Fixed Distributed Firewall Rule Section + Remove NSX-T Service

Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1

@@ -36,7 +36,7 @@ Description = 'PowerShell Module for Managing NSX-T on VMware Cloud on AWS'
 PowerShellVersion = '6.0'
 
 # Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export.
-FunctionsToExport = 'Connect-NSXTProxy', 'Get-NSXTSegment', 'New-NSXTSegment', 'Remove-NSXTSegment', 'Get-NSXTGroup', 'New-NSXTGroup', 'Remove-NSXTGroup', 'Get-NSXTService', 'New-NSXTService', 'Get-NSXTFirewall', 'New-NSXTFirewall', 'Remove-NSXTFirewall', 'Get-NSXTDistFirewallSection', 'Get-NSXTDistFirewall', 'New-NSXTDistFirewall', 'Remove-NSXTDistFirewall', 'Get-NSXTRouteTable', 'Get-NSXTOverviewInfo', 'Get-NSXTInfraScope', 'Get-NSXTInfraGroup', 'New-NSXTRouteBasedVPN', 'Get-NSXTRouteBasedVPN', 'Remove-NSXTRouteBasedVPN'
+FunctionsToExport = 'Connect-NSXTProxy', 'Get-NSXTSegment', 'New-NSXTSegment', 'Remove-NSXTSegment', 'Get-NSXTGroup', 'New-NSXTGroup', 'Remove-NSXTGroup', 'Get-NSXTService', 'New-NSXTService', 'Get-NSXTFirewall', 'New-NSXTFirewall', 'Remove-NSXTFirewall', 'Get-NSXTDistFirewallSection', 'Get-NSXTDistFirewall', 'New-NSXTDistFirewall', 'Remove-NSXTDistFirewall', 'Get-NSXTRouteTable', 'Get-NSXTOverviewInfo', 'Get-NSXTInfraScope', 'Get-NSXTInfraGroup', 'New-NSXTRouteBasedVPN', 'Get-NSXTRouteBasedVPN', 'Remove-NSXTRouteBasedVPN', 'Remove-NSXTService', 'New-NSXTDistFirewallSection', 'Get-NSXTDistFirewallSection'
 # Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export.
 CmdletsToExport = @()
 

Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1

@@ -520,7 +520,7 @@ Function New-NSXTFirewall {
             if($serviceName -eq "ANY") {
                 $services = @("ANY")
             } else {
-                $tmp = "/infra/services/$serviceName"
+                $tmp = (Get-NSXTService -Name "$serviceName").Path
                 $services+=$tmp
             }
         }
@@ -924,6 +924,7 @@ Function Get-NSXTService {
                     Protocol = $serviceProtocol;
                     Source = $serviceSourcePorts;
                     Destination = $serviceDestinationPorts;
+                    Path = $service.path;
                 }
                 $results += $tmp
             }
@@ -932,6 +933,60 @@ Function Get-NSXTService {
     }
 }
 
+Function Remove-NSXTService {
+<#
+    .NOTES
+    ===========================================================================
+    Created by:    William Lam
+    Date:          04/10/2019
+    Organization:  VMware
+    Blog:          http://www.virtuallyghetto.com
+    Twitter:       @lamw
+    ===========================================================================
+
+    .SYNOPSIS
+        Removes an NSX-T Service
+    .DESCRIPTION
+        This cmdlet removes an NSX-T Service
+    .EXAMPLE
+        Remove-NSXTService -Id VMware-Blast -Troubleshoot
+#>
+    Param (
+        [Parameter(Mandatory=$True)]$Id,
+        [Switch]$Troubleshoot
+    )
+
+    If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection  found, please use Connect-NSXTProxy" } Else {
+        $method = "DELETE"
+        $deleteServiceURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/services/$Id"
+
+        if($Troubleshoot) {
+            Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$deleteServiceURL`n"
+        }
+
+        try {
+            if($PSVersionTable.PSEdition -eq "Core") {
+                $requests = Invoke-WebRequest -Uri $deleteServiceURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck
+            } else {
+                $requests = Invoke-WebRequest -Uri $deleteServiceURL -Method $method -Headers $global:nsxtProxyConnection.headers
+            }
+        } catch {
+            if($_.Exception.Response.StatusCode -eq "Unauthorized") {
+                Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n"
+                break
+            } else {
+                Write-Error "Error in removing NSX-T Service"
+                Write-Error "`n($_.Exception.Message)`n"
+                break
+            }
+        }
+
+        if($requests.StatusCode -eq 200) {
+            Write-Host "Successfully removed NSX-T Service $Id"
+        }
+    }
+}
+
 Function New-NSXTService {
 <#
     .NOTES
@@ -1005,81 +1060,127 @@ Function New-NSXTService {
     }
 }
 
