Docs Home
nsxt 3.8.0 published on Monday, Apr 14, 2025 by vmware
nsxt.PolicyIntrusionServicePolicy
Explore with Pulumi AI
Create PolicyIntrusionServicePolicy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new PolicyIntrusionServicePolicy(name: string, args: PolicyIntrusionServicePolicyArgs, opts?: CustomResourceOptions);@overload
def PolicyIntrusionServicePolicy(resource_name: str,
args: PolicyIntrusionServicePolicyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def PolicyIntrusionServicePolicy(resource_name: str,
opts: Optional[ResourceOptions] = None,
display_name: Optional[str] = None,
comments: Optional[str] = None,
context: Optional[PolicyIntrusionServicePolicyContextArgs] = None,
description: Optional[str] = None,
domain: Optional[str] = None,
locked: Optional[bool] = None,
nsx_id: Optional[str] = None,
policy_intrusion_service_policy_id: Optional[str] = None,
rules: Optional[Sequence[PolicyIntrusionServicePolicyRuleArgs]] = None,
sequence_number: Optional[float] = None,
stateful: Optional[bool] = None,
tags: Optional[Sequence[PolicyIntrusionServicePolicyTagArgs]] = None)func NewPolicyIntrusionServicePolicy(ctx *Context, name string, args PolicyIntrusionServicePolicyArgs, opts ...ResourceOption) (*PolicyIntrusionServicePolicy, error)public PolicyIntrusionServicePolicy(string name, PolicyIntrusionServicePolicyArgs args, CustomResourceOptions? opts = null)
public PolicyIntrusionServicePolicy(String name, PolicyIntrusionServicePolicyArgs args)
public PolicyIntrusionServicePolicy(String name, PolicyIntrusionServicePolicyArgs args, CustomResourceOptions options)
type: nsxt:PolicyIntrusionServicePolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args PolicyIntrusionServicePolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args PolicyIntrusionServicePolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args PolicyIntrusionServicePolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args PolicyIntrusionServicePolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args PolicyIntrusionServicePolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var policyIntrusionServicePolicyResource = new Nsxt.PolicyIntrusionServicePolicy("policyIntrusionServicePolicyResource", new()
{
DisplayName = "string",
Comments = "string",
Context = new Nsxt.Inputs.PolicyIntrusionServicePolicyContextArgs
{
ProjectId = "string",
},
Description = "string",
Domain = "string",
Locked = false,
NsxId = "string",
PolicyIntrusionServicePolicyId = "string",
Rules = new[]
{
new Nsxt.Inputs.PolicyIntrusionServicePolicyRuleArgs
{
DisplayName = "string",
IdsProfiles = new[]
{
"string",
},
Logged = false,
Path = "string",
Direction = "string",
Disabled = false,
DestinationGroups = new[]
{
"string",
},
Description = "string",
IpVersion = "string",
LogLabel = "string",
Action = "string",
Notes = "string",
NsxId = "string",
DestinationsExcluded = false,
Profiles = new[]
{
"string",
},
Revision = 0,
RuleId = 0,
Scopes = new[]
{
"string",
},
SequenceNumber = 0,
Services = new[]
{
"string",
},
SourceGroups = new[]
{
"string",
},
SourcesExcluded = false,
Tags = new[]
{
new Nsxt.Inputs.PolicyIntrusionServicePolicyRuleTagArgs
{
Scope = "string",
Tag = "string",
},
},
},
},
SequenceNumber = 0,
Stateful = false,
Tags = new[]
{
new Nsxt.Inputs.PolicyIntrusionServicePolicyTagArgs
{
Scope = "string",
Tag = "string",
},
},
});
example, err := nsxt.NewPolicyIntrusionServicePolicy(ctx, "policyIntrusionServicePolicyResource", &nsxt.PolicyIntrusionServicePolicyArgs{
DisplayName: pulumi.String("string"),
Comments: pulumi.String("string"),
Context: &nsxt.PolicyIntrusionServicePolicyContextArgs{
ProjectId: pulumi.String("string"),
},
Description: pulumi.String("string"),
Domain: pulumi.String("string"),
Locked: pulumi.Bool(false),
NsxId: pulumi.String("string"),
PolicyIntrusionServicePolicyId: pulumi.String("string"),
Rules: nsxt.PolicyIntrusionServicePolicyRuleArray{
&nsxt.PolicyIntrusionServicePolicyRuleArgs{
DisplayName: pulumi.String("string"),
IdsProfiles: pulumi.StringArray{
pulumi.String("string"),
},
Logged: pulumi.Bool(false),
Path: pulumi.String("string"),
Direction: pulumi.String("string"),
Disabled: pulumi.Bool(false),
DestinationGroups: pulumi.StringArray{
