Docs Home
nsxt 3.8.0 published on Monday, Apr 14, 2025 by vmware
nsxt.VpcGroup
Explore with Pulumi AI
Create VpcGroup Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new VpcGroup(name: string, args: VpcGroupArgs, opts?: CustomResourceOptions);@overload
def VpcGroup(resource_name: str,
args: VpcGroupArgs,
opts: Optional[ResourceOptions] = None)
@overload
def VpcGroup(resource_name: str,
opts: Optional[ResourceOptions] = None,
display_name: Optional[str] = None,
conjunctions: Optional[Sequence[VpcGroupConjunctionArgs]] = None,
context: Optional[VpcGroupContextArgs] = None,
criterias: Optional[Sequence[VpcGroupCriteriaArgs]] = None,
description: Optional[str] = None,
extended_criteria: Optional[VpcGroupExtendedCriteriaArgs] = None,
group_type: Optional[str] = None,
nsx_id: Optional[str] = None,
tags: Optional[Sequence[VpcGroupTagArgs]] = None,
vpc_group_id: Optional[str] = None)func NewVpcGroup(ctx *Context, name string, args VpcGroupArgs, opts ...ResourceOption) (*VpcGroup, error)public VpcGroup(string name, VpcGroupArgs args, CustomResourceOptions? opts = null)
public VpcGroup(String name, VpcGroupArgs args)
public VpcGroup(String name, VpcGroupArgs args, CustomResourceOptions options)
type: nsxt:VpcGroup
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args VpcGroupArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args VpcGroupArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args VpcGroupArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args VpcGroupArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args VpcGroupArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var vpcGroupResource = new Nsxt.VpcGroup("vpcGroupResource", new()
{
DisplayName = "string",
Conjunctions = new[]
{
new Nsxt.Inputs.VpcGroupConjunctionArgs
{
Operator = "string",
},
},
Context = new Nsxt.Inputs.VpcGroupContextArgs
{
ProjectId = "string",
VpcId = "string",
},
Criterias = new[]
{
new Nsxt.Inputs.VpcGroupCriteriaArgs
{
Conditions = new[]
{
new Nsxt.Inputs.VpcGroupCriteriaConditionArgs
{
Key = "string",
MemberType = "string",
Operator = "string",
Value = "string",
},
},
ExternalIdExpressions = new[]
{
new Nsxt.Inputs.VpcGroupCriteriaExternalIdExpressionArgs
{
ExternalIds = new[]
{
"string",
},
MemberType = "string",
},
},
IpaddressExpression = new Nsxt.Inputs.VpcGroupCriteriaIpaddressExpressionArgs
{
IpAddresses = new[]
{
"string",
},
},
MacaddressExpression = new Nsxt.Inputs.VpcGroupCriteriaMacaddressExpressionArgs
{
MacAddresses = new[]
{
"string",
},
},
PathExpression = new Nsxt.Inputs.VpcGroupCriteriaPathExpressionArgs
{
MemberPaths = new[]
{
"string",
},
},
},
},
Description = "string",
ExtendedCriteria = new Nsxt.Inputs.VpcGroupExtendedCriteriaArgs
{
IdentityGroups = new[]
{
new Nsxt.Inputs.VpcGroupExtendedCriteriaIdentityGroupArgs
{
DistinguishedName = "string",
DomainBaseDistinguishedName = "string",
Sid = "string",
},
},
},
GroupType = "string",
NsxId = "string",
Tags = new[]
{
new Nsxt.Inputs.VpcGroupTagArgs
{
Scope = "string",
Tag = "string",
},
},
VpcGroupId = "string",
});
example, err := nsxt.NewVpcGroup(ctx, "vpcGroupResource", &nsxt.VpcGroupArgs{
DisplayName: pulumi.String("string"),
Conjunctions: nsxt.VpcGroupConjunctionArray{
&nsxt.VpcGroupConjunctionArgs{
Operator: pulumi.String("string"),
},
},
Context: &nsxt.VpcGroupContextArgs{
ProjectId: pulumi.String("string"),
VpcId: pulumi.String("string"),
},
Criterias: nsxt.VpcGroupCriteriaArray{
&nsxt.VpcGroupCriteriaArgs{
Conditions: nsxt.VpcGroupCriteriaConditionArray{
&nsxt.VpcGroupCriteriaConditionArgs{
Key: pulumi.String("string"),
MemberType: pulumi.String("string"),
Operator: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ExternalIdExpressions: nsxt.VpcGroupCriteriaExternalIdExpressionArray{
&nsxt.VpcGroupCriteriaExternalIdExpressionArgs{
ExternalIds: pulumi.StringArray{
pulumi.String("string"),
},
MemberType: pulumi.String("string"),
},
},
IpaddressExpression: &nsxt.VpcGroupCriteriaIpaddressExpressionArgs{
IpAddresses: pulumi.StringArray{
pulumi.String("string"),
},
},
MacaddressExpression: &nsxt.VpcGroupCriteriaMacaddressExpressionArgs{
MacAddresses: pulumi.StringArray{
pulumi.String("string"),
},
},
PathExpression: &nsxt.VpcGroupCriteriaPathExpressionArgs{
MemberPaths: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
Description: pulumi.String("string"),
ExtendedCriteria: &nsxt.VpcGroupExtendedCriteriaArgs{
IdentityGroups: nsxt.VpcGroupExtendedCriteriaIdentityGroupArray{
&nsxt.VpcGroupExtendedCriteriaIdentityGroupArgs{
