Docs Home
vcd 3.14.1 published on Monday, Apr 14, 2025 by vmware
vcd.NsxvFirewallRule
Explore with Pulumi AI
Create NsxvFirewallRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new NsxvFirewallRule(name: string, args: NsxvFirewallRuleArgs, opts?: CustomResourceOptions);@overload
def NsxvFirewallRule(resource_name: str,
args: NsxvFirewallRuleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def NsxvFirewallRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
services: Optional[Sequence[NsxvFirewallRuleServiceArgs]] = None,
source: Optional[NsxvFirewallRuleSourceArgs] = None,
destination: Optional[NsxvFirewallRuleDestinationArgs] = None,
edge_gateway: Optional[str] = None,
name: Optional[str] = None,
logging_enabled: Optional[bool] = None,
above_rule_id: Optional[str] = None,
nsxv_firewall_rule_id: Optional[str] = None,
org: Optional[str] = None,
rule_tag: Optional[float] = None,
rule_type: Optional[str] = None,
enabled: Optional[bool] = None,
action: Optional[str] = None,
vdc: Optional[str] = None)func NewNsxvFirewallRule(ctx *Context, name string, args NsxvFirewallRuleArgs, opts ...ResourceOption) (*NsxvFirewallRule, error)public NsxvFirewallRule(string name, NsxvFirewallRuleArgs args, CustomResourceOptions? opts = null)
public NsxvFirewallRule(String name, NsxvFirewallRuleArgs args)
public NsxvFirewallRule(String name, NsxvFirewallRuleArgs args, CustomResourceOptions options)
type: vcd:NsxvFirewallRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args NsxvFirewallRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args NsxvFirewallRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args NsxvFirewallRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args NsxvFirewallRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args NsxvFirewallRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var nsxvFirewallRuleResource = new Vcd.NsxvFirewallRule("nsxvFirewallRuleResource", new()
{
Services = new[]
{
new Vcd.Inputs.NsxvFirewallRuleServiceArgs
{
Protocol = "string",
Port = "string",
SourcePort = "string",
},
},
Source = new Vcd.Inputs.NsxvFirewallRuleSourceArgs
{
Exclude = false,
GatewayInterfaces = new[]
{
"string",
},
IpAddresses = new[]
{
"string",
},
IpSets = new[]
{
"string",
},
OrgNetworks = new[]
{
"string",
},
VmIds = new[]
{
"string",
},
},
Destination = new Vcd.Inputs.NsxvFirewallRuleDestinationArgs
{
Exclude = false,
GatewayInterfaces = new[]
{
"string",
},
IpAddresses = new[]
{
"string",
},
IpSets = new[]
{
"string",
},
OrgNetworks = new[]
{
"string",
},
VmIds = new[]
{
"string",
},
},
EdgeGateway = "string",
Name = "string",
LoggingEnabled = false,
AboveRuleId = "string",
NsxvFirewallRuleId = "string",
Org = "string",
RuleTag = 0,
RuleType = "string",
Enabled = false,
Action = "string",
Vdc = "string",
});
example, err := vcd.NewNsxvFirewallRule(ctx, "nsxvFirewallRuleResource", &vcd.NsxvFirewallRuleArgs{
Services: vcd.NsxvFirewallRuleServiceArray{
&vcd.NsxvFirewallRuleServiceArgs{
Protocol: pulumi.String("string"),
Port: pulumi.String("string"),
SourcePort: pulumi.String("string"),
},
},
Source: &vcd.NsxvFirewallRuleSourceArgs{
Exclude: pulumi.Bool(false),
GatewayInterfaces: pulumi.StringArray{
pulumi.String("string"),
},
IpAddresses: pulumi.StringArray{
pulumi.String("string"),
},
IpSets: pulumi.StringArray{
pulumi.String("string"),
},
OrgNetworks: pulumi.StringArray{
pulumi.String("string"),
},
VmIds: pulumi.StringArray{
pulumi.String("string"),
},
},
Destination: &vcd.NsxvFirewallRuleDestinationArgs{
Exclude: pulumi.Bool(false),
GatewayInterfaces: pulumi.StringArray{
pulumi.String("string"),
},
IpAddresses: pulumi.StringArray{
pulumi.String("string"),