pulumi.String("string"),
},
Description: pulumi.String("string"),
IpVersion: pulumi.String("string"),
LogLabel: pulumi.String("string"),
Action: pulumi.String("string"),
Notes: pulumi.String("string"),
NsxId: pulumi.String("string"),
DestinationsExcluded: pulumi.Bool(false),
Profiles: pulumi.StringArray{
pulumi.String("string"),
},
Revision: pulumi.Float64(0),
RuleId: pulumi.Float64(0),
Scopes: pulumi.StringArray{
pulumi.String("string"),
},
SequenceNumber: pulumi.Float64(0),
Services: pulumi.StringArray{
pulumi.String("string"),
},
SourceGroups: pulumi.StringArray{
pulumi.String("string"),
},
SourcesExcluded: pulumi.Bool(false),
Tags: nsxt.PolicyIntrusionServicePolicyRuleTagArray{
&nsxt.PolicyIntrusionServicePolicyRuleTagArgs{
Scope: pulumi.String("string"),
Tag: pulumi.String("string"),
},
},
},
},
SequenceNumber: pulumi.Float64(0),
Stateful: pulumi.Bool(false),
Tags: nsxt.PolicyIntrusionServicePolicyTagArray{
&nsxt.PolicyIntrusionServicePolicyTagArgs{
Scope: pulumi.String("string"),
Tag: pulumi.String("string"),
},
},
})
var policyIntrusionServicePolicyResource = new PolicyIntrusionServicePolicy("policyIntrusionServicePolicyResource", PolicyIntrusionServicePolicyArgs.builder()
.displayName("string")
.comments("string")
.context(PolicyIntrusionServicePolicyContextArgs.builder()
.projectId("string")
.build())
.description("string")
.domain("string")
.locked(false)
.nsxId("string")
.policyIntrusionServicePolicyId("string")
.rules(PolicyIntrusionServicePolicyRuleArgs.builder()
.displayName("string")
.idsProfiles("string")
.logged(false)
.path("string")
.direction("string")
.disabled(false)
.destinationGroups("string")
.description("string")
.ipVersion("string")
.logLabel("string")
.action("string")
.notes("string")
.nsxId("string")
.destinationsExcluded(false)
.profiles("string")
.revision(0)
.ruleId(0)
.scopes("string")
.sequenceNumber(0)
.services("string")
.sourceGroups("string")
.sourcesExcluded(false)
.tags(PolicyIntrusionServicePolicyRuleTagArgs.builder()
.scope("string")
.tag("string")
.build())
.build())
.sequenceNumber(0)
.stateful(false)
.tags(PolicyIntrusionServicePolicyTagArgs.builder()
.scope("string")
.tag("string")
.build())
.build());
policy_intrusion_service_policy_resource = nsxt.PolicyIntrusionServicePolicy("policyIntrusionServicePolicyResource",
display_name="string",
comments="string",
context={
"project_id": "string",
},
description="string",
domain="string",
locked=False,
nsx_id="string",
policy_intrusion_service_policy_id="string",
rules=[{
"display_name": "string",
"ids_profiles": ["string"],
"logged": False,
"path": "string",
"direction": "string",
"disabled": False,
"destination_groups": ["string"],
"description": "string",
"ip_version": "string",
"log_label": "string",
"action": "string",
"notes": "string",
"nsx_id": "string",
"destinations_excluded": False,
"profiles": ["string"],
"revision": 0,
"rule_id": 0,
"scopes": ["string"],
"sequence_number": 0,
"services": ["string"],
"source_groups": ["string"],
"sources_excluded": False,
"tags": [{
"scope": "string",
"tag": "string",
}],
}],
sequence_number=0,
stateful=False,
tags=[{
"scope": "string",
"tag": "string",
}])
const policyIntrusionServicePolicyResource = new nsxt.PolicyIntrusionServicePolicy("policyIntrusionServicePolicyResource", {
displayName: "string",
comments: "string",
context: {
projectId: "string",
},
description: "string",
domain: "string",
locked: false,
nsxId: "string",
policyIntrusionServicePolicyId: "string",
rules: [{
displayName: "string",
idsProfiles: ["string"],
logged: false,
path: "string",
direction: "string",
disabled: false,
destinationGroups: ["string"],
description: "string",
ipVersion: "string",
logLabel: "string",
action: "string",
notes: "string",
nsxId: "string",
destinationsExcluded: false,
profiles: ["string"],
revision: 0,
ruleId: 0,
scopes: ["string"],
sequenceNumber: 0,
services: ["string"],
sourceGroups: ["string"],
sourcesExcluded: false,
tags: [{
scope: "string",
tag: "string",
}],
}],
sequenceNumber: 0,
stateful: false,
tags: [{
scope: "string",
tag: "string",
}],
});
type: nsxt:PolicyIntrusionServicePolicy
properties:
comments: string
context:
projectId: string
description: string
