saltext.vmware.modules.vmc_security_groups#
Salt execution module for security groups Provides methods to Create, Read, Update and Delete security groups.
- saltext.vmware.modules.vmc_security_groups.get(hostname, refresh_key, authorization_host, org_id, sddc_id, domain_id, verify_ssl=True, cert=None, cursor=None, page_size=None, sort_by=None, sort_ascending=None)[source]#
Retrieves security groups from Given SDDC
CLI Example:
salt vm_minion vmc_security_groups.get hostname=nsxt-manager.local ...
- hostname
The host name of NSX-T manager
- refresh_key
refresh_key to get access token
- authorization_host
hostname to get access token
- org_id
org_id of the SDDC
- sddc_id
sddc_id from which security groupss should be retrieved
- domain_id
The domain_id for which the security groups should be retrieved
- verify_ssl
(Optional) Option to enable/disable SSL verification. Enabled by default. If set to False, the certificate validation is skipped.
- cert
(Optional) Path to the SSL client certificate file to connect to VMC Cloud Console. The certificate can be retrieved from browser.
- cursor
(Optional) Opaque cursor to be used for getting next page of records (supplied by current result page)
- page_size
(Optional) Maximum number of results to return in this page. Default page size is 1000.
- sort_by
(Optional) Field by which records are sorted
- sort_ascending
(Optional) Boolean value to sort result in ascending order. Enabled by default.
- saltext.vmware.modules.vmc_security_groups.get_by_id(hostname, refresh_key, authorization_host, org_id, sddc_id, domain_id, security_group_id, verify_ssl=True, cert=None)[source]#
Retrieves security groups from Given SDDC
CLI Example:
salt vm_minion vmc_security_groups.get_by_id hostname=nsxt-manager.local security_group_id ...
- hostname
The host name of NSX-T manager
- refresh_key
refresh_key to get access token
- authorization_host
hostname to get access token
- org_id
org_id of the SDDC
- sddc_id
sddc_id from which security groups should be retrieved
- domain_id
The domain_id for which the security groups should be retrieved
- scurity_group_id
Id of the security group to be retrieved from SDDC
- verify_ssl
(Optional) Option to enable/disable SSL verification. Enabled by default. If set to False, the certificate validation is skipped.
- cert
(Optional) Path to the SSL client certificate file to connect to VMC Cloud Console. The certificate can be retrieved from browser.
- saltext.vmware.modules.vmc_security_groups.delete(hostname, refresh_key, authorization_host, org_id, sddc_id, domain_id, security_group_id, verify_ssl=True, cert=None)[source]#
Delete security groups from Given SDDC
CLI Example:
salt vm_minion vmc_security_groups.delete hostname=nsxt-manager.local security_group_id=security_group_id ...
- hostname
The host name of NSX-T manager
- refresh_key
refresh_key to get access token
- authorization_host
hostname to get access token
- org_id
org_id of the SDDC
- sddc_id
sddc_id from which security groups will be deleted
- domain_id
The domain_id for which the security groups should be deleted
- security_group_id
sepcific security groups id
- verify_ssl
(Optional) Option to enable/disable SSL verification. Enabled by default. If set to False, the certificate validation is skipped.
- cert
(Optional) Path to the SSL client certificate file to connect to VMC Cloud Console. The certificate can be retrieved from browser.
- saltext.vmware.modules.vmc_security_groups.create(hostname, refresh_key, authorization_host, org_id, sddc_id, domain_id, security_group_id, verify_ssl=True, cert=None, expression=None, description=None, tags='USER_DEFINED_NONE')[source]#
Create security groups for Given SDDC
CLI Example:
salt vm_minion vmc_security_groups.create hostname=nsxt-manager.local public_ip_name=vmc_security_groups ...
- hostname
The host name of NSX-T manager
- refresh_key
refresh_key to get access token
- authorization_host
hostname to get access token
- org_id
org_id of the SDDC
- sddc_id
sddc_id for which security groups should be retrieved.
- domain_id
The domain_id for which the security groups should be retrieved. Possible values: mgw and cgw
- security_group_id
name of security groups it will create id same as name.
- verify_ssl
(Optional) Option to enable/disable SSL verification. Enabled by default. If set to False, the certificate validation is skipped.
- cert
(Optional) Path to the SSL certificate file to connect to NSX-T manager. The certificate can be retrieved from browser.
- expression
- (Optional) Expression for security group members
The expression list must follow below criteria: 1. A non-empty expression list, must be of odd size. In a list, with indices starting from 0, all non-conjunction expressions must be at even indices, separated by a conjunction expression at odd indices. 2. The total of ConditionExpression and NestedExpression in a list should not exceed 5. 3. The total of IPAddressExpression, MACAddressExpression, external IDs in an ExternalIDExpression and paths in a PathExpression must not exceed 500. 4. Each expression must be a valid Expression. See the definition of the Expression type for more information.