+Function New-NSXTDistFirewallSection {
+<#
+    .NOTES
+    ===========================================================================
+    Created by:    William Lam
+    Date:          04/19/2019
+    Organization:  VMware
+    Blog:          http://www.virtuallyghetto.com
+    Twitter:       @lamw
+    ===========================================================================
+
+    .SYNOPSIS
+        Creates new NSX-T Distributed Firewall Section
+    .DESCRIPTION
+        This cmdlet to create new NSX-T Distributed Firewall Section
+    .EXAMPLE
+        Get-NSXTDistFirewallSection -Name "App Section 1" -Category Application
+#>
+    param(
+        [Parameter(Mandatory=$false)][String]$Name,
+        [Parameter(Mandatory=$false)][ValidateSet("Emergency","Infrastructure","Environment","Application")][String]$Category,
+        [Switch]$Troubleshoot
+    )
+
+    If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else {
+        $payload = @{
+            display_name = $Name;
+            category = $Category;
+            resource_type = "CommunicationMap";
+        }
+
+        $body = $payload | ConvertTo-Json -depth 5
+
+        $method = "PUT"
+        $generatedId = (New-Guid).Guid
+        $distFirewallSectionURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/cgw/communication-maps/$generatedId"
+
+        if($Troubleshoot) {
+            Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$distFirewallSectionURL`n"
+        }
+
+        try {
+            if($PSVersionTable.PSEdition -eq "Core") {
+                $requests = Invoke-WebRequest -Uri $distFirewallSectionURL -Method $method -Body $body -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck
+            } else {
+                $requests = Invoke-WebRequest -Uri $distFirewallSectionURL -Method $method -Body $body -Headers $global:nsxtProxyConnection.headers
+            }
+        } catch {
+            if($_.Exception.Response.StatusCode -eq "Unauthorized") {
+                Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n"
+                break
+            } else {
+                Write-Error "Error in creating NSX-T Distributed Firewall Section"
+                Write-Error "`n($_.Exception.Message)`n"
+                break
+            }
+        }
+
+        if($requests.StatusCode -eq 200) {
+            Write-Host "Successfully created new NSX-T Distributed Firewall Section $Section"
+            ($requests.Content | ConvertFrom-Json) | select display_name, id
+        }
+    }
+}
+
 Function Get-NSXTDistFirewallSection {
 <#
     .NOTES
     ===========================================================================
     Created by:    William Lam
-    Date:          01/01/2019
+    Date:          04/19/2019
     Organization:  VMware
     Blog:          http://www.virtuallyghetto.com
     Twitter:       @lamw
     ===========================================================================
 
     .SYNOPSIS
-        Returns all NSX-T Distributed Firewall Groups
+        Returns all NSX-T Distributed Firewall Sections
     .DESCRIPTION
         This cmdlet retrieves all NSX-T Distributed Firewall Sections
     .EXAMPLE
         Get-NSXTDistFirewallSection
-    .EXAMPLE
-        Get-NSXTDistFirewallSection -Name "App Section 1"
-    .EXAMPLE
-        et-NSXTDistFirewallSection -Category Emergency
 #>
     param(
-        [Parameter(Mandatory=$false)][String]$Name,
-        [Parameter(Mandatory=$false)][ValidateSet("Emergency","Infrastructure","Environment","Application")][String]$Category,
+        [Parameter(Mandatory=$true)][String]$Name,
         [Switch]$Troubleshoot
     )
 
     If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else {
         $method = "GET"
-        $distFirewallGroupURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/cgw/communication-maps"
+        $distFirewallSectionURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/cgw/communication-maps"
 
         if($Troubleshoot) {
-            Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$distFirewallGroupURL`n"
+            Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$distFirewallSectionURL`n"
         }
 
         try {
             if($PSVersionTable.PSEdition -eq "Core") {
-                $requests = Invoke-WebRequest -Uri $distFirewallGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck
+                $requests = Invoke-WebRequest -Uri $distFirewallSectionURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck
             } else {
-                $requests = Invoke-WebRequest -Uri $distFirewallGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers
+                $requests = Invoke-WebRequest -Uri $distFirdistFirewallSectionURLwallURL -Method $method -Headers $global:nsxtProxyConnection.headers
             }
         } catch {
             if($_.Exception.Response.StatusCode -eq "Unauthorized") {
                 Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n"
                 break
             } else {
-                Write-Error "Error in retrieving NSX-T Distributed Firewall Sections"
+                Write-Error "Error in retrieving NSX-T Distributed Firewall Section"
                 Write-Error "`n($_.Exception.Message)`n"
                 break
             }
         }
 
         if($requests.StatusCode -eq 200) {
-            $groups = ($requests.Content | ConvertFrom-Json).results
+            $sections = ($requests.Content | ConvertFrom-Json).results
 
             if ($PSBoundParameters.ContainsKey("Name")){
-                $groups = $groups | where {$_.display_name -eq $Name}
-            }
-
-            if ($PSBoundParameters.ContainsKey("Category")){
-                $groups = $groups | where {$_.category -eq $Category}
+                $sections = $sections | where {$_.display_name -eq $Name}
             }
 
-            $results = @()
-            foreach ($group in $groups | Sort-Object -Property category) {
-                $tmp = [pscustomobject] @{
-                    Id = $group.id;
-                    Section = $group.display_name;
-                    Category = $group.category;
-                    Precedence = $group.precedence;
-                }
-                $results+=$tmp
-            }
-            $results
+            $sections | Sort-Object -Propert display_name | select display_name, id
         }
     }
 }
@@ -1329,7 +1430,7 @@ Function New-NSXTDistFirewall {
 
         $method = "PUT"
         $generatedId = (New-Guid).Guid
-        $newDistFirewallURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/cgw/communication-maps/$sectionId/communication-entries/$generatedId"
+        $newDistFirewallURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/cgw/communication-maps/$($sectionId)/communication-entries/$generatedId"
 
         if($Troubleshoot) {
             Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$newDistFirewallURL`n"