DistinguishedName: pulumi.String("string"),
DomainBaseDistinguishedName: pulumi.String("string"),
Sid: pulumi.String("string"),
},
},
},
GroupType: pulumi.String("string"),
NsxId: pulumi.String("string"),
Tags: nsxt.VpcGroupTagArray{
&nsxt.VpcGroupTagArgs{
Scope: pulumi.String("string"),
Tag: pulumi.String("string"),
},
},
VpcGroupId: pulumi.String("string"),
})
var vpcGroupResource = new VpcGroup("vpcGroupResource", VpcGroupArgs.builder()
.displayName("string")
.conjunctions(VpcGroupConjunctionArgs.builder()
.operator("string")
.build())
.context(VpcGroupContextArgs.builder()
.projectId("string")
.vpcId("string")
.build())
.criterias(VpcGroupCriteriaArgs.builder()
.conditions(VpcGroupCriteriaConditionArgs.builder()
.key("string")
.memberType("string")
.operator("string")
.value("string")
.build())
.externalIdExpressions(VpcGroupCriteriaExternalIdExpressionArgs.builder()
.externalIds("string")
.memberType("string")
.build())
.ipaddressExpression(VpcGroupCriteriaIpaddressExpressionArgs.builder()
.ipAddresses("string")
.build())
.macaddressExpression(VpcGroupCriteriaMacaddressExpressionArgs.builder()
.macAddresses("string")
.build())
.pathExpression(VpcGroupCriteriaPathExpressionArgs.builder()
.memberPaths("string")
.build())
.build())
.description("string")
.extendedCriteria(VpcGroupExtendedCriteriaArgs.builder()
.identityGroups(VpcGroupExtendedCriteriaIdentityGroupArgs.builder()
.distinguishedName("string")
.domainBaseDistinguishedName("string")
.sid("string")
.build())
.build())
.groupType("string")
.nsxId("string")
.tags(VpcGroupTagArgs.builder()
.scope("string")
.tag("string")
.build())
.vpcGroupId("string")
.build());
vpc_group_resource = nsxt.VpcGroup("vpcGroupResource",
display_name="string",
conjunctions=[{
"operator": "string",
}],
context={
"project_id": "string",
"vpc_id": "string",
},
criterias=[{
"conditions": [{
"key": "string",
"member_type": "string",
"operator": "string",
"value": "string",
}],
"external_id_expressions": [{
"external_ids": ["string"],
"member_type": "string",
}],
"ipaddress_expression": {
"ip_addresses": ["string"],
},
"macaddress_expression": {
"mac_addresses": ["string"],
},
"path_expression": {
"member_paths": ["string"],
},
}],
description="string",
extended_criteria={
"identity_groups": [{
"distinguished_name": "string",
"domain_base_distinguished_name": "string",
"sid": "string",
}],
},
group_type="string",
nsx_id="string",
tags=[{
"scope": "string",
"tag": "string",
}],
vpc_group_id="string")
const vpcGroupResource = new nsxt.VpcGroup("vpcGroupResource", {
displayName: "string",
conjunctions: [{
operator: "string",
}],
context: {
projectId: "string",
vpcId: "string",
},
criterias: [{
conditions: [{
key: "string",
memberType: "string",
operator: "string",
value: "string",
}],
externalIdExpressions: [{
externalIds: ["string"],
memberType: "string",
}],
ipaddressExpression: {
ipAddresses: ["string"],
},
macaddressExpression: {
macAddresses: ["string"],
},
pathExpression: {
memberPaths: ["string"],
},
}],
description: "string",
extendedCriteria: {
identityGroups: [{
distinguishedName: "string",
domainBaseDistinguishedName: "string",
sid: "string",
}],
},
groupType: "string",
nsxId: "string",
tags: [{
scope: "string",
tag: "string",
}],
vpcGroupId: "string",
});
type: nsxt:VpcGroup
properties:
conjunctions:
- operator: string
context:
projectId: string
vpcId: string
criterias:
- conditions:
- key: string
memberType: string
operator: string
value: string
externalIdExpressions:
- externalIds:
- string
memberType: string
ipaddressExpression:
ipAddresses:
- string
macaddressExpression:
macAddresses:
- string
pathExpression:
memberPaths:
- string
description: string
displayName: string
extendedCriteria:
identityGroups:
- distinguishedName: string
domainBaseDistinguishedName: string
sid: string
groupType: string
nsxId: string
tags:
- scope: string
tag: string
vpcGroupId: string
VpcGroup Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The VpcGroup resource accepts the following input properties:
- Display
Name string - Display name of the resource.
- Conjunctions
List<Vpc
Group Conjunction> - When specifying multiple
criteria, a conjunction is used to specify if the criteria should selected usingANDorOR. - Context
Vpc
Group Context - The context which the object belongs to
- Criterias
List<Vpc
Group Criteria> - A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a
conjunction. In acriteriablock the following membership selection expressions can be used: - Description string
- Description of the resource.
