-
Notifications
You must be signed in to change notification settings - Fork 16
NSX Security Policy Resource
craig-duffin edited this page Jul 11, 2017
·
8 revisions
The NSX Security Policy resource allows the creation of Security Policies for use by security groups.
resource "nsx_security_policy" "web" {
name = "tf_web_security_policy"
description = "security policy for web role"
precedence = "55002"
securitygroups = ["security_group_id_1"]
}
The following arguments are supported:
-
name
- (Required) Name of security policy. -
description
- (Optional) Description of policy. -
precedence
- (Required) Importance of the rule. -
securitygroups
- (Optional) Comma separated list of security groups to attach policy to.
The SECURITY_POLICY_RULE creates rules on security policies.
resource "nsx_security_policy_rule" "web" {
name = "tf_web_security_policy_rule"
securitypolicyname = "security_policy_name"
action = "allow"
direction = "outbound"
securitygroupids = ["security_group_id_1","security_group_id_2"]
serviceids = ["service_id"]
}
The following arguments are supported:
-
name
- (Required) Name of security policy rule. -
securitypolicyname
- (Required) Name of policy to attach to. -
action
- (Required) "ALLOW" or "BLOCK". -
direction
- (Required) "OUTBOUND" or "INBOUND". -
securitygroupids
- (Required for outbound direction) Comma separated list of groups to add rule to. -
serviceids
- (Required) Comma separated list of services to apply.