displayName: string
domain: string
locked: false
nsxId: string
policyIntrusionServicePolicyId: string
rules:
- action: string
description: string
destinationGroups:
- string
destinationsExcluded: false
direction: string
disabled: false
displayName: string
idsProfiles:
- string
ipVersion: string
logLabel: string
logged: false
notes: string
nsxId: string
path: string
profiles:
- string
revision: 0
ruleId: 0
scopes:
- string
sequenceNumber: 0
services:
- string
sourceGroups:
- string
sourcesExcluded: false
tags:
- scope: string
tag: string
sequenceNumber: 0
stateful: false
tags:
- scope: string
tag: string
PolicyIntrusionServicePolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The PolicyIntrusionServicePolicy resource accepts the following input properties:
- Display
Name string - Display name of the resource.
- Comments string
- Comments for IDS policy lock/unlock.
- Context
Policy
Intrusion Service Policy Context - The context which the object belongs to
- Description string
- Description of the resource.
- Domain string
- The domain to use for the resource. This domain must already exist. For VMware Cloud on AWS use
cgw. If not specified, this field is default todefault. - Locked bool
- Indicates whether the policy should be locked. If locked by a user, no other user would be able to modify this policy.
- Nsx
Id string - The NSX ID of this resource. If set, this ID will be used to create the resource.
- Policy
Intrusion stringService Policy Id - ID of the IDS Policy.
- Rules
List<Policy
Intrusion Service Policy Rule> - A repeatable block to specify rules for the Policy. Each rule includes the following fields:
- Sequence
Number double - This field is used to resolve conflicts between IDS policies across domains.
- Stateful bool
- If true, state of the network connects are tracked and a stateful packet inspection is performed. Default is true.
-
List<Policy
Intrusion Service Policy Tag> - A list of scope + tag pairs to associate with this policy.
- Display
Name string - Display name of the resource.
- Comments string
- Comments for IDS policy lock/unlock.
- Context
Policy
Intrusion Service Policy Context Args - The context which the object belongs to
- Description string
- Description of the resource.
- Domain string
- The domain to use for the resource. This domain must already exist. For VMware Cloud on AWS use
cgw. If not specified, this field is default todefault. - Locked bool
- Indicates whether the policy should be locked. If locked by a user, no other user would be able to modify this policy.
- Nsx
Id string - The NSX ID of this resource. If set, this ID will be used to create the resource.
- Policy
Intrusion stringService Policy Id - ID of the IDS Policy.
- Rules
[]Policy
Intrusion Service Policy Rule Args - A repeatable block to specify rules for the Policy. Each rule includes the following fields:
- Sequence
Number float64 - This field is used to resolve conflicts between IDS policies across domains.
- Stateful bool
- If true, state of the network connects are tracked and a stateful packet inspection is performed. Default is true.
-
[]Policy
Intrusion Service Policy Tag Args - A list of scope + tag pairs to associate with this policy.
- display
Name String - Display name of the resource.
- comments String
- Comments for IDS policy lock/unlock.
- context
Policy
Intrusion Service Policy Context - The context which the object belongs to
- description String
- Description of the resource.
- domain String
- The domain to use for the resource. This domain must already exist. For VMware Cloud on AWS use
cgw. If not specified, this field is default todefault. - locked Boolean
- Indicates whether the policy should be locked. If locked by a user, no other user would be able to modify this policy.
- nsx
Id String - The NSX ID of this resource. If set, this ID will be used to create the resource.
- policy
Intrusion StringService Policy Id - ID of the IDS Policy.
- rules
List<Policy
Intrusion Service Policy Rule> - A repeatable block to specify rules for the Policy. Each rule includes the following fields:
- sequence
Number Double - This field is used to resolve conflicts between IDS policies across domains.