- Extended
Criteria VpcGroup Extended Criteria - A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that
extended_criteriais implicitlyANDwithcriteria. - Group
Type string - One of
IPAddress,ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. - Nsx
Id string - The NSX ID of this resource. If set, this ID will be used to create the group resource.
-
List<Vpc
Group Tag> - A list of scope + tag pairs to associate with this Group.
- Vpc
Group stringId - ID of the Group.
- Display
Name string - Display name of the resource.
- Conjunctions
[]Vpc
Group Conjunction Args - When specifying multiple
criteria, a conjunction is used to specify if the criteria should selected usingANDorOR. - Context
Vpc
Group Context Args - The context which the object belongs to
- Criterias
[]Vpc
Group Criteria Args - A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a
conjunction. In acriteriablock the following membership selection expressions can be used: - Description string
- Description of the resource.
- Extended
Criteria VpcGroup Extended Criteria Args - A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that
extended_criteriais implicitlyANDwithcriteria. - Group
Type string - One of
IPAddress,ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. - Nsx
Id string - The NSX ID of this resource. If set, this ID will be used to create the group resource.
-
[]Vpc
Group Tag Args - A list of scope + tag pairs to associate with this Group.
- Vpc
Group stringId - ID of the Group.
- display
Name String - Display name of the resource.
- conjunctions
List<Vpc
Group Conjunction> - When specifying multiple
criteria, a conjunction is used to specify if the criteria should selected usingANDorOR. - context
Vpc
Group Context - The context which the object belongs to
- criterias
List<Vpc
Group Criteria> - A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a
conjunction. In acriteriablock the following membership selection expressions can be used: - description String
- Description of the resource.
- extended
Criteria VpcGroup Extended Criteria - A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that
extended_criteriais implicitlyANDwithcriteria. - group
Type String - One of
IPAddress,ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. - nsx
Id String - The NSX ID of this resource. If set, this ID will be used to create the group resource.
-
List<Vpc
Group Tag> - A list of scope + tag pairs to associate with this Group.
- vpc
Group StringId - ID of the Group.
- display
Name string - Display name of the resource.
- conjunctions
Vpc
Group Conjunction[] - When specifying multiple
criteria, a conjunction is used to specify if the criteria should selected usingANDorOR. - context
Vpc
Group Context - The context which the object belongs to
- criterias
Vpc
Group Criteria[] - A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a
conjunction. In acriteriablock the following membership selection expressions can be used: - description string
- Description of the resource.
- extended
Criteria VpcGroup Extended Criteria - A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that
extended_criteriais implicitlyANDwithcriteria. - group
Type string - One of
IPAddress,ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. - nsx
Id string - The NSX ID of this resource. If set, this ID will be used to create the group resource.
-
Vpc
Group Tag[] - A list of scope + tag pairs to associate with this Group.
- vpc
Group stringId - ID of the Group.
- display_
name str - Display name of the resource.
- conjunctions
Sequence[Vpc
Group Conjunction Args] - When specifying multiple
criteria, a conjunction is used to specify if the criteria should selected usingANDorOR. - context
Vpc
Group Context Args - The context which the object belongs to
- criterias
Sequence[Vpc
Group Criteria Args] - A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a
conjunction. In acriteriablock the following membership selection expressions can be used: - description str
- Description of the resource.
- extended_
criteria VpcGroup Extended Criteria Args - A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that
extended_criteriais implicitlyANDwithcriteria. - group_
type str - One of
IPAddress,ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. - nsx_
id str - The NSX ID of this resource. If set, this ID will be used to create the group resource.
-
Sequence[Vpc
Group Tag Args] - A list of scope + tag pairs to associate with this Group.
- vpc_
group_ strid - ID of the Group.
- display
Name String - Display name of the resource.
- conjunctions List<Property Map>
- When specifying multiple
criteria, a conjunction is used to specify if the criteria should selected usingANDorOR. - context Property Map
- The context which the object belongs to
- criterias List<Property Map>
- A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a
conjunction. In acriteriablock the following membership selection expressions can be used: - description String
- Description of the resource.
- extended
Criteria Property Map - A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that
extended_criteriais implicitlyANDwithcriteria. - group
Type String - One of
IPAddress,ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. - nsx
Id String - The NSX ID of this resource. If set, this ID will be used to create the group resource.
- List<Property Map>
- A list of scope + tag pairs to associate with this Group.
- vpc
Group StringId - ID of the Group.
Outputs
All input properties are implicitly available as output properties. Additionally, the VpcGroup resource produces the following output properties:
Look up Existing VpcGroup Resource
Get an existing VpcGroup resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: VpcGroupState, opts?: CustomResourceOptions): VpcGroup@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
conjunctions: Optional[Sequence[VpcGroupConjunctionArgs]] = None,
context: Optional[VpcGroupContextArgs] = None,
criterias: Optional[Sequence[VpcGroupCriteriaArgs]] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
extended_criteria: Optional[VpcGroupExtendedCriteriaArgs] = None,
group_type: Optional[str] = None,
nsx_id: Optional[str] = None,
path: Optional[str] = None,
revision: Optional[float] = None,
tags: Optional[Sequence[VpcGroupTagArgs]] = None,
vpc_group_id: Optional[str] = None) -> VpcGroupfunc GetVpcGroup(ctx *Context, name string, id IDInput, state *VpcGroupState, opts ...ResourceOption) (*VpcGroup, error)public static VpcGroup Get(string name, Input<string> id, VpcGroupState? state, CustomResourceOptions? opts = null)public static VpcGroup get(String name, Output<String> id, VpcGroupState state, CustomResourceOptions options)resources: _: type: nsxt:VpcGroup get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Conjunctions
List<Vpc
Group Conjunction> - When specifying multiple
criteria, a conjunction is used to specify if the criteria should selected usingANDorOR. - Context
Vpc
Group Context - The context which the object belongs to
- Criterias
List<Vpc
Group Criteria> - A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a
conjunction. In acriteriablock the following membership selection expressions can be used: - Description string
- Description of the resource.
