VMware Cloud Community
Crillew
Contributor
Contributor
‎10-05-2021 01:34 PM

PowerCLI NSX-T, problem with Get-FirewallRule output

Hello, Im trying to extract the Notes field for a firewall rule in NSX-T DFW without success.
The RuleTag works fine, but for some reason the Notes remains blank even though I have updated it in the NSX-T GUI (screenshot attached).
Does someone else had success with getting the Notes field outputted via PowerCLI?
Im somewhat guessing the command parsing isnt implemented fully, will try dig into the code to see if I can verify that.

I am running PS version 7 and PowerCLi version 12.4

Example output (as mentioned, Notes is empty even though it isnt empty in the NSX-T GUI):

PS C:\Windows\System32> Get-FirewallRule -SectionId 467316f6-bd4e-4d5c-8f29-0e61af52df4f

Client : VMware.VimAutomation.Cis.Core.Commands.Nsx.NsxClient
Sbid :
Link :
Schema :
Self :
Revision : 53
Owner :
Description : default.Block_ping.New_Rule
Name : New Rule
Id : 1001
ResourceType : FirewallRule
Action : DROP
AppliedTo :
Destination :
DestinationsExcluded : False
Direction : IN_OUT
Disabled : False
IPProtocol : IPV4_IPV6
IsDefault : False
Logged : True
Notes :
RuleTag : Block-Ping
Service : {ICMP ALL}
Source : {default.VMs}
SourcesExcluded : False

 

BR /Christian

Preview file
25 KB
0 Kudos
3 Replies
LucD
Leadership
Leadership
‎10-05-2021 02:04 PM

Just to make sure, you are referring to the PowerCLI Preview for NSX-T Fling from 2019?

Is there a specific reason you are not using the VMware.VMC.NSXT module?
See also NSX-T Policy PowerShell Community Module for VMC


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

0 Kudos
Crillew
Contributor
Contributor
‎10-05-2021 02:10 PM

You are absolutely correct, thought I had cleaned up correctly, but apparently not.
Will make a fresh install and report back, thanks for the quick reply!

0 Kudos
Crillew
Contributor
Contributor
‎10-05-2021 03:46 PM

Update: I couldnt get the VMware.VMC.NSXT to work, but I should clarify that I use a "regular" on-prem NSX-T manager, is that module maybe only for cloud based NSX-T managers?

However, I was able to get a hold of the information I was looking for via Postman and this URI:

https://x.x.x.x/policy/api/v1/infra/domains/default/security-policies/Block_ping

"notes""Added-20211005-chwal-TR675",
 
Any pointers to how I would be able to get this via PowerCLI and the Get-NsxtService command?
0 Kudos