Its list of dicts
Example values
1. [{“member_type”:”VirtualMachine”,”resource_type”:”ExternalIDExpression”, “external_ids”:[“52bf8bd0-95b1-2e58-5180-ccfa743da576”]}]
[{“value”:”Linux”,”member_type”:”VirtualMachine”,”key”:”OSName”, “operator”:”EQUALS”,”resource_type”:”Condition”}, {“resource_type”:”ConjunctionOperator”,”conjunction_operator”:”OR”}, {“member_type”:”VirtualMachine”,”resource_type”:”ExternalIDExpression”, “external_ids”:[“52bf8bd0-95b1-2e58-5180-ccfa743da576”]}]
- [{“ip_addresses”[“10.2.23.1”, “10.2.23.2”],
“resource_type” : “IPAddressExpression”} ]
default value is []
- description
- (Optional) Description of Security Groups
default value is “”
- tags
- (Optional) Opaque identifiers meaningful to the API user. Maximum 30 tags can be associated:
default value is []
tags='[ { "tag": "<tag-key-1>" "scope": "<tag-value-1>" }, { "tag": "<tag-key-2>" "scope": "<tag-value-2>" } ]'
Example values:
{ "expression": [ { "member_type": "VirtualMachine", "value": "webvm", "key": "Tag", "operator": "EQUALS", "resource_type": "Condition" } ], "description": "web group" }
Please refer the Security Groups to get insight of input parameters
- saltext.vmware.modules.vmc_security_groups.update(hostname, refresh_key, authorization_host, org_id, sddc_id, domain_id, security_group_id, verify_ssl=True, cert=None, expression=None, description=None, tags='USER_DEFINED_NONE', display_name=None)[source]#
Update security groups for Given SDDC
CLI Example:
salt vm_minion vmc_security_groups.update hostname=nsxt-manager.local public_ip_name=vmc_security_groups ...
- hostname
The host name of NSX-T manager
- refresh_key
refresh_key to get access token
- authorization_host
hostname to get access token
- org_id
org_id of the SDDC
- sddc_id
sddc_id for which security groups should be retrieved
- domain_id
The domain_id for which the security groups should be retrieved. Possible values: mgw and cgw
- security_group_id
name of security groups it will update
- verify_ssl
(Optional) Option to enable/disable SSL verification. Enabled by default. If set to False, the certificate validation is skipped.
- cert
(Optional) Path to the SSL certificate file to connect to NSX-T manager. The certificate can be retrieved from browser.
- expression
- (Optional) Expression for security group members
The expression list must follow below criteria: 1. A non-empty expression list, must be of odd size. In a list, with indices starting from 0, all non-conjunction expressions must be at even indices, separated by a conjunction expression at odd indices. 2. The total of ConditionExpression and NestedExpression in a list should not exceed 5. 3. The total of IPAddressExpression, MACAddressExpression, external IDs in an ExternalIDExpression and paths in a PathExpression must not exceed 500. 4. Each expression must be a valid Expression. See the definition of the Expression type for more information.
- Its list of dicts
Example values
1. [{“member_type”:”VirtualMachine”,”resource_type”:”ExternalIDExpression”, “external_ids”:[“52bf8bd0-95b1-2e58-5180-ccfa743da576”]}]
[{“value”:”Linux”,”member_type”:”VirtualMachine”,”key”:”OSName”, “operator”:”EQUALS”,”resource_type”:”Condition”}, {“resource_type”:”ConjunctionOperator”,”conjunction_operator”:”OR”}, {“member_type”:”VirtualMachine”,”resource_type”:”ExternalIDExpression”, “external_ids”:[“52bf8bd0-95b1-2e58-5180-ccfa743da576”]}]
- [{ip_addresses”[“10.2.23.1”, “10.2.23.2”],
“resource_type” : “IPAddressExpression”} ]
default value is []
- description
(Optional) Description of Security Groups default value is “”
- tags
(Optional) Opaque identifiers meaningful to the API user. Maximum 30 tags can be associated: default value is [] empty list
tags='[ { "tag": "<tag-key-1>" "scope": "<tag-value-1>" }, { "tag": "<tag-key-2>" "scope": "<tag-value-2>" } ]'
- display_name
Identifier to use when displaying entity in logs or GUI
Example values:
{ "expression": [ { "member_type": "VirtualMachine", "value": "webvm", "key": "Tag", "operator": "EQUALS", "resource_type": "Condition" } ], "description": "web group" }
Please refer the Security groups update to get insight of input parameters