
path String: The NSX path of the policy resource.
policyIntrusionServiceGatewayPolicyRuleId String: ID of the resource.
policyPath String: Path of the Intrusion Service Gateway Policy this rule belongs to.
revision Double: Indicates current revision number of the object as seen by NSX-T API server.
ruleId Double: Unique positive number that is assigned by the system and is useful for debugging.
scopes List<String>: Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
sequenceNumber Double: Sequence number to determine the order of rule processing within the parent policy.
services List<String>: Set of service paths to match for this rule. An empty set can be used to specify ANY. Default is ANY.
sourceGroups List<String>: Set of group paths that serve as the source for this rule. An empty set can be used to specify ANY. Default is ANY.
sourcesExcluded Boolean: A boolean value indicating negation of source groups. Default is false.
tags List<PolicyIntrusionServiceGatewayPolicyRuleTag>: A list of scope + tag pairs to associate with this rule.

action string: Rule action for intrusion detection/prevention. One of DETECT or DETECT_PREVENT. Default is DETECT.
description string: Description of the resource.
destinationGroups string[]: Set of group paths that serve as the destination for this rule. An empty set can be used to specify ANY. Default is ANY.
destinationsExcluded boolean: A boolean value indicating negation of destination groups. Default is false.
direction string: The traffic direction for the rule. Must be one of: IN, OUT or IN_OUT. Default is IN_OUT.
disabled boolean: A boolean value to indicate the rule is disabled. Default is false.
displayName string: Display name of the resource.
idsProfiles string[]: Set of IDS profile paths for this rule. These profiles define the intrusion detection signatures to be applied.
ipVersion string: The IP Protocol for the rule. Must be one of: IPV4, IPV6 or IPV4_IPV6. Default is IPV4_IPV6.
logLabel string: Additional information (string) which will be propagated to the rule syslog for this rule.
logged boolean: A boolean flag to enable packet logging. Default is false.
notes string: Text for additional notes on changes for this rule.
nsxId string: The NSX ID of this resource. If set, this ID will be used to create the resource.
path string: The NSX path of the policy resource.
policyIntrusionServiceGatewayPolicyRuleId string: ID of the resource.
policyPath string: Path of the Intrusion Service Gateway Policy this rule belongs to.
revision number: Indicates current revision number of the object as seen by NSX-T API server.
ruleId number: Unique positive number that is assigned by the system and is useful for debugging.
scopes string[]: Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
sequenceNumber number: Sequence number to determine the order of rule processing within the parent policy.
services string[]: Set of service paths to match for this rule. An empty set can be used to specify ANY. Default is ANY.
sourceGroups string[]: Set of group paths that serve as the source for this rule. An empty set can be used to specify ANY. Default is ANY.
sourcesExcluded boolean: A boolean value indicating negation of source groups. Default is false.
tags PolicyIntrusionServiceGatewayPolicyRuleTag[]: A list of scope + tag pairs to associate with this rule.

action str: Rule action for intrusion detection/prevention. One of DETECT or DETECT_PREVENT. Default is DETECT.
description str: Description of the resource.
destination_groups Sequence[str]: Set of group paths that serve as the destination for this rule. An empty set can be used to specify ANY. Default is ANY.
destinations_excluded bool: A boolean value indicating negation of destination groups. Default is false.
direction str: The traffic direction for the rule. Must be one of: IN, OUT or IN_OUT. Default is IN_OUT.
disabled bool: A boolean value to indicate the rule is disabled. Default is false.
display_name str: Display name of the resource.
ids_profiles Sequence[str]: Set of IDS profile paths for this rule. These profiles define the intrusion detection signatures to be applied.
ip_version str: The IP Protocol for the rule. Must be one of: IPV4, IPV6 or IPV4_IPV6. Default is IPV4_IPV6.
log_label str: Additional information (string) which will be propagated to the rule syslog for this rule.
logged bool: A boolean flag to enable packet logging. Default is false.
notes str: Text for additional notes on changes for this rule.
nsx_id str: The NSX ID of this resource. If set, this ID will be used to create the resource.
path str: The NSX path of the policy resource.
policy_intrusion_service_gateway_policy_rule_id str: ID of the resource.
policy_path str: Path of the Intrusion Service Gateway Policy this rule belongs to.
revision float: Indicates current revision number of the object as seen by NSX-T API server.
rule_id float: Unique positive number that is assigned by the system and is useful for debugging.
scopes Sequence[str]: Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
sequence_number float: Sequence number to determine the order of rule processing within the parent policy.
services Sequence[str]: Set of service paths to match for this rule. An empty set can be used to specify ANY. Default is ANY.
source_groups Sequence[str]: Set of group paths that serve as the source for this rule. An empty set can be used to specify ANY. Default is ANY.
sources_excluded bool: A boolean value indicating negation of source groups. Default is false.
tags Sequence[PolicyIntrusionServiceGatewayPolicyRuleTagArgs]: A list of scope + tag pairs to associate with this rule.