},
IpSets: pulumi.StringArray{
pulumi.String("string"),
},
OrgNetworks: pulumi.StringArray{
pulumi.String("string"),
},
VmIds: pulumi.StringArray{
pulumi.String("string"),
},
},
EdgeGateway: pulumi.String("string"),
Name: pulumi.String("string"),
LoggingEnabled: pulumi.Bool(false),
AboveRuleId: pulumi.String("string"),
NsxvFirewallRuleId: pulumi.String("string"),
Org: pulumi.String("string"),
RuleTag: pulumi.Float64(0),
RuleType: pulumi.String("string"),
Enabled: pulumi.Bool(false),
Action: pulumi.String("string"),
Vdc: pulumi.String("string"),
})
var nsxvFirewallRuleResource = new NsxvFirewallRule("nsxvFirewallRuleResource", NsxvFirewallRuleArgs.builder()
.services(NsxvFirewallRuleServiceArgs.builder()
.protocol("string")
.port("string")
.sourcePort("string")
.build())
.source(NsxvFirewallRuleSourceArgs.builder()
.exclude(false)
.gatewayInterfaces("string")
.ipAddresses("string")
.ipSets("string")
.orgNetworks("string")
.vmIds("string")
.build())
.destination(NsxvFirewallRuleDestinationArgs.builder()
.exclude(false)
.gatewayInterfaces("string")
.ipAddresses("string")
.ipSets("string")
.orgNetworks("string")
.vmIds("string")
.build())
.edgeGateway("string")
.name("string")
.loggingEnabled(false)
.aboveRuleId("string")
.nsxvFirewallRuleId("string")
.org("string")
.ruleTag(0)
.ruleType("string")
.enabled(false)
.action("string")
.vdc("string")
.build());
nsxv_firewall_rule_resource = vcd.NsxvFirewallRule("nsxvFirewallRuleResource",
services=[{
"protocol": "string",
"port": "string",
"source_port": "string",
}],
source={
"exclude": False,
"gateway_interfaces": ["string"],
"ip_addresses": ["string"],
"ip_sets": ["string"],
"org_networks": ["string"],
"vm_ids": ["string"],
},
destination={
"exclude": False,
"gateway_interfaces": ["string"],
"ip_addresses": ["string"],
"ip_sets": ["string"],
"org_networks": ["string"],
"vm_ids": ["string"],
},
edge_gateway="string",
name="string",
logging_enabled=False,
above_rule_id="string",
nsxv_firewall_rule_id="string",
org="string",
rule_tag=0,
rule_type="string",
enabled=False,
action="string",
vdc="string")
const nsxvFirewallRuleResource = new vcd.NsxvFirewallRule("nsxvFirewallRuleResource", {
services: [{
protocol: "string",
port: "string",
sourcePort: "string",
}],
source: {
exclude: false,
gatewayInterfaces: ["string"],
ipAddresses: ["string"],
ipSets: ["string"],
orgNetworks: ["string"],
vmIds: ["string"],
},
destination: {
exclude: false,
gatewayInterfaces: ["string"],
ipAddresses: ["string"],
ipSets: ["string"],
orgNetworks: ["string"],
vmIds: ["string"],
},
edgeGateway: "string",
name: "string",
loggingEnabled: false,
aboveRuleId: "string",
nsxvFirewallRuleId: "string",
org: "string",
ruleTag: 0,
ruleType: "string",
enabled: false,
action: "string",
vdc: "string",
});
type: vcd:NsxvFirewallRule
properties:
aboveRuleId: string
action: string
destination:
exclude: false
gatewayInterfaces:
- string
ipAddresses:
- string
ipSets:
- string
orgNetworks:
- string
vmIds:
- string
edgeGateway: string
enabled: false
loggingEnabled: false
name: string
nsxvFirewallRuleId: string
org: string
ruleTag: 0
ruleType: string
services:
- port: string
protocol: string
sourcePort: string
source:
exclude: false
gatewayInterfaces:
- string
ipAddresses:
- string
ipSets:
- string
orgNetworks:
- string
vmIds:
- string
vdc: string
NsxvFirewallRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The NsxvFirewallRule resource accepts the following input properties:
- Destination
Nsxv
Firewall Rule Destination - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- Edge
Gateway string - The name of the edge gateway on which to apply the firewall rule.
