VMware Networking Community
vmmedmed
Enthusiast
Enthusiast
‎08-09-2017 05:11 PM
Jump to solution

Are there publicly available scripts for security policy creation in NSX?

The GUI is just too darned slow and clunky for me. I understand that there are

APIs available that should serve to permit configuration. But I lack to the

coding skills to make that happen on my own. Are there any scripts out

there that would permit the creation of security policies with hooks to the

APIs that would let me add/modify/delete NSX firewall security policies?

Tags (3)
0 Kudos
1 Solution

Accepted Solutions
Sreec
VMware Employee
VMware Employee
‎08-09-2017 10:50 PM
Jump to solution

You should explore Power NSX that is one option. Also Automating Security Group and Policy Creation with NSX REST API - The Network Virtualization Blog  .Those are phython scripts and you can modify the entries and run the csv file which eventually calls the respective api calls and will provision the security group.

#initialize variables with needed info for input file and to make NSX REST API call

nsx_username = "nsxadmin"

nsx_password = "notMyPassword!"

nsx_url = "https://10.100.1.72/api/2.0/services/securitygroup/bulk/globalroot-0"

csv_filename = "security_groups.csv"

myheaders={'content-type':'application/xml'}

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered

View solution in original post

1 Reply
Sreec
VMware Employee
VMware Employee
‎08-09-2017 10:50 PM
Jump to solution

You should explore Power NSX that is one option. Also Automating Security Group and Policy Creation with NSX REST API - The Network Virtualization Blog  .Those are phython scripts and you can modify the entries and run the csv file which eventually calls the respective api calls and will provision the security group.

#initialize variables with needed info for input file and to make NSX REST API call

nsx_username = "nsxadmin"

nsx_password = "notMyPassword!"

nsx_url = "https://10.100.1.72/api/2.0/services/securitygroup/bulk/globalroot-0"

csv_filename = "security_groups.csv"

myheaders={'content-type':'application/xml'}

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered