Docs Home
vcd 3.14.1 published on Monday, Apr 14, 2025 by vmware
vcd.NsxtFirewall
Explore with Pulumi AI
Create NsxtFirewall Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new NsxtFirewall(name: string, args: NsxtFirewallArgs, opts?: CustomResourceOptions);@overload
def NsxtFirewall(resource_name: str,
args: NsxtFirewallArgs,
opts: Optional[ResourceOptions] = None)
@overload
def NsxtFirewall(resource_name: str,
opts: Optional[ResourceOptions] = None,
edge_gateway_id: Optional[str] = None,
rules: Optional[Sequence[NsxtFirewallRuleArgs]] = None,
nsxt_firewall_id: Optional[str] = None,
org: Optional[str] = None,
vdc: Optional[str] = None)func NewNsxtFirewall(ctx *Context, name string, args NsxtFirewallArgs, opts ...ResourceOption) (*NsxtFirewall, error)public NsxtFirewall(string name, NsxtFirewallArgs args, CustomResourceOptions? opts = null)
public NsxtFirewall(String name, NsxtFirewallArgs args)
public NsxtFirewall(String name, NsxtFirewallArgs args, CustomResourceOptions options)
type: vcd:NsxtFirewall
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args NsxtFirewallArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args NsxtFirewallArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args NsxtFirewallArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args NsxtFirewallArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args NsxtFirewallArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var nsxtFirewallResource = new Vcd.NsxtFirewall("nsxtFirewallResource", new()
{
EdgeGatewayId = "string",
Rules = new[]
{
new Vcd.Inputs.NsxtFirewallRuleArgs
{
Action = "string",
Direction = "string",
IpProtocol = "string",
Name = "string",
AppPortProfileIds = new[]
{
"string",
},
DestinationIds = new[]
{
"string",
},
Enabled = false,
Id = "string",
Logging = false,
SourceIds = new[]
{
"string",
},
},
},
NsxtFirewallId = "string",
Org = "string",
});
example, err := vcd.NewNsxtFirewall(ctx, "nsxtFirewallResource", &vcd.NsxtFirewallArgs{
EdgeGatewayId: pulumi.String("string"),
Rules: vcd.NsxtFirewallRuleArray{
&vcd.NsxtFirewallRuleArgs{
Action: pulumi.String("string"),
Direction: pulumi.String("string"),
IpProtocol: pulumi.String("string"),
Name: pulumi.String("string"),
AppPortProfileIds: pulumi.StringArray{
pulumi.String("string"),
},
DestinationIds: pulumi.StringArray{
pulumi.String("string"),
},
Enabled: pulumi.Bool(false),
Id: pulumi.String("string"),
Logging: pulumi.Bool(false),
SourceIds: pulumi.StringArray{
pulumi.String("string"),
},
},
},
NsxtFirewallId: pulumi.String("string"),
Org: pulumi.String("string"),
})
var nsxtFirewallResource = new NsxtFirewall("nsxtFirewallResource", NsxtFirewallArgs.builder()
.edgeGatewayId("string")
.rules(NsxtFirewallRuleArgs.builder()
.action("string")
.direction("string")
.ipProtocol("string")
.name("string")
.appPortProfileIds("string")
.destinationIds("string")
.enabled(false)
.id("string")
.logging(false)
.sourceIds("string")
.build())
.nsxtFirewallId("string")
.org("string")
.build());
nsxt_firewall_resource = vcd.NsxtFirewall("nsxtFirewallResource",
edge_gateway_id="string",
rules=[{
"action": "string",
"direction": "string",
"ip_protocol": "string",
"name": "string",
"app_port_profile_ids": ["string"],
"destination_ids": ["string"],
"enabled": False,
"id": "string",
"logging": False,
"source_ids": ["string"],
}],
nsxt_firewall_id="string",
org="string")
const nsxtFirewallResource = new vcd.NsxtFirewall("nsxtFirewallResource", {
edgeGatewayId: "string",
rules: [{
action: "string",
direction: "string",
ipProtocol: "string",
name: "string",
appPortProfileIds: ["string"],
destinationIds: ["string"],
enabled: false,
id: "string",
logging: false,
sourceIds: ["string"],
}],
nsxtFirewallId: "string",
org: "string",
});
type: vcd:NsxtFirewall
properties:
edgeGatewayId: string
nsxtFirewallId: string
org: string
rules:
- action: string
appPortProfileIds:
- string
destinationIds:
- string
direction: string
enabled: false
id: string
ipProtocol: string
logging: false
name: string
sourceIds:
- string
NsxtFirewall Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The NsxtFirewall resource accepts the following input properties:
- Edge
Gateway stringId - The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydatasource - Rules
List<Nsxt
Firewall Rule> One or more blocks with Firewall Rule definitions
- Nsxt
Firewall stringId - Org string
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- Vdc string
- The name of VDC to use, optional if defined at provider level
- Edge
Gateway stringId - The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydatasource - Rules
[]Nsxt
Firewall Rule Args One or more blocks with Firewall Rule definitions
- Nsxt
Firewall stringId - Org string
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- Vdc string