- Services
List<Nsxv
Firewall Rule Service> One or more blocks to define protocol and port details. Use multiple blocks if you want to define multiple port/protocol combinations for the same rule. See Service and example for usage details.
- Source
Nsxv
Firewall Rule Source - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- Above
Rule stringId - This can be used to alter default rule placement order. By default every rule is appended to the end of firewall rule list. When a value of another rule is set - this rule will be placed above the specified rule.
- Action string
- Defines if the rule is set to
acceptordenytraffic. Defaultaccept - Enabled bool
- Defines if the rule is enabaled. Default
true. - Logging
Enabled bool - Defines if the logging for this rule is enabaled. Default
false. - Name string
- Free text name. Can be duplicate.
- Nsxv
Firewall stringRule Id - Org string
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- Rule
Tag double - This can be used to specify user-controlled rule tag. If not specified, it will report rule ID after creation. Must be between 65537-131072.
- Rule
Type string - Possible values -
user,internal_high. - Vdc string
- The name of VDC to use, optional if defined at provider level.
- Destination
Nsxv
Firewall Rule Destination Args - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- Edge
Gateway string - The name of the edge gateway on which to apply the firewall rule.
- Services
[]Nsxv
Firewall Rule Service Args One or more blocks to define protocol and port details. Use multiple blocks if you want to define multiple port/protocol combinations for the same rule. See Service and example for usage details.
- Source
Nsxv
Firewall Rule Source Args - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- Above
Rule stringId - This can be used to alter default rule placement order. By default every rule is appended to the end of firewall rule list. When a value of another rule is set - this rule will be placed above the specified rule.
- Action string
- Defines if the rule is set to
acceptordenytraffic. Defaultaccept - Enabled bool
- Defines if the rule is enabaled. Default
true. - Logging
Enabled bool - Defines if the logging for this rule is enabaled. Default
false. - Name string
- Free text name. Can be duplicate.
- Nsxv
Firewall stringRule Id - Org string
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- Rule
Tag float64 - This can be used to specify user-controlled rule tag. If not specified, it will report rule ID after creation. Must be between 65537-131072.
- Rule
Type string - Possible values -
user,internal_high. - Vdc string
- The name of VDC to use, optional if defined at provider level.
- destination
Nsxv
Firewall Rule Destination - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- edge
Gateway String - The name of the edge gateway on which to apply the firewall rule.
- services
List<Nsxv
Firewall Rule Service> One or more blocks to define protocol and port details. Use multiple blocks if you want to define multiple port/protocol combinations for the same rule. See Service and example for usage details.
- source
Nsxv
Firewall Rule Source - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- above
Rule StringId - This can be used to alter default rule placement order. By default every rule is appended to the end of firewall rule list. When a value of another rule is set - this rule will be placed above the specified rule.
- action String
- Defines if the rule is set to
acceptordenytraffic. Defaultaccept - enabled Boolean
- Defines if the rule is enabaled. Default
true. - logging
Enabled Boolean - Defines if the logging for this rule is enabaled. Default
false. - name String
- Free text name. Can be duplicate.
- nsxv
Firewall StringRule Id - org String
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- rule
Tag Double - This can be used to specify user-controlled rule tag. If not specified, it will report rule ID after creation. Must be between 65537-131072.
- rule
Type String - Possible values -
user,internal_high. - vdc String
- The name of VDC to use, optional if defined at provider level.
- destination
Nsxv
Firewall Rule Destination - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- edge
Gateway string - The name of the edge gateway on which to apply the firewall rule.
- services
Nsxv
Firewall Rule Service[] One or more blocks to define protocol and port details. Use multiple blocks if you want to define multiple port/protocol combinations for the same rule. See Service and example for usage details.
- source
Nsxv
Firewall Rule Source - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- above
Rule stringId - This can be used to alter default rule placement order. By default every rule is appended to the end of firewall rule list. When a value of another rule is set - this rule will be placed above the specified rule.
- action string
- Defines if the rule is set to
acceptordenytraffic. Defaultaccept - enabled boolean
- Defines if the rule is enabaled. Default
true. - logging
Enabled boolean - Defines if the logging for this rule is enabaled. Default
false. - name string
- Free text name. Can be duplicate.