action String: Rule action for intrusion detection/prevention. One of DETECT or DETECT_PREVENT. Default is DETECT.
description String: Description of the resource.
destinationGroups List<String>: Set of group paths that serve as the destination for this rule. An empty set can be used to specify ANY. Default is ANY.
destinationsExcluded Boolean: A boolean value indicating negation of destination groups. Default is false.
direction String: The traffic direction for the rule. Must be one of: IN, OUT or IN_OUT. Default is IN_OUT.
disabled Boolean: A boolean value to indicate the rule is disabled. Default is false.
displayName String: Display name of the resource.
idsProfiles List<String>: Set of IDS profile paths for this rule. These profiles define the intrusion detection signatures to be applied.
ipVersion String: The IP Protocol for the rule. Must be one of: IPV4, IPV6 or IPV4_IPV6. Default is IPV4_IPV6.
logLabel String: Additional information (string) which will be propagated to the rule syslog for this rule.
logged Boolean: A boolean flag to enable packet logging. Default is false.
notes String: Text for additional notes on changes for this rule.
nsxId String: The NSX ID of this resource. If set, this ID will be used to create the resource.
path String: The NSX path of the policy resource.
policyIntrusionServiceGatewayPolicyRuleId String: ID of the resource.
policyPath String: Path of the Intrusion Service Gateway Policy this rule belongs to.
revision Number: Indicates current revision number of the object as seen by NSX-T API server.
ruleId Number: Unique positive number that is assigned by the system and is useful for debugging.
scopes List<String>: Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
sequenceNumber Number: Sequence number to determine the order of rule processing within the parent policy.
services List<String>: Set of service paths to match for this rule. An empty set can be used to specify ANY. Default is ANY.
sourceGroups List<String>: Set of group paths that serve as the source for this rule. An empty set can be used to specify ANY. Default is ANY.
sourcesExcluded Boolean: A boolean value indicating negation of source groups. Default is false.
tags List<Property Map>: A list of scope + tag pairs to associate with this rule.

Supporting Types

PolicyIntrusionServiceGatewayPolicyRuleTag, PolicyIntrusionServiceGatewayPolicyRuleTagArgs

Scope string: Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
Tag string: A list of scope + tag pairs to associate with this rule.

Scope string: Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
Tag string: A list of scope + tag pairs to associate with this rule.

scope string: Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
tag string: A list of scope + tag pairs to associate with this rule.

scope String: Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
tag String: A list of scope + tag pairs to associate with this rule.

scope string: Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
tag string: A list of scope + tag pairs to associate with this rule.

scope str: Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
tag str: A list of scope + tag pairs to associate with this rule.

scope String: Set of policy paths where the rule is applied. These should be Tier-0 or Tier-1 gateway paths for North-South traffic inspection.
tag String: A list of scope + tag pairs to associate with this rule.

Package Details

Repository: nsxt vmware/terraform-provider-nsxt
License
Notes: This Pulumi package is based on the nsxt Terraform Provider.

Viewing docs for nsxt 3.12.0
published on Monday, May 18, 2026 by vmware

Schema (JSON)

vmware/terraform-provider-nsxt

nsxt.PolicyIntrusionServiceGatewayPolicyRule

On this page

On this page

Create PolicyIntrusionServiceGatewayPolicyRule Resource

Constructor syntax

Parameters

Constructor example

PolicyIntrusionServiceGatewayPolicyRule Resource Properties

Inputs

Outputs

Look up Existing PolicyIntrusionServiceGatewayPolicyRule Resource

Supporting Types

PolicyIntrusionServiceGatewayPolicyRuleTag, PolicyIntrusionServiceGatewayPolicyRuleTagArgs

Package Details

On this page

On this page

Try Pulumi Cloud free.
Your team will thank you.

nsxt.PolicyIntrusionServiceGatewayPolicyRule

On this page

On this page

Create PolicyIntrusionServiceGatewayPolicyRule Resource

Constructor syntax

Parameters

Constructor example

PolicyIntrusionServiceGatewayPolicyRule Resource Properties

Inputs

Outputs

Look up Existing PolicyIntrusionServiceGatewayPolicyRule Resource

Supporting Types

PolicyIntrusionServiceGatewayPolicyRuleTag, PolicyIntrusionServiceGatewayPolicyRuleTagArgs

Package Details

On this page

On this page

Try Pulumi Cloud free.Your team will thank you.

Try Pulumi Cloud free.
Your team will thank you.