- stateful Boolean
- If true, state of the network connects are tracked and a stateful packet inspection is performed. Default is true.
-
List<Policy
Intrusion Service Policy Tag> - A list of scope + tag pairs to associate with this policy.
- display
Name string - Display name of the resource.
- comments string
- Comments for IDS policy lock/unlock.
- context
Policy
Intrusion Service Policy Context - The context which the object belongs to
- description string
- Description of the resource.
- domain string
- The domain to use for the resource. This domain must already exist. For VMware Cloud on AWS use
cgw. If not specified, this field is default todefault. - locked boolean
- Indicates whether the policy should be locked. If locked by a user, no other user would be able to modify this policy.
- nsx
Id string - The NSX ID of this resource. If set, this ID will be used to create the resource.
- policy
Intrusion stringService Policy Id - ID of the IDS Policy.
- rules
Policy
Intrusion Service Policy Rule[] - A repeatable block to specify rules for the Policy. Each rule includes the following fields:
- sequence
Number number - This field is used to resolve conflicts between IDS policies across domains.
- stateful boolean
- If true, state of the network connects are tracked and a stateful packet inspection is performed. Default is true.
-
Policy
Intrusion Service Policy Tag[] - A list of scope + tag pairs to associate with this policy.
- display_
name str - Display name of the resource.
- comments str
- Comments for IDS policy lock/unlock.
- context
Policy
Intrusion Service Policy Context Args - The context which the object belongs to
- description str
- Description of the resource.
- domain str
- The domain to use for the resource. This domain must already exist. For VMware Cloud on AWS use
cgw. If not specified, this field is default todefault. - locked bool
- Indicates whether the policy should be locked. If locked by a user, no other user would be able to modify this policy.
- nsx_
id str - The NSX ID of this resource. If set, this ID will be used to create the resource.
- policy_
intrusion_ strservice_ policy_ id - ID of the IDS Policy.
- rules
Sequence[Policy
Intrusion Service Policy Rule Args] - A repeatable block to specify rules for the Policy. Each rule includes the following fields:
- sequence_
number float - This field is used to resolve conflicts between IDS policies across domains.
- stateful bool
- If true, state of the network connects are tracked and a stateful packet inspection is performed. Default is true.
-
Sequence[Policy
Intrusion Service Policy Tag Args] - A list of scope + tag pairs to associate with this policy.
- display
Name String - Display name of the resource.
- comments String
- Comments for IDS policy lock/unlock.
- context Property Map
- The context which the object belongs to
- description String
- Description of the resource.
- domain String
- The domain to use for the resource. This domain must already exist. For VMware Cloud on AWS use
cgw. If not specified, this field is default todefault. - locked Boolean
- Indicates whether the policy should be locked. If locked by a user, no other user would be able to modify this policy.
- nsx
Id String - The NSX ID of this resource. If set, this ID will be used to create the resource.
- policy
Intrusion StringService Policy Id - ID of the IDS Policy.
- rules List<Property Map>
- A repeatable block to specify rules for the Policy. Each rule includes the following fields:
- sequence
Number Number - This field is used to resolve conflicts between IDS policies across domains.
- stateful Boolean
- If true, state of the network connects are tracked and a stateful packet inspection is performed. Default is true.
- List<Property Map>
- A list of scope + tag pairs to associate with this policy.
Outputs
All input properties are implicitly available as output properties. Additionally, the PolicyIntrusionServicePolicy resource produces the following output properties:
Look up Existing PolicyIntrusionServicePolicy Resource
Get an existing PolicyIntrusionServicePolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: PolicyIntrusionServicePolicyState, opts?: CustomResourceOptions): PolicyIntrusionServicePolicy@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
comments: Optional[str] = None,
context: Optional[PolicyIntrusionServicePolicyContextArgs] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
domain: Optional[str] = None,
locked: Optional[bool] = None,
nsx_id: Optional[str] = None,
path: Optional[str] = None,
policy_intrusion_service_policy_id: Optional[str] = None,
revision: Optional[float] = None,
rules: Optional[Sequence[PolicyIntrusionServicePolicyRuleArgs]] = None,
sequence_number: Optional[float] = None,
stateful: Optional[bool] = None,
tags: Optional[Sequence[PolicyIntrusionServicePolicyTagArgs]] = None) -> PolicyIntrusionServicePolicyfunc GetPolicyIntrusionServicePolicy(ctx *Context, name string, id IDInput, state *PolicyIntrusionServicePolicyState, opts ...ResourceOption) (*PolicyIntrusionServicePolicy, error)public static PolicyIntrusionServicePolicy Get(string name, Input<string> id, PolicyIntrusionServicePolicyState? state, CustomResourceOptions? opts = null)public static PolicyIntrusionServicePolicy get(String name, Output<String> id, PolicyIntrusionServicePolicyState state, CustomResourceOptions options)resources: _: type: nsxt:PolicyIntrusionServicePolicy get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Comments string
- Comments for IDS policy lock/unlock.