- Display
Name string - Display name of the resource.
- Extended
Criteria VpcGroup Extended Criteria - A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that
extended_criteriais implicitlyANDwithcriteria. - Group
Type string - One of
IPAddress,ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. - Nsx
Id string - The NSX ID of this resource. If set, this ID will be used to create the group resource.
- Path string
- The NSX path of the policy resource.
- Revision double
- Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
-
List<Vpc
Group Tag> - A list of scope + tag pairs to associate with this Group.
- Vpc
Group stringId - ID of the Group.
- Conjunctions
[]Vpc
Group Conjunction Args - When specifying multiple
criteria, a conjunction is used to specify if the criteria should selected usingANDorOR. - Context
Vpc
Group Context Args - The context which the object belongs to
- Criterias
[]Vpc
Group Criteria Args - A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a
conjunction. In acriteriablock the following membership selection expressions can be used: - Description string
- Description of the resource.
- Display
Name string - Display name of the resource.
- Extended
Criteria VpcGroup Extended Criteria Args - A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that
extended_criteriais implicitlyANDwithcriteria. - Group
Type string - One of
IPAddress,ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. - Nsx
Id string - The NSX ID of this resource. If set, this ID will be used to create the group resource.
- Path string
- The NSX path of the policy resource.
- Revision float64
- Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
-
[]Vpc
Group Tag Args - A list of scope + tag pairs to associate with this Group.
- Vpc
Group stringId - ID of the Group.
- conjunctions
List<Vpc
Group Conjunction> - When specifying multiple
criteria, a conjunction is used to specify if the criteria should selected usingANDorOR. - context
Vpc
Group Context - The context which the object belongs to
- criterias
List<Vpc
Group Criteria> - A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a
conjunction. In acriteriablock the following membership selection expressions can be used: - description String
- Description of the resource.
- display
Name String - Display name of the resource.
- extended
Criteria VpcGroup Extended Criteria - A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that
extended_criteriais implicitlyANDwithcriteria. - group
Type String - One of
IPAddress,ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. - nsx
Id String - The NSX ID of this resource. If set, this ID will be used to create the group resource.
- path String
- The NSX path of the policy resource.
- revision Double
- Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
-
List<Vpc
Group Tag> - A list of scope + tag pairs to associate with this Group.
- vpc
Group StringId - ID of the Group.
- conjunctions
Vpc
Group Conjunction[] - When specifying multiple
criteria, a conjunction is used to specify if the criteria should selected usingANDorOR. - context
Vpc
Group Context - The context which the object belongs to
- criterias
Vpc
Group Criteria[] - A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a
conjunction. In acriteriablock the following membership selection expressions can be used: - description string
- Description of the resource.
- display
Name string - Display name of the resource.
- extended
Criteria VpcGroup Extended Criteria - A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that
extended_criteriais implicitlyANDwithcriteria. - group
Type string - One of
IPAddress,ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. - nsx
Id string - The NSX ID of this resource. If set, this ID will be used to create the group resource.
- path string
- The NSX path of the policy resource.
- revision number
- Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
-
Vpc
Group Tag[] - A list of scope + tag pairs to associate with this Group.
- vpc
Group stringId - ID of the Group.
- conjunctions
Sequence[Vpc
Group Conjunction Args] - When specifying multiple
criteria, a conjunction is used to specify if the criteria should selected usingANDorOR. - context
Vpc
Group Context Args - The context which the object belongs to
- criterias
Sequence[Vpc
Group Criteria Args] - A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a
conjunction. In acriteriablock the following membership selection expressions can be used: - description str
- Description of the resource.
- display_
name str - Display name of the resource.
- extended_
criteria VpcGroup Extended Criteria Args - A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that
extended_criteriais implicitlyANDwithcriteria. - group_
type str - One of
IPAddress,ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. - nsx_
id str - The NSX ID of this resource. If set, this ID will be used to create the group resource.
- path str
- The NSX path of the policy resource.
- revision float
- Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
-
Sequence[Vpc
Group Tag Args] - A list of scope + tag pairs to associate with this Group.
- vpc_
group_ strid - ID of the Group.
- conjunctions List<Property Map>
- When specifying multiple
criteria, a conjunction is used to specify if the criteria should selected usingANDorOR. - context Property Map
- The context which the object belongs to
- criterias List<Property Map>
- A repeatable block to specify criteria for members of this Group. If more than 1 criteria block is specified, it must be separated by a
conjunction. In acriteriablock the following membership selection expressions can be used: - description String
- Description of the resource.
