Bite-size pieces of knowledge about tech

Context Profile Paths for NSX-T Terraform Provider

Share Tweet Share

While writing Terraform for NSX-T, I found myself yearning to have a quick-list of all the available Context Profile (L7) entries available that are pre-created in NSX-T for use in DFW rules. So, I decided to export all of them via the API Command

GET https://<yourserver>/api/v1/ns-profiles

The result is a bunch of JSON, which I parsed/converted into a .tf file that can be consumed in Terraform.

Basically, its a list of variables that you can easily reference in your code. For example, here is an excerpt of the context_profiles_paths.tf file:

 variable "_360ANTIV" {
   description = "360 Safeguard is a program developed by Qihoo 360"
   default     = "/infra/context-profiles/360ANTIV"
 variable "ACTIVDIR" {
   description = "Microsoft Active Directory"
   default     = "/infra/context-profiles/ACTIVDIR"
 variable "AMQP" {
   description = "Advanced Message Queueing Protocol (AMQP) is an application layer protocol which supports business message communication between applications or organizations"
   default = "/infra/context-profiles/AMQP"
 variable "AVAST" {
   description = "Traffic generated by browsing Avast.com official website of Avast! Antivirus downloads."
   default = "/infra/context-profiles/AVAST"

I can use one of these variables in my code such as (note the var.ACTIVEDIR):

 resource "nsxt_policy_security_policy" "AD_Policy" {
  display_name = "AD Policy"
  description  = "Terraform provisioned Security Policy"
  category     = "Application"

  rule {
    display_name = "Allow Active Directory"
    action       = "ALLOW"
    logged       = true
    disabled     = true
    profiles     = [var.ACTIVDIR]

Get a copy of the Context Profile paths here

More Info

Official NSX-T Terraform Provider

NSX-T Terraform Provider GitHub Page

comments powered by Disqus

Receive Updates