- Context
Policy
Intrusion Service Policy Context - The context which the object belongs to
- Description string
- Description of the resource.
- Display
Name string - Display name of the resource.
- Domain string
- The domain to use for the resource. This domain must already exist. For VMware Cloud on AWS use
cgw. If not specified, this field is default todefault. - Locked bool
- Indicates whether the policy should be locked. If locked by a user, no other user would be able to modify this policy.
- Nsx
Id string - The NSX ID of this resource. If set, this ID will be used to create the resource.
- Path string
- The NSX policy path for this rule.
- Policy
Intrusion stringService Policy Id - ID of the IDS Policy.
- Revision double
- Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
- Rules
List<Policy
Intrusion Service Policy Rule> - A repeatable block to specify rules for the Policy. Each rule includes the following fields:
- Sequence
Number double - This field is used to resolve conflicts between IDS policies across domains.
- Stateful bool
- If true, state of the network connects are tracked and a stateful packet inspection is performed. Default is true.
-
List<Policy
Intrusion Service Policy Tag> - A list of scope + tag pairs to associate with this policy.
- Comments string
- Comments for IDS policy lock/unlock.
- Context
Policy
Intrusion Service Policy Context Args - The context which the object belongs to
- Description string
- Description of the resource.
- Display
Name string - Display name of the resource.
- Domain string
- The domain to use for the resource. This domain must already exist. For VMware Cloud on AWS use
cgw. If not specified, this field is default todefault. - Locked bool
- Indicates whether the policy should be locked. If locked by a user, no other user would be able to modify this policy.
- Nsx
Id string - The NSX ID of this resource. If set, this ID will be used to create the resource.
- Path string
- The NSX policy path for this rule.
- Policy
Intrusion stringService Policy Id - ID of the IDS Policy.
- Revision float64
- Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
- Rules
[]Policy
Intrusion Service Policy Rule Args - A repeatable block to specify rules for the Policy. Each rule includes the following fields:
- Sequence
Number float64 - This field is used to resolve conflicts between IDS policies across domains.
- Stateful bool
- If true, state of the network connects are tracked and a stateful packet inspection is performed. Default is true.
-
[]Policy
Intrusion Service Policy Tag Args - A list of scope + tag pairs to associate with this policy.
- comments String
- Comments for IDS policy lock/unlock.
- context
Policy
Intrusion Service Policy Context - The context which the object belongs to
- description String
- Description of the resource.
- display
Name String - Display name of the resource.
- domain String
- The domain to use for the resource. This domain must already exist. For VMware Cloud on AWS use
cgw. If not specified, this field is default todefault. - locked Boolean
- Indicates whether the policy should be locked. If locked by a user, no other user would be able to modify this policy.
- nsx
Id String - The NSX ID of this resource. If set, this ID will be used to create the resource.
- path String
- The NSX policy path for this rule.
- policy
Intrusion StringService Policy Id - ID of the IDS Policy.
- revision Double
- Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
- rules
List<Policy
Intrusion Service Policy Rule> - A repeatable block to specify rules for the Policy. Each rule includes the following fields:
- sequence
Number Double - This field is used to resolve conflicts between IDS policies across domains.
- stateful Boolean
- If true, state of the network connects are tracked and a stateful packet inspection is performed. Default is true.
-
List<Policy
Intrusion Service Policy Tag> - A list of scope + tag pairs to associate with this policy.
- comments string
- Comments for IDS policy lock/unlock.
- context
Policy
Intrusion Service Policy Context - The context which the object belongs to
- description string
- Description of the resource.
- display
Name string - Display name of the resource.
- domain string
- The domain to use for the resource. This domain must already exist. For VMware Cloud on AWS use
cgw. If not specified, this field is default todefault. - locked boolean
- Indicates whether the policy should be locked. If locked by a user, no other user would be able to modify this policy.
- nsx
Id string - The NSX ID of this resource. If set, this ID will be used to create the resource.