- display
Name String - Display name of the resource.
- extended
Criteria Property Map - A condition block to specify higher level context to include in this Group's members. (e.g. user AD group). This configuration is for Local Manager only. Currently only one block is supported by NSX. Note that
extended_criteriais implicitlyANDwithcriteria. - group
Type String - One of
IPAddress,ANTREA. Empty group type indicates a generic group. Attribute is supported with NSX version 3.2.0 and above. - nsx
Id String - The NSX ID of this resource. If set, this ID will be used to create the group resource.
- path String
- The NSX path of the policy resource.
- revision Number
- Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
- List<Property Map>
- A list of scope + tag pairs to associate with this Group.
- vpc
Group StringId - ID of the Group.
Supporting Types
VpcGroupConjunction, VpcGroupConjunctionArgs
- Operator string
- The operator to use. Must be one of
ANDorOR. IfANDis used, then thecriteriablock before/after must be of the same type and if usingconditionthen also must use the samemember_type.
- Operator string
- The operator to use. Must be one of
ANDorOR. IfANDis used, then thecriteriablock before/after must be of the same type and if usingconditionthen also must use the samemember_type.
- operator String
- The operator to use. Must be one of
ANDorOR. IfANDis used, then thecriteriablock before/after must be of the same type and if usingconditionthen also must use the samemember_type.
- operator string
- The operator to use. Must be one of
ANDorOR. IfANDis used, then thecriteriablock before/after must be of the same type and if usingconditionthen also must use the samemember_type.
- operator str
- The operator to use. Must be one of
ANDorOR. IfANDis used, then thecriteriablock before/after must be of the same type and if usingconditionthen also must use the samemember_type.
- operator String
- The operator to use. Must be one of
ANDorOR. IfANDis used, then thecriteriablock before/after must be of the same type and if usingconditionthen also must use the samemember_type.
VpcGroupContext, VpcGroupContextArgs
- project_
id str - The ID of the project which the object belongs to
- vpc_
id str - The ID of the VPC which the object belongs to
VpcGroupCriteria, VpcGroupCriteriaArgs
- Conditions
List<Vpc
Group Criteria Condition> - A repeatable condition block to select this Group's members. When multiple
conditionblocks are used in a singlecriteriathey form a nested expression that's implicitly ANDed together and each nested condition must used the samemember_type. - External
Id List<VpcExpressions Group Criteria External Id Expression> - An expression block to specify external IDs for the specified member type for this Group.
- Ipaddress
Expression VpcGroup Criteria Ipaddress Expression - An expression block to specify individual IP Addresses, ranges of IP Addresses or subnets for this Group.
- Macaddress
Expression VpcGroup Criteria Macaddress Expression - An expression block to specify individual MAC Addresses for this Group.
- Path
Expression VpcGroup Criteria Path Expression - An expression block to specify direct group members by policy path.
- Conditions
[]Vpc
Group Criteria Condition - A repeatable condition block to select this Group's members. When multiple
conditionblocks are used in a singlecriteriathey form a nested expression that's implicitly ANDed together and each nested condition must used the samemember_type. - External
Id []VpcExpressions Group Criteria External Id Expression - An expression block to specify external IDs for the specified member type for this Group.
- Ipaddress
Expression VpcGroup Criteria Ipaddress Expression - An expression block to specify individual IP Addresses, ranges of IP Addresses or subnets for this Group.
- Macaddress
Expression VpcGroup Criteria Macaddress Expression - An expression block to specify individual MAC Addresses for this Group.
- Path
Expression VpcGroup Criteria Path Expression - An expression block to specify direct group members by policy path.
- conditions
List<Vpc
Group Criteria Condition> - A repeatable condition block to select this Group's members. When multiple
conditionblocks are used in a singlecriteriathey form a nested expression that's implicitly ANDed together and each nested condition must used the samemember_type. - external
Id List<VpcExpressions Group Criteria External Id Expression> - An expression block to specify external IDs for the specified member type for this Group.
- ipaddress
Expression VpcGroup Criteria Ipaddress Expression - An expression block to specify individual IP Addresses, ranges of IP Addresses or subnets for this Group.
- macaddress
Expression VpcGroup Criteria Macaddress Expression - An expression block to specify individual MAC Addresses for this Group.
- path
Expression VpcGroup Criteria Path Expression - An expression block to specify direct group members by policy path.
- conditions
Vpc
Group Criteria Condition[] - A repeatable condition block to select this Group's members. When multiple
conditionblocks are used in a singlecriteriathey form a nested expression that's implicitly ANDed together and each nested condition must used the samemember_type. - external
Id VpcExpressions Group Criteria External Id Expression[] - An expression block to specify external IDs for the specified member type for this Group.
- ipaddress
Expression VpcGroup Criteria Ipaddress Expression - An expression block to specify individual IP Addresses, ranges of IP Addresses or subnets for this Group.
- macaddress
Expression VpcGroup Criteria Macaddress Expression - An expression block to specify individual MAC Addresses for this Group.
- path
Expression VpcGroup Criteria Path Expression - An expression block to specify direct group members by policy path.