- The name of VDC to use, optional if defined at provider level
- edge
Gateway StringId - The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydatasource - rules
List<Nsxt
Firewall Rule> One or more blocks with Firewall Rule definitions
- nsxt
Firewall StringId - org String
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- vdc String
- The name of VDC to use, optional if defined at provider level
- edge
Gateway stringId - The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydatasource - rules
Nsxt
Firewall Rule[] One or more blocks with Firewall Rule definitions
- nsxt
Firewall stringId - org string
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- vdc string
- The name of VDC to use, optional if defined at provider level
- edge_
gateway_ strid - The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydatasource - rules
Sequence[Nsxt
Firewall Rule Args] One or more blocks with Firewall Rule definitions
- nsxt_
firewall_ strid - org str
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- vdc str
- The name of VDC to use, optional if defined at provider level
- edge
Gateway StringId - The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydatasource - rules List<Property Map>
One or more blocks with Firewall Rule definitions
- nsxt
Firewall StringId - org String
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- vdc String
- The name of VDC to use, optional if defined at provider level
Outputs
All input properties are implicitly available as output properties. Additionally, the NsxtFirewall resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing NsxtFirewall Resource
Get an existing NsxtFirewall resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: NsxtFirewallState, opts?: CustomResourceOptions): NsxtFirewall@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
edge_gateway_id: Optional[str] = None,
nsxt_firewall_id: Optional[str] = None,
org: Optional[str] = None,
rules: Optional[Sequence[NsxtFirewallRuleArgs]] = None,
vdc: Optional[str] = None) -> NsxtFirewallfunc GetNsxtFirewall(ctx *Context, name string, id IDInput, state *NsxtFirewallState, opts ...ResourceOption) (*NsxtFirewall, error)public static NsxtFirewall Get(string name, Input<string> id, NsxtFirewallState? state, CustomResourceOptions? opts = null)public static NsxtFirewall get(String name, Output<String> id, NsxtFirewallState state, CustomResourceOptions options)resources: _: type: vcd:NsxtFirewall get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Edge
Gateway stringId - The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydatasource - Nsxt
Firewall stringId - Org string
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- Rules
List<Nsxt
Firewall Rule> One or more blocks with Firewall Rule definitions
- Vdc string
- The name of VDC to use, optional if defined at provider level
- Edge
Gateway stringId - The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydatasource - Nsxt
Firewall stringId - Org string
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- Rules
[]Nsxt
Firewall Rule Args One or more blocks with Firewall Rule definitions
- Vdc string
- The name of VDC to use, optional if defined at provider level
- edge
Gateway StringId - The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydatasource - nsxt
Firewall StringId - org String
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- rules
List<Nsxt
Firewall Rule> One or more blocks with Firewall Rule definitions
- vdc String
- The name of VDC to use, optional if defined at provider level
- edge
Gateway stringId - The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydatasource - nsxt
Firewall stringId - org string
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- rules
Nsxt
Firewall Rule[] One or more blocks with Firewall Rule definitions
- vdc string
- The name of VDC to use, optional if defined at provider level
- edge_
gateway_ strid - The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydatasource - nsxt_
firewall_ strid - org str
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- rules
Sequence[Nsxt
Firewall Rule Args] One or more blocks with Firewall Rule definitions
- vdc str
- The name of VDC to use, optional if defined at provider level
- edge
Gateway StringId - The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydatasource - nsxt
Firewall StringId - org String
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- rules List<Property Map>
One or more blocks with Firewall Rule definitions
- vdc String
- The name of VDC to use, optional if defined at provider level
Supporting Types
NsxtFirewallRule, NsxtFirewallRuleArgs
- Action string
- Defines if the rule should 'ALLOW', 'DROP' or 'REJECT' matching traffic
- Direction string
- Direction on which Firewall Rule applies (One of 'IN', 'OUT', 'IN_OUT')