- path string
- The NSX policy path for this rule.
- policy
Intrusion stringService Policy Id - ID of the IDS Policy.
- revision number
- Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
- rules
Policy
Intrusion Service Policy Rule[] - A repeatable block to specify rules for the Policy. Each rule includes the following fields:
- sequence
Number number - This field is used to resolve conflicts between IDS policies across domains.
- stateful boolean
- If true, state of the network connects are tracked and a stateful packet inspection is performed. Default is true.
-
Policy
Intrusion Service Policy Tag[] - A list of scope + tag pairs to associate with this policy.
- comments str
- Comments for IDS policy lock/unlock.
- context
Policy
Intrusion Service Policy Context Args - The context which the object belongs to
- description str
- Description of the resource.
- display_
name str - Display name of the resource.
- domain str
- The domain to use for the resource. This domain must already exist. For VMware Cloud on AWS use
cgw. If not specified, this field is default todefault. - locked bool
- Indicates whether the policy should be locked. If locked by a user, no other user would be able to modify this policy.
- nsx_
id str - The NSX ID of this resource. If set, this ID will be used to create the resource.
- path str
- The NSX policy path for this rule.
- policy_
intrusion_ strservice_ policy_ id - ID of the IDS Policy.
- revision float
- Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
- rules
Sequence[Policy
Intrusion Service Policy Rule Args] - A repeatable block to specify rules for the Policy. Each rule includes the following fields:
- sequence_
number float - This field is used to resolve conflicts between IDS policies across domains.
- stateful bool
- If true, state of the network connects are tracked and a stateful packet inspection is performed. Default is true.
-
Sequence[Policy
Intrusion Service Policy Tag Args] - A list of scope + tag pairs to associate with this policy.
- comments String
- Comments for IDS policy lock/unlock.
- context Property Map
- The context which the object belongs to
- description String
- Description of the resource.
- display
Name String - Display name of the resource.
- domain String
- The domain to use for the resource. This domain must already exist. For VMware Cloud on AWS use
cgw. If not specified, this field is default todefault. - locked Boolean
- Indicates whether the policy should be locked. If locked by a user, no other user would be able to modify this policy.
- nsx
Id String - The NSX ID of this resource. If set, this ID will be used to create the resource.
- path String
- The NSX policy path for this rule.
- policy
Intrusion StringService Policy Id - ID of the IDS Policy.
- revision Number
- Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
- rules List<Property Map>
- A repeatable block to specify rules for the Policy. Each rule includes the following fields:
- sequence
Number Number - This field is used to resolve conflicts between IDS policies across domains.
- stateful Boolean
- If true, state of the network connects are tracked and a stateful packet inspection is performed. Default is true.
- List<Property Map>
- A list of scope + tag pairs to associate with this policy.
Supporting Types
PolicyIntrusionServicePolicyContext, PolicyIntrusionServicePolicyContextArgs
- Project
Id string - The ID of the project which the object belongs to
- Project
Id string - The ID of the project which the object belongs to
- project
Id String - The ID of the project which the object belongs to
- project
Id string - The ID of the project which the object belongs to
- project_
id str - The ID of the project which the object belongs to
- project
Id String - The ID of the project which the object belongs to
PolicyIntrusionServicePolicyRule, PolicyIntrusionServicePolicyRuleArgs
- Display
Name string - Display name of the resource.
- Ids
Profiles List<string> - Set of IDS profile paths relevant for this rule.
- Action string
- Rule action, one of
DETECT,DETECT_PREVENT. Default isDETECT. - Description string
- Description of the resource.
- Destination
Groups List<string> - Set of group paths that serve as destination for this rule.
- Destinations
Excluded bool - A boolean value indicating negation of destination groups.
- Direction string
- Traffic direction, one of
IN,OUTorIN_OUT. Default isIN_OUT. - Disabled bool
- Flag to disable this rule. Default is false.
- Ip
Version string - Version of IP protocol, one of
IPV4,IPV6,IPV4_IPV6. Default isIPV4_IPV6. - Log
Label string - Additional information (string) which will be propagated to the rule syslog.
- Logged bool
- Flag to enable packet logging. Default is false.
- Notes string
- Additional notes on changes.
- Nsx
Id string - The NSX ID of this resource. If set, this ID will be used to create the resource.
- Path string
- The NSX policy path for this rule.
- Profiles List<string>
- List of profiles
- Revision double
- Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
- Rule
Id double - Unique positive number that is assigned by the system and is useful for debugging.