- nsxv
Firewall stringRule Id - org string
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- rule
Tag number - This can be used to specify user-controlled rule tag. If not specified, it will report rule ID after creation. Must be between 65537-131072.
- rule
Type string - Possible values -
user,internal_high. - vdc string
- The name of VDC to use, optional if defined at provider level.
- destination
Nsxv
Firewall Rule Destination Args - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- edge_
gateway str - The name of the edge gateway on which to apply the firewall rule.
- services
Sequence[Nsxv
Firewall Rule Service Args] One or more blocks to define protocol and port details. Use multiple blocks if you want to define multiple port/protocol combinations for the same rule. See Service and example for usage details.
- source
Nsxv
Firewall Rule Source Args - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- above_
rule_ strid - This can be used to alter default rule placement order. By default every rule is appended to the end of firewall rule list. When a value of another rule is set - this rule will be placed above the specified rule.
- action str
- Defines if the rule is set to
acceptordenytraffic. Defaultaccept - enabled bool
- Defines if the rule is enabaled. Default
true. - logging_
enabled bool - Defines if the logging for this rule is enabaled. Default
false. - name str
- Free text name. Can be duplicate.
- nsxv_
firewall_ strrule_ id - org str
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- rule_
tag float - This can be used to specify user-controlled rule tag. If not specified, it will report rule ID after creation. Must be between 65537-131072.
- rule_
type str - Possible values -
user,internal_high. - vdc str
- The name of VDC to use, optional if defined at provider level.
- destination Property Map
- Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- edge
Gateway String - The name of the edge gateway on which to apply the firewall rule.
- services List<Property Map>
One or more blocks to define protocol and port details. Use multiple blocks if you want to define multiple port/protocol combinations for the same rule. See Service and example for usage details.
- source Property Map
- Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- above
Rule StringId - This can be used to alter default rule placement order. By default every rule is appended to the end of firewall rule list. When a value of another rule is set - this rule will be placed above the specified rule.
- action String
- Defines if the rule is set to
acceptordenytraffic. Defaultaccept - enabled Boolean
- Defines if the rule is enabaled. Default
true. - logging
Enabled Boolean - Defines if the logging for this rule is enabaled. Default
false. - name String
- Free text name. Can be duplicate.
- nsxv
Firewall StringRule Id - org String
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- rule
Tag Number - This can be used to specify user-controlled rule tag. If not specified, it will report rule ID after creation. Must be between 65537-131072.
- rule
Type String - Possible values -
user,internal_high. - vdc String
- The name of VDC to use, optional if defined at provider level.
Outputs
All input properties are implicitly available as output properties. Additionally, the NsxvFirewallRule resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing NsxvFirewallRule Resource
Get an existing NsxvFirewallRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: NsxvFirewallRuleState, opts?: CustomResourceOptions): NsxvFirewallRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
above_rule_id: Optional[str] = None,
action: Optional[str] = None,
destination: Optional[NsxvFirewallRuleDestinationArgs] = None,
edge_gateway: Optional[str] = None,
enabled: Optional[bool] = None,
logging_enabled: Optional[bool] = None,
name: Optional[str] = None,
nsxv_firewall_rule_id: Optional[str] = None,
org: Optional[str] = None,
rule_tag: Optional[float] = None,
rule_type: Optional[str] = None,
services: Optional[Sequence[NsxvFirewallRuleServiceArgs]] = None,
source: Optional[NsxvFirewallRuleSourceArgs] = None,
vdc: Optional[str] = None) -> NsxvFirewallRulefunc GetNsxvFirewallRule(ctx *Context, name string, id IDInput, state *NsxvFirewallRuleState, opts ...ResourceOption) (*NsxvFirewallRule, error)public static NsxvFirewallRule Get(string name, Input<string> id, NsxvFirewallRuleState? state, CustomResourceOptions? opts = null)public static NsxvFirewallRule get(String name, Output<String> id, NsxvFirewallRuleState state, CustomResourceOptions options)resources: _: type: vcd:NsxvFirewallRule get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Above
Rule stringId - This can be used to alter default rule placement order. By default every rule is appended to the end of firewall rule list. When a value of another rule is set - this rule will be placed above the specified rule.
