While writing Terraform for NSX-T, I found myself yearning to have a quick-list of all the available Context Profile (L7) entries available that are pre-created in NSX-T for use in DFW rules. So, I decided to export all of them via the API Command
GET https://<yourserver>/api/v1/ns-profiles
The result is a bunch of JSON, which I parsed/converted into a .tf file that can be consumed in Terraform.
Basically, its a list of variables that you can easily reference in your code. For example, here is an excerpt of the context_profiles_paths.tf file:
variable "_360ANTIV" {
description = "360 Safeguard is a program developed by Qihoo 360"
default = "/infra/context-profiles/360ANTIV"
}
variable "ACTIVDIR" {
description = "Microsoft Active Directory"
default = "/infra/context-profiles/ACTIVDIR"
}
variable "AMQP" {
description = "Advanced Message Queueing Protocol (AMQP) is an application layer protocol which supports business message communication between applications or organizations"
default = "/infra/context-profiles/AMQP"
}
variable "AVAST" {
description = "Traffic generated by browsing Avast.com official website of Avast! Antivirus downloads."
default = "/infra/context-profiles/AVAST"
}
...
I can use one of these variables in my code such as (note the var.ACTIVEDIR):
resource "nsxt_policy_security_policy" "AD_Policy" {
display_name = "AD Policy"
description = "Terraform provisioned Security Policy"
category = "Application"
rule {
display_name = "Allow Active Directory"
action = "ALLOW"
logged = true
disabled = true
profiles = [var.ACTIVDIR]
}
}
Get a copy of the Context Profile paths here