- conditions
Sequence[Vpc
Group Criteria Condition] - A repeatable condition block to select this Group's members. When multiple
conditionblocks are used in a singlecriteriathey form a nested expression that's implicitly ANDed together and each nested condition must used the samemember_type. - external_
id_ Sequence[Vpcexpressions Group Criteria External Id Expression] - An expression block to specify external IDs for the specified member type for this Group.
- ipaddress_
expression VpcGroup Criteria Ipaddress Expression - An expression block to specify individual IP Addresses, ranges of IP Addresses or subnets for this Group.
- macaddress_
expression VpcGroup Criteria Macaddress Expression - An expression block to specify individual MAC Addresses for this Group.
- path_
expression VpcGroup Criteria Path Expression - An expression block to specify direct group members by policy path.
- conditions List<Property Map>
- A repeatable condition block to select this Group's members. When multiple
conditionblocks are used in a singlecriteriathey form a nested expression that's implicitly ANDed together and each nested condition must used the samemember_type. - external
Id List<Property Map>Expressions - An expression block to specify external IDs for the specified member type for this Group.
- ipaddress
Expression Property Map - An expression block to specify individual IP Addresses, ranges of IP Addresses or subnets for this Group.
- macaddress
Expression Property Map - An expression block to specify individual MAC Addresses for this Group.
- path
Expression Property Map - An expression block to specify direct group members by policy path.
VpcGroupCriteriaCondition, VpcGroupCriteriaConditionArgs
- Key string
- Specifies the attribute to query. Must be one of:
Tag,ComputerName,OSName,Name,NodeType,GroupType,ALL,IPAddress,PodCidr. Please note that certain keys are only applicable to certain member types. - Member
Type string - Specifies the type of resource to query. Must be one of:
IPSet,LogicalPort,LogicalSwitch,Segment,SegmentPort,VirtualMachine,Group,DVPG,DVPort,IPAddress,TransportNode,Pod.Service,Namespace,KubernetesCluster,KubernetesNamespace,KubernetesIngress,KubernetesService,KubernetesNode,AntreaEgress,AntreaIPPool. Not that certain member types are only applicable to certain environments. - Operator string
- Specifies the query operator to use. Must be one of:
CONTAINS,ENDSWITH,EQUALS,NOTEQUALS,STARTSWITH,IN,NOTIN,MATCHES. Not that certain operators are only applicable to certain keys/member types.:w - Value string
- User specified string value to use in the query. For
Tagcriteria, use 'scope|value' notation if you wish to specify scope in criteria.
- Key string
- Specifies the attribute to query. Must be one of:
Tag,ComputerName,OSName,Name,NodeType,GroupType,ALL,IPAddress,PodCidr. Please note that certain keys are only applicable to certain member types. - Member
Type string - Specifies the type of resource to query. Must be one of:
IPSet,LogicalPort,LogicalSwitch,Segment,SegmentPort,VirtualMachine,Group,DVPG,DVPort,IPAddress,TransportNode,Pod.Service,Namespace,KubernetesCluster,KubernetesNamespace,KubernetesIngress,KubernetesService,KubernetesNode,AntreaEgress,AntreaIPPool. Not that certain member types are only applicable to certain environments. - Operator string
- Specifies the query operator to use. Must be one of:
CONTAINS,ENDSWITH,EQUALS,NOTEQUALS,STARTSWITH,IN,NOTIN,MATCHES. Not that certain operators are only applicable to certain keys/member types.:w - Value string
- User specified string value to use in the query. For
Tagcriteria, use 'scope|value' notation if you wish to specify scope in criteria.
- key String
- Specifies the attribute to query. Must be one of:
Tag,ComputerName,OSName,Name,NodeType,GroupType,ALL,IPAddress,PodCidr. Please note that certain keys are only applicable to certain member types. - member
Type String - Specifies the type of resource to query. Must be one of:
IPSet,LogicalPort,LogicalSwitch,Segment,SegmentPort,VirtualMachine,Group,DVPG,DVPort,IPAddress,TransportNode,Pod.Service,Namespace,KubernetesCluster,KubernetesNamespace,KubernetesIngress,KubernetesService,KubernetesNode,AntreaEgress,AntreaIPPool. Not that certain member types are only applicable to certain environments. - operator String
- Specifies the query operator to use. Must be one of:
CONTAINS,ENDSWITH,EQUALS,NOTEQUALS,STARTSWITH,IN,NOTIN,MATCHES. Not that certain operators are only applicable to certain keys/member types.:w - value String
- User specified string value to use in the query. For
Tagcriteria, use 'scope|value' notation if you wish to specify scope in criteria.
- key string
- Specifies the attribute to query. Must be one of:
Tag,ComputerName,OSName,Name,NodeType,GroupType,ALL,IPAddress,PodCidr. Please note that certain keys are only applicable to certain member types. - member
Type string - Specifies the type of resource to query. Must be one of:
IPSet,LogicalPort,LogicalSwitch,Segment,SegmentPort,VirtualMachine,Group,DVPG,DVPort,IPAddress,TransportNode,Pod.Service,Namespace,KubernetesCluster,KubernetesNamespace,KubernetesIngress,KubernetesService,KubernetesNode,AntreaEgress,AntreaIPPool. Not that certain member types are only applicable to certain environments. - operator string
- Specifies the query operator to use. Must be one of:
CONTAINS,ENDSWITH,EQUALS,NOTEQUALS,STARTSWITH,IN,NOTIN,MATCHES. Not that certain operators are only applicable to certain keys/member types.:w - value string
- User specified string value to use in the query. For
Tagcriteria, use 'scope|value' notation if you wish to specify scope in criteria.