- Action string
- Defines if the rule is set to
acceptordenytraffic. Defaultaccept - Destination
Nsxv
Firewall Rule Destination - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- Edge
Gateway string - The name of the edge gateway on which to apply the firewall rule.
- Enabled bool
- Defines if the rule is enabaled. Default
true. - Logging
Enabled bool - Defines if the logging for this rule is enabaled. Default
false. - Name string
- Free text name. Can be duplicate.
- Nsxv
Firewall stringRule Id - Org string
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- Rule
Tag double - This can be used to specify user-controlled rule tag. If not specified, it will report rule ID after creation. Must be between 65537-131072.
- Rule
Type string - Possible values -
user,internal_high. - Services
List<Nsxv
Firewall Rule Service> One or more blocks to define protocol and port details. Use multiple blocks if you want to define multiple port/protocol combinations for the same rule. See Service and example for usage details.
- Source
Nsxv
Firewall Rule Source - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- Vdc string
- The name of VDC to use, optional if defined at provider level.
- Above
Rule stringId - This can be used to alter default rule placement order. By default every rule is appended to the end of firewall rule list. When a value of another rule is set - this rule will be placed above the specified rule.
- Action string
- Defines if the rule is set to
acceptordenytraffic. Defaultaccept - Destination
Nsxv
Firewall Rule Destination Args - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- Edge
Gateway string - The name of the edge gateway on which to apply the firewall rule.
- Enabled bool
- Defines if the rule is enabaled. Default
true. - Logging
Enabled bool - Defines if the logging for this rule is enabaled. Default
false. - Name string
- Free text name. Can be duplicate.
- Nsxv
Firewall stringRule Id - Org string
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- Rule
Tag float64 - This can be used to specify user-controlled rule tag. If not specified, it will report rule ID after creation. Must be between 65537-131072.
- Rule
Type string - Possible values -
user,internal_high. - Services
[]Nsxv
Firewall Rule Service Args One or more blocks to define protocol and port details. Use multiple blocks if you want to define multiple port/protocol combinations for the same rule. See Service and example for usage details.
- Source
Nsxv
Firewall Rule Source Args - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- Vdc string
- The name of VDC to use, optional if defined at provider level.
- above
Rule StringId - This can be used to alter default rule placement order. By default every rule is appended to the end of firewall rule list. When a value of another rule is set - this rule will be placed above the specified rule.
- action String
- Defines if the rule is set to
acceptordenytraffic. Defaultaccept - destination
Nsxv
Firewall Rule Destination - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- edge
Gateway String - The name of the edge gateway on which to apply the firewall rule.
- enabled Boolean
- Defines if the rule is enabaled. Default
true. - logging
Enabled Boolean - Defines if the logging for this rule is enabaled. Default
false. - name String
- Free text name. Can be duplicate.
- nsxv
Firewall StringRule Id - org String
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- rule
Tag Double - This can be used to specify user-controlled rule tag. If not specified, it will report rule ID after creation. Must be between 65537-131072.
- rule
Type String - Possible values -
user,internal_high. - services
List<Nsxv
Firewall Rule Service> One or more blocks to define protocol and port details. Use multiple blocks if you want to define multiple port/protocol combinations for the same rule. See Service and example for usage details.
- source
Nsxv
Firewall Rule Source - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- vdc String
- The name of VDC to use, optional if defined at provider level.
- above
Rule stringId - This can be used to alter default rule placement order. By default every rule is appended to the end of firewall rule list. When a value of another rule is set - this rule will be placed above the specified rule.
- action string
- Defines if the rule is set to
acceptordenytraffic. Defaultaccept - destination
Nsxv
Firewall Rule Destination - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- edge
Gateway string - The name of the edge gateway on which to apply the firewall rule.
- enabled boolean
- Defines if the rule is enabaled. Default
true. - logging
Enabled boolean - Defines if the logging for this rule is enabaled. Default
false. - name string
- Free text name. Can be duplicate.
- nsxv
Firewall stringRule Id - org string
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- rule
Tag number - This can be used to specify user-controlled rule tag. If not specified, it will report rule ID after creation. Must be between 65537-131072.
