Skip to content

NSX Security Policy Resource

Jump to bottom
craig-duffin edited this page Jul 11, 2017 · 8 revisions

The NSX Security Policy resource allows the creation of Security Policies for use by security groups.

Example Usage

resource "nsx_security_policy" "web" {
       name = "tf_web_security_policy"
       description = "security policy for web role"
       precedence  = "55002"
       securitygroups = ["security_group_id_1"]
}

Argument Reference

The following arguments are supported:

  • name - (Required) Name of security policy.
  • description - (Optional) Description of policy.
  • precedence - (Required) Importance of the rule.
  • securitygroups - (Optional) Comma separated list of security groups to attach policy to.

NSX_SECURITY_POLICY_RULE resource

The SECURITY_POLICY_RULE creates rules on security policies.

Example Usage

resource "nsx_security_policy_rule" "web" {
      name = "tf_web_security_policy_rule"
      securitypolicyname = "security_policy_name"
      action = "allow"
      direction = "outbound"
      securitygroupids = ["security_group_id_1","security_group_id_2"]
      serviceids = ["service_id"]
}

Argument Reference

The following arguments are supported:

  • name - (Required) Name of security policy rule.
  • securitypolicyname - (Required) Name of policy to attach to.
  • action - (Required) "ALLOW" or "BLOCK".
  • direction - (Required) "OUTBOUND" or "INBOUND".
  • securitygroupids - (Required for outbound direction) Comma separated list of groups to add rule to.
  • serviceids - (Required) Comma separated list of services to apply.
Clone this wiki locally