- key str
- Specifies the attribute to query. Must be one of:
Tag,ComputerName,OSName,Name,NodeType,GroupType,ALL,IPAddress,PodCidr. Please note that certain keys are only applicable to certain member types. - member_
type str - Specifies the type of resource to query. Must be one of:
IPSet,LogicalPort,LogicalSwitch,Segment,SegmentPort,VirtualMachine,Group,DVPG,DVPort,IPAddress,TransportNode,Pod.Service,Namespace,KubernetesCluster,KubernetesNamespace,KubernetesIngress,KubernetesService,KubernetesNode,AntreaEgress,AntreaIPPool. Not that certain member types are only applicable to certain environments. - operator str
- Specifies the query operator to use. Must be one of:
CONTAINS,ENDSWITH,EQUALS,NOTEQUALS,STARTSWITH,IN,NOTIN,MATCHES. Not that certain operators are only applicable to certain keys/member types.:w - value str
- User specified string value to use in the query. For
Tagcriteria, use 'scope|value' notation if you wish to specify scope in criteria.
- key String
- Specifies the attribute to query. Must be one of:
Tag,ComputerName,OSName,Name,NodeType,GroupType,ALL,IPAddress,PodCidr. Please note that certain keys are only applicable to certain member types. - member
Type String - Specifies the type of resource to query. Must be one of:
IPSet,LogicalPort,LogicalSwitch,Segment,SegmentPort,VirtualMachine,Group,DVPG,DVPort,IPAddress,TransportNode,Pod.Service,Namespace,KubernetesCluster,KubernetesNamespace,KubernetesIngress,KubernetesService,KubernetesNode,AntreaEgress,AntreaIPPool. Not that certain member types are only applicable to certain environments. - operator String
- Specifies the query operator to use. Must be one of:
CONTAINS,ENDSWITH,EQUALS,NOTEQUALS,STARTSWITH,IN,NOTIN,MATCHES. Not that certain operators are only applicable to certain keys/member types.:w - value String
- User specified string value to use in the query. For
Tagcriteria, use 'scope|value' notation if you wish to specify scope in criteria.
VpcGroupCriteriaExternalIdExpression, VpcGroupCriteriaExternalIdExpressionArgs
- External
Ids List<string> - List of external IDs for the specified member type.
- Member
Type string - External ID member type. Must be one of:
VirtualMachine,VirtualNetworkInterface,CloudNativeServiceInstance, orPhysicalServer. Defaults toVirtualMachine.
- External
Ids []string - List of external IDs for the specified member type.
- Member
Type string - External ID member type. Must be one of:
VirtualMachine,VirtualNetworkInterface,CloudNativeServiceInstance, orPhysicalServer. Defaults toVirtualMachine.
- external
Ids List<String> - List of external IDs for the specified member type.
- member
Type String - External ID member type. Must be one of:
VirtualMachine,VirtualNetworkInterface,CloudNativeServiceInstance, orPhysicalServer. Defaults toVirtualMachine.
- external
Ids string[] - List of external IDs for the specified member type.
- member
Type string - External ID member type. Must be one of:
VirtualMachine,VirtualNetworkInterface,CloudNativeServiceInstance, orPhysicalServer. Defaults toVirtualMachine.
- external_
ids Sequence[str] - List of external IDs for the specified member type.
- member_
type str - External ID member type. Must be one of:
VirtualMachine,VirtualNetworkInterface,CloudNativeServiceInstance, orPhysicalServer. Defaults toVirtualMachine.
- external
Ids List<String> - List of external IDs for the specified member type.
- member
Type String - External ID member type. Must be one of:
VirtualMachine,VirtualNetworkInterface,CloudNativeServiceInstance, orPhysicalServer. Defaults toVirtualMachine.
VpcGroupCriteriaIpaddressExpression, VpcGroupCriteriaIpaddressExpressionArgs
- Ip
Addresses List<string> - This list can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed.
- Ip
Addresses []string - This list can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed.
- ip
Addresses List<String> - This list can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed.
- ip
Addresses string[] - This list can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed.
- ip_
addresses Sequence[str] - This list can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed.
- ip
Addresses List<String> - This list can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed.
VpcGroupCriteriaMacaddressExpression, VpcGroupCriteriaMacaddressExpressionArgs
- Mac
Addresses List<string> - List of MAC addresses.
- Mac
Addresses []string - List of MAC addresses.
- mac
Addresses List<String> - List of MAC addresses.
- mac
Addresses string[] - List of MAC addresses.
- mac_
addresses Sequence[str] - List of MAC addresses.
- mac
Addresses List<String> - List of MAC addresses.
VpcGroupCriteriaPathExpression, VpcGroupCriteriaPathExpressionArgs
- Member
Paths List<string> - List of policy paths for direct members for this Group (such as Segments, Segment ports, Groups etc).
- Member
Paths []string - List of policy paths for direct members for this Group (such as Segments, Segment ports, Groups etc).