- rule
Type string - Possible values -
user,internal_high. - services
Nsxv
Firewall Rule Service[] One or more blocks to define protocol and port details. Use multiple blocks if you want to define multiple port/protocol combinations for the same rule. See Service and example for usage details.
- source
Nsxv
Firewall Rule Source - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- vdc string
- The name of VDC to use, optional if defined at provider level.
- above_
rule_ strid - This can be used to alter default rule placement order. By default every rule is appended to the end of firewall rule list. When a value of another rule is set - this rule will be placed above the specified rule.
- action str
- Defines if the rule is set to
acceptordenytraffic. Defaultaccept - destination
Nsxv
Firewall Rule Destination Args - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- edge_
gateway str - The name of the edge gateway on which to apply the firewall rule.
- enabled bool
- Defines if the rule is enabaled. Default
true. - logging_
enabled bool - Defines if the logging for this rule is enabaled. Default
false. - name str
- Free text name. Can be duplicate.
- nsxv_
firewall_ strrule_ id - org str
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- rule_
tag float - This can be used to specify user-controlled rule tag. If not specified, it will report rule ID after creation. Must be between 65537-131072.
- rule_
type str - Possible values -
user,internal_high. - services
Sequence[Nsxv
Firewall Rule Service Args] One or more blocks to define protocol and port details. Use multiple blocks if you want to define multiple port/protocol combinations for the same rule. See Service and example for usage details.
- source
Nsxv
Firewall Rule Source Args - Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- vdc str
- The name of VDC to use, optional if defined at provider level.
- above
Rule StringId - This can be used to alter default rule placement order. By default every rule is appended to the end of firewall rule list. When a value of another rule is set - this rule will be placed above the specified rule.
- action String
- Defines if the rule is set to
acceptordenytraffic. Defaultaccept - destination Property Map
- Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- edge
Gateway String - The name of the edge gateway on which to apply the firewall rule.
- enabled Boolean
- Defines if the rule is enabaled. Default
true. - logging
Enabled Boolean - Defines if the logging for this rule is enabaled. Default
false. - name String
- Free text name. Can be duplicate.
- nsxv
Firewall StringRule Id - org String
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- rule
Tag Number - This can be used to specify user-controlled rule tag. If not specified, it will report rule ID after creation. Must be between 65537-131072.
- rule
Type String - Possible values -
user,internal_high. - services List<Property Map>
One or more blocks to define protocol and port details. Use multiple blocks if you want to define multiple port/protocol combinations for the same rule. See Service and example for usage details.
- source Property Map
- Exactly one block to define source criteria for firewall. See Endpoint and example for usage details.
- vdc String
- The name of VDC to use, optional if defined at provider level.
Supporting Types
NsxvFirewallRuleDestination, NsxvFirewallRuleDestinationArgs
- Exclude bool
- Rule is applied to traffic going to any destinations except for the excluded destination. Default 'false'
- Gateway
Interfaces List<string> - 'vse', 'internal', 'external' or network name
- Ip
Addresses List<string> - IP address, CIDR, an IP range, or the keyword 'any'
- Ip
Sets List<string> - Set of IP set names
- Org
Networks List<string> - Set of org network names
- Vm
Ids List<string> - Set of VM IDs
- Exclude bool
- Rule is applied to traffic going to any destinations except for the excluded destination. Default 'false'
- Gateway
Interfaces []string - 'vse', 'internal', 'external' or network name
- Ip
Addresses []string - IP address, CIDR, an IP range, or the keyword 'any'
- Ip
Sets []string - Set of IP set names
- Org
Networks []string - Set of org network names
- Vm
Ids []string - Set of VM IDs
- exclude Boolean
- Rule is applied to traffic going to any destinations except for the excluded destination. Default 'false'
- gateway
Interfaces List<String> - 'vse', 'internal', 'external' or network name
- ip