- Scopes List<string>
- Set of policy object paths where the rule is applied.
- Sequence
Number double - This field is used to resolve conflicts between IDS policies across domains.
- Services List<string>
- Set of service paths to match.
- Source
Groups List<string> - Set of group paths that serve as source for this rule.
- Sources
Excluded bool - A boolean value indicating negation of source groups.
-
List<Policy
Intrusion Service Policy Rule Tag> - A list of scope + tag pairs to associate with this Rule.
- Display
Name string - Display name of the resource.
- Ids
Profiles []string - Set of IDS profile paths relevant for this rule.
- Action string
- Rule action, one of
DETECT,DETECT_PREVENT. Default isDETECT. - Description string
- Description of the resource.
- Destination
Groups []string - Set of group paths that serve as destination for this rule.
- Destinations
Excluded bool - A boolean value indicating negation of destination groups.
- Direction string
- Traffic direction, one of
IN,OUTorIN_OUT. Default isIN_OUT. - Disabled bool
- Flag to disable this rule. Default is false.
- Ip
Version string - Version of IP protocol, one of
IPV4,IPV6,IPV4_IPV6. Default isIPV4_IPV6. - Log
Label string - Additional information (string) which will be propagated to the rule syslog.
- Logged bool
- Flag to enable packet logging. Default is false.
- Notes string
- Additional notes on changes.
- Nsx
Id string - The NSX ID of this resource. If set, this ID will be used to create the resource.
- Path string
- The NSX policy path for this rule.
- Profiles []string
- List of profiles
- Revision float64
- Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
- Rule
Id float64 - Unique positive number that is assigned by the system and is useful for debugging.
- Scopes []string
- Set of policy object paths where the rule is applied.
- Sequence
Number float64 - This field is used to resolve conflicts between IDS policies across domains.
- Services []string
- Set of service paths to match.
- Source
Groups []string - Set of group paths that serve as source for this rule.
- Sources
Excluded bool - A boolean value indicating negation of source groups.
-
[]Policy
Intrusion Service Policy Rule Tag - A list of scope + tag pairs to associate with this Rule.
- display
Name String - Display name of the resource.
- ids
Profiles List<String> - Set of IDS profile paths relevant for this rule.
- action String
- Rule action, one of
DETECT,DETECT_PREVENT. Default isDETECT. - description String
- Description of the resource.
- destination
Groups List<String> - Set of group paths that serve as destination for this rule.
- destinations
Excluded Boolean - A boolean value indicating negation of destination groups.
- direction String
- Traffic direction, one of
IN,OUTorIN_OUT. Default isIN_OUT. - disabled Boolean
- Flag to disable this rule. Default is false.
- ip
Version String - Version of IP protocol, one of
IPV4,IPV6,IPV4_IPV6. Default isIPV4_IPV6. - log
Label String - Additional information (string) which will be propagated to the rule syslog.
- logged Boolean
- Flag to enable packet logging. Default is false.
- notes String
- Additional notes on changes.
- nsx
Id String - The NSX ID of this resource. If set, this ID will be used to create the resource.
- path String
- The NSX policy path for this rule.
- profiles List<String>
- List of profiles
- revision Double
- Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
- rule
Id Double - Unique positive number that is assigned by the system and is useful for debugging.
- scopes List<String>
- Set of policy object paths where the rule is applied.
- sequence
Number Double - This field is used to resolve conflicts between IDS policies across domains.
- services List<String>
- Set of service paths to match.
- source
Groups List<String> - Set of group paths that serve as source for this rule.
- sources
Excluded Boolean - A boolean value indicating negation of source groups.
-
List<Policy
Intrusion Service Policy Rule Tag> - A list of scope + tag pairs to associate with this Rule.
- display
Name string - Display name of the resource.
- ids
Profiles string[] - Set of IDS profile paths relevant for this rule.
- action string
- Rule action, one of
DETECT,DETECT_PREVENT. Default isDETECT. - description string
- Description of the resource.
- destination
Groups string[] - Set of group paths that serve as destination for this rule.
- destinations
Excluded boolean - A boolean value indicating negation of destination groups.
- direction string
- Traffic direction, one of
IN,OUTorIN_OUT. Default isIN_OUT. - disabled boolean
- Flag to disable this rule. Default is false.
- ip
Version string - Version of IP protocol, one of
IPV4,IPV6,IPV4_IPV6. Default isIPV4_IPV6. - log
Label string - Additional information (string) which will be propagated to the rule syslog.