- member
Paths List<String> - List of policy paths for direct members for this Group (such as Segments, Segment ports, Groups etc).
- member
Paths string[] - List of policy paths for direct members for this Group (such as Segments, Segment ports, Groups etc).
- member_
paths Sequence[str] - List of policy paths for direct members for this Group (such as Segments, Segment ports, Groups etc).
- member
Paths List<String> - List of policy paths for direct members for this Group (such as Segments, Segment ports, Groups etc).
VpcGroupExtendedCriteria, VpcGroupExtendedCriteriaArgs
- Identity
Groups List<VpcGroup Extended Criteria Identity Group> - A repeatable condition block selecting user AD groups to be included in this Group. Note that
identity_groupsareORwith each other.
- Identity
Groups []VpcGroup Extended Criteria Identity Group - A repeatable condition block selecting user AD groups to be included in this Group. Note that
identity_groupsareORwith each other.
- identity
Groups List<VpcGroup Extended Criteria Identity Group> - A repeatable condition block selecting user AD groups to be included in this Group. Note that
identity_groupsareORwith each other.
- identity
Groups VpcGroup Extended Criteria Identity Group[] - A repeatable condition block selecting user AD groups to be included in this Group. Note that
identity_groupsareORwith each other.
- identity_
groups Sequence[VpcGroup Extended Criteria Identity Group] - A repeatable condition block selecting user AD groups to be included in this Group. Note that
identity_groupsareORwith each other.
- identity
Groups List<Property Map> - A repeatable condition block selecting user AD groups to be included in this Group. Note that
identity_groupsareORwith each other.
VpcGroupExtendedCriteriaIdentityGroup, VpcGroupExtendedCriteriaIdentityGroupArgs
- Distinguished
Name string - LDAP distinguished name (DN). A valid fully qualified distinguished name should be provided here. This value is valid only if it matches to exactly 1 LDAP object on the LDAP server.
- Domain
Base stringDistinguished Name - Identity (Directory) domain base distinguished name. This is the base distinguished name for the domain where this identity group resides. (e.g. dc=example,dc=com)
- Sid string
- Identity (Directory) Group SID (security identifier). A security identifier (SID) is a unique value of variable length used to identify a trustee. This field is only populated for Microsoft Active Directory identity store.
- Distinguished
Name string - LDAP distinguished name (DN). A valid fully qualified distinguished name should be provided here. This value is valid only if it matches to exactly 1 LDAP object on the LDAP server.
- Domain
Base stringDistinguished Name - Identity (Directory) domain base distinguished name. This is the base distinguished name for the domain where this identity group resides. (e.g. dc=example,dc=com)
- Sid string
- Identity (Directory) Group SID (security identifier). A security identifier (SID) is a unique value of variable length used to identify a trustee. This field is only populated for Microsoft Active Directory identity store.
- distinguished
Name String - LDAP distinguished name (DN). A valid fully qualified distinguished name should be provided here. This value is valid only if it matches to exactly 1 LDAP object on the LDAP server.
- domain
Base StringDistinguished Name - Identity (Directory) domain base distinguished name. This is the base distinguished name for the domain where this identity group resides. (e.g. dc=example,dc=com)
- sid String
- Identity (Directory) Group SID (security identifier). A security identifier (SID) is a unique value of variable length used to identify a trustee. This field is only populated for Microsoft Active Directory identity store.
- distinguished
Name string - LDAP distinguished name (DN). A valid fully qualified distinguished name should be provided here. This value is valid only if it matches to exactly 1 LDAP object on the LDAP server.
- domain
Base stringDistinguished Name - Identity (Directory) domain base distinguished name. This is the base distinguished name for the domain where this identity group resides. (e.g. dc=example,dc=com)
- sid string
- Identity (Directory) Group SID (security identifier). A security identifier (SID) is a unique value of variable length used to identify a trustee. This field is only populated for Microsoft Active Directory identity store.
- distinguished_
name str - LDAP distinguished name (DN). A valid fully qualified distinguished name should be provided here. This value is valid only if it matches to exactly 1 LDAP object on the LDAP server.
- domain_
base_ strdistinguished_ name - Identity (Directory) domain base distinguished name. This is the base distinguished name for the domain where this identity group resides. (e.g. dc=example,dc=com)
- sid str
- Identity (Directory) Group SID (security identifier). A security identifier (SID) is a unique value of variable length used to identify a trustee. This field is only populated for Microsoft Active Directory identity store.
- distinguished
Name String - LDAP distinguished name (DN). A valid fully qualified distinguished name should be provided here. This value is valid only if it matches to exactly 1 LDAP object on the LDAP server.
- domain
Base StringDistinguished Name - Identity (Directory) domain base distinguished name. This is the base distinguished name for the domain where this identity group resides. (e.g. dc=example,dc=com)
- sid String
- Identity (Directory) Group SID (security identifier). A security identifier (SID) is a unique value of variable length used to identify a trustee. This field is only populated for Microsoft Active Directory identity store.
VpcGroupTag, VpcGroupTagArgs
Package Details
- Repository
- nsxt vmware/terraform-provider-nsxt
- License
- Notes
- This Pulumi package is based on the
nsxtTerraform Provider.