Addresses List<String> - IP address, CIDR, an IP range, or the keyword 'any'
- ip
Sets List<String> - Set of IP set names
- org
Networks List<String> - Set of org network names
- vm
Ids List<String> - Set of VM IDs
- exclude boolean
- Rule is applied to traffic going to any destinations except for the excluded destination. Default 'false'
- gateway
Interfaces string[] - 'vse', 'internal', 'external' or network name
- ip
Addresses string[] - IP address, CIDR, an IP range, or the keyword 'any'
- ip
Sets string[] - Set of IP set names
- org
Networks string[] - Set of org network names
- vm
Ids string[] - Set of VM IDs
- exclude bool
- Rule is applied to traffic going to any destinations except for the excluded destination. Default 'false'
- gateway_
interfaces Sequence[str] - 'vse', 'internal', 'external' or network name
- ip_
addresses Sequence[str] - IP address, CIDR, an IP range, or the keyword 'any'
- ip_
sets Sequence[str] - Set of IP set names
- org_
networks Sequence[str] - Set of org network names
- vm_
ids Sequence[str] - Set of VM IDs
- exclude Boolean
- Rule is applied to traffic going to any destinations except for the excluded destination. Default 'false'
- gateway
Interfaces List<String> - 'vse', 'internal', 'external' or network name
- ip
Addresses List<String> - IP address, CIDR, an IP range, or the keyword 'any'
- ip
Sets List<String> - Set of IP set names
- org
Networks List<String> - Set of org network names
- vm
Ids List<String> - Set of VM IDs
NsxvFirewallRuleService, NsxvFirewallRuleServiceArgs
- Protocol string
- Port string
- Source
Port string
- Protocol string
- Port string
- Source
Port string
- protocol String
- port String
- source
Port String
- protocol string
- port string
- source
Port string
- protocol str
- port str
- source_
port str
- protocol String
- port String
- source
Port String
NsxvFirewallRuleSource, NsxvFirewallRuleSourceArgs
- Exclude bool
- Rule is applied to traffic coming from all sources except for the excluded source. Default 'false'
- Gateway
Interfaces List<string> - 'vse', 'internal', 'external' or network name
- Ip
Addresses List<string> - IP address, CIDR, an IP range, or the keyword 'any'
- Ip
Sets List<string> - Set of IP set names
- Org
Networks List<string> - Set of org network names
- Vm
Ids List<string> - Set of VM IDs
- Exclude bool
- Rule is applied to traffic coming from all sources except for the excluded source. Default 'false'
- Gateway
Interfaces []string - 'vse', 'internal', 'external' or network name
- Ip
Addresses []string - IP address, CIDR, an IP range, or the keyword 'any'
- Ip
Sets []string - Set of IP set names
- Org
Networks []string - Set of org network names
- Vm
Ids []string - Set of VM IDs
- exclude Boolean
- Rule is applied to traffic coming from all sources except for the excluded source. Default 'false'
- gateway
Interfaces List<String> - 'vse', 'internal', 'external' or network name
- ip
Addresses List<String> - IP address, CIDR, an IP range, or the keyword 'any'
- ip
Sets List<String> - Set of IP set names
- org
Networks List<String> - Set of org network names
- vm
Ids List<String> - Set of VM IDs
- exclude boolean
- Rule is applied to traffic coming from all sources except for the excluded source. Default 'false'
- gateway
Interfaces string[] - 'vse', 'internal', 'external' or network name
- ip
Addresses string[] - IP address, CIDR, an IP range, or the keyword 'any'
- ip
Sets string[] - Set of IP set names
- org
Networks string[] - Set of org network names
- vm
Ids string[] - Set of VM IDs
- exclude bool
- Rule is applied to traffic coming from all sources except for the excluded source. Default 'false'
- gateway_
interfaces Sequence[str] - 'vse', 'internal', 'external' or network name
- ip_
addresses Sequence[str] - IP address, CIDR, an IP range, or the keyword 'any'
- ip_
sets Sequence[str] - Set of IP set names
- org_
networks Sequence[str] - Set of org network names
- vm_
ids Sequence[str] - Set of VM IDs
- exclude Boolean
- Rule is applied to traffic coming from all sources except for the excluded source. Default 'false'
- gateway
Interfaces List<String> - 'vse', 'internal', 'external' or network name
- ip
Addresses List<String> - IP address, CIDR, an IP range, or the keyword 'any'
- ip
Sets List<String> - Set of IP set names
- org
Networks List<String> - Set of org network names
- vm
Ids List<String> - Set of VM IDs
Package Details
- Repository
- vcd vmware/terraform-provider-vcd
- License
- Notes
- This Pulumi package is based on the
vcdTerraform Provider.