- Ip
Protocol string - Firewall Rule Protocol (One of 'IPV4', 'IPV6', 'IPV4_IPV6')
- Name string
- Firewall Rule name
- App
Port List<string>Profile Ids - A set of Application Port Profile IDs. Leaving it empty means 'Any'
- Destination
Ids List<string> - A set of Destination Firewall Group IDs (IP Sets or Security Groups). Leaving it empty means 'Any'
- Enabled bool
- Defined if Firewall Rule is active
- Id string
- Firewall Rule ID
- Logging bool
- Defines if matching traffic should be logged
- Source
Ids List<string> - A set of Source Firewall Group IDs (IP Sets or Security Groups). Leaving it empty means 'Any'
- Action string
- Defines if the rule should 'ALLOW', 'DROP' or 'REJECT' matching traffic
- Direction string
- Direction on which Firewall Rule applies (One of 'IN', 'OUT', 'IN_OUT')
- Ip
Protocol string - Firewall Rule Protocol (One of 'IPV4', 'IPV6', 'IPV4_IPV6')
- Name string
- Firewall Rule name
- App
Port []stringProfile Ids - A set of Application Port Profile IDs. Leaving it empty means 'Any'
- Destination
Ids []string - A set of Destination Firewall Group IDs (IP Sets or Security Groups). Leaving it empty means 'Any'
- Enabled bool
- Defined if Firewall Rule is active
- Id string
- Firewall Rule ID
- Logging bool
- Defines if matching traffic should be logged
- Source
Ids []string - A set of Source Firewall Group IDs (IP Sets or Security Groups). Leaving it empty means 'Any'
- action String
- Defines if the rule should 'ALLOW', 'DROP' or 'REJECT' matching traffic
- direction String
- Direction on which Firewall Rule applies (One of 'IN', 'OUT', 'IN_OUT')
- ip
Protocol String - Firewall Rule Protocol (One of 'IPV4', 'IPV6', 'IPV4_IPV6')
- name String
- Firewall Rule name
- app
Port List<String>Profile Ids - A set of Application Port Profile IDs. Leaving it empty means 'Any'
- destination
Ids List<String> - A set of Destination Firewall Group IDs (IP Sets or Security Groups). Leaving it empty means 'Any'
- enabled Boolean
- Defined if Firewall Rule is active
- id String
- Firewall Rule ID
- logging Boolean
- Defines if matching traffic should be logged
- source
Ids List<String> - A set of Source Firewall Group IDs (IP Sets or Security Groups). Leaving it empty means 'Any'
- action string
- Defines if the rule should 'ALLOW', 'DROP' or 'REJECT' matching traffic
- direction string
- Direction on which Firewall Rule applies (One of 'IN', 'OUT', 'IN_OUT')
- ip
Protocol string - Firewall Rule Protocol (One of 'IPV4', 'IPV6', 'IPV4_IPV6')
- name string
- Firewall Rule name
- app
Port string[]Profile Ids - A set of Application Port Profile IDs. Leaving it empty means 'Any'
- destination
Ids string[] - A set of Destination Firewall Group IDs (IP Sets or Security Groups). Leaving it empty means 'Any'
- enabled boolean
- Defined if Firewall Rule is active
- id string
- Firewall Rule ID
- logging boolean
- Defines if matching traffic should be logged
- source
Ids string[] - A set of Source Firewall Group IDs (IP Sets or Security Groups). Leaving it empty means 'Any'
- action str
- Defines if the rule should 'ALLOW', 'DROP' or 'REJECT' matching traffic
- direction str
- Direction on which Firewall Rule applies (One of 'IN', 'OUT', 'IN_OUT')
- ip_
protocol str - Firewall Rule Protocol (One of 'IPV4', 'IPV6', 'IPV4_IPV6')
- name str
- Firewall Rule name
- app_
port_ Sequence[str]profile_ ids - A set of Application Port Profile IDs. Leaving it empty means 'Any'
- destination_
ids Sequence[str] - A set of Destination Firewall Group IDs (IP Sets or Security Groups). Leaving it empty means 'Any'
- enabled bool
- Defined if Firewall Rule is active
- id str
- Firewall Rule ID
- logging bool
- Defines if matching traffic should be logged
- source_
ids Sequence[str] - A set of Source Firewall Group IDs (IP Sets or Security Groups). Leaving it empty means 'Any'
- action String
- Defines if the rule should 'ALLOW', 'DROP' or 'REJECT' matching traffic
- direction String
- Direction on which Firewall Rule applies (One of 'IN', 'OUT', 'IN_OUT')
- ip
Protocol String - Firewall Rule Protocol (One of 'IPV4', 'IPV6', 'IPV4_IPV6')
- name String
- Firewall Rule name
- app
Port List<String>Profile Ids - A set of Application Port Profile IDs. Leaving it empty means 'Any'
- destination
Ids List<String> - A set of Destination Firewall Group IDs (IP Sets or Security Groups). Leaving it empty means 'Any'
- enabled Boolean
- Defined if Firewall Rule is active
- id String
- Firewall Rule ID
- logging Boolean
- Defines if matching traffic should be logged
- source
Ids List<String> - A set of Source Firewall Group IDs (IP Sets or Security Groups). Leaving it empty means 'Any'
Package Details
- Repository
- vcd vmware/terraform-provider-vcd
- License
- Notes
- This Pulumi package is based on the
vcdTerraform Provider.