- logged boolean
- Flag to enable packet logging. Default is false.
- notes string
- Additional notes on changes.
- nsx
Id string - The NSX ID of this resource. If set, this ID will be used to create the resource.
- path string
- The NSX policy path for this rule.
- profiles string[]
- List of profiles
- revision number
- Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
- rule
Id number - Unique positive number that is assigned by the system and is useful for debugging.
- scopes string[]
- Set of policy object paths where the rule is applied.
- sequence
Number number - This field is used to resolve conflicts between IDS policies across domains.
- services string[]
- Set of service paths to match.
- source
Groups string[] - Set of group paths that serve as source for this rule.
- sources
Excluded boolean - A boolean value indicating negation of source groups.
-
Policy
Intrusion Service Policy Rule Tag[] - A list of scope + tag pairs to associate with this Rule.
- display_
name str - Display name of the resource.
- ids_
profiles Sequence[str] - Set of IDS profile paths relevant for this rule.
- action str
- Rule action, one of
DETECT,DETECT_PREVENT. Default isDETECT. - description str
- Description of the resource.
- destination_
groups Sequence[str] - Set of group paths that serve as destination for this rule.
- destinations_
excluded bool - A boolean value indicating negation of destination groups.
- direction str
- Traffic direction, one of
IN,OUTorIN_OUT. Default isIN_OUT. - disabled bool
- Flag to disable this rule. Default is false.
- ip_
version str - Version of IP protocol, one of
IPV4,IPV6,IPV4_IPV6. Default isIPV4_IPV6. - log_
label str - Additional information (string) which will be propagated to the rule syslog.
- logged bool
- Flag to enable packet logging. Default is false.
- notes str
- Additional notes on changes.
- nsx_
id str - The NSX ID of this resource. If set, this ID will be used to create the resource.
- path str
- The NSX policy path for this rule.
- profiles Sequence[str]
- List of profiles
- revision float
- Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
- rule_
id float - Unique positive number that is assigned by the system and is useful for debugging.
- scopes Sequence[str]
- Set of policy object paths where the rule is applied.
- sequence_
number float - This field is used to resolve conflicts between IDS policies across domains.
- services Sequence[str]
- Set of service paths to match.
- source_
groups Sequence[str] - Set of group paths that serve as source for this rule.
- sources_
excluded bool - A boolean value indicating negation of source groups.
-
Sequence[Policy
Intrusion Service Policy Rule Tag] - A list of scope + tag pairs to associate with this Rule.
- display
Name String - Display name of the resource.
- ids
Profiles List<String> - Set of IDS profile paths relevant for this rule.
- action String
- Rule action, one of
DETECT,DETECT_PREVENT. Default isDETECT. - description String
- Description of the resource.
- destination
Groups List<String> - Set of group paths that serve as destination for this rule.
- destinations
Excluded Boolean - A boolean value indicating negation of destination groups.
- direction String
- Traffic direction, one of
IN,OUTorIN_OUT. Default isIN_OUT. - disabled Boolean
- Flag to disable this rule. Default is false.
- ip
Version String - Version of IP protocol, one of
IPV4,IPV6,IPV4_IPV6. Default isIPV4_IPV6. - log
Label String - Additional information (string) which will be propagated to the rule syslog.
- logged Boolean
- Flag to enable packet logging. Default is false.
- notes String
- Additional notes on changes.
- nsx
Id String - The NSX ID of this resource. If set, this ID will be used to create the resource.
- path String
- The NSX policy path for this rule.
- profiles List<String>
- List of profiles
- revision Number
- Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
- rule
Id Number - Unique positive number that is assigned by the system and is useful for debugging.
- scopes List<String>
- Set of policy object paths where the rule is applied.
- sequence
Number Number - This field is used to resolve conflicts between IDS policies across domains.
- services List<String>
- Set of service paths to match.
- source
Groups List<String> - Set of group paths that serve as source for this rule.
- sources
Excluded Boolean - A boolean value indicating negation of source groups.
- List<Property Map>
- A list of scope + tag pairs to associate with this Rule.
PolicyIntrusionServicePolicyRuleTag, PolicyIntrusionServicePolicyRuleTagArgs
PolicyIntrusionServicePolicyTag, PolicyIntrusionServicePolicyTagArgs
Package Details
- Repository
- nsxt vmware/terraform-provider-nsxt
- License
- Notes
- This Pulumi package is based on the
nsxtTerraform Provider.