VMware Networking Community
rajeevsrikant
Expert
Expert
‎09-11-2017 07:17 PM

NSX Power Shell Script - Security Group

I am trying to extract the IP addresses from a particular security group using Power Shell API

Below is the power shell script I am using. Its not working

Any inputs what i need to change in the script to make it work.

$NSXUsername = "admin"

$NSXPassword = "VMware1!"

$auth =  [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($NSXUsername+":"+$NSXPassword))

$head = @{"Authorization"="Basic $auth"}

$uri = "https://192.168.110.15"

[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}

Invoke-RestMethod -uri "$uri/api/2.0/services/securitygroup/securitygroup-16/translation/ipaddresses" -Body $body -Method:Get  $head

4 Replies
bayupw
Leadership
Leadership
‎09-14-2017 04:31 PM

If you are looking a way to document membership of VMs in Security Groups and its IP addresses, you can reuse this PowerNSX script

GitHub - tonysangha/PowerNSX-DFW2Excel: Export the NSX for vSphere Distributed Firewall to MS Excel

Bayu Wibowo | VCIX6-DCV/NV
Author of VMware NSX Cookbook http://bit.ly/NSXCookbook
https://github.com/bayupw/PowerNSX-Scripts
https://nz.linkedin.com/in/bayupw | twitter @bayupw
0 Kudos
DaleCoghlan
VMware Employee
VMware Employee
‎09-18-2017 10:21 PM

You can do this with 1 line using PowerNSX

Get-NsxSecurityGroup -Name blah | Get-NsxSecurityGroupEffectiveIpAddress

niksheridan
Contributor
Contributor
‎06-10-2018 01:07 PM

This is a fair answer, but I find when using this pipeline I only get 4 results - so for instance I have a security group with 6 ipsets - any ideas how I can show all 6?   I.e. a complete listing?

Thanks

0 Kudos
niksheridan
Contributor
Contributor
‎06-10-2018 01:20 PM

check out the nsx-powerops

GitHub - vmware/nsx-powerops: NSX-v Operationalization project. Automate Networking Documentation an...

The excel creation is better than the original one posted (it was amalgamated)

I wrote a function in powershell that uses an encryption key (saved in a locked down directory specific to the user running it) to decrypt encrypted usernames and passwords to pass into credential objects which make the neccesary connection calls to nsx/vmware - as I found the excel (which is great dont get me wrong) a little boring to wait to complete.  so just schedule it an let it do it's thing.

0 Kudos