I am trying something I thought would of been quite simple I want to simply create a firewall rule on a routed network.
I have copied someone elses code from another post but modified it as below didn't want to hijack there post so have posted a new discussion here.
connect-ciserver cloud.xxx.emea.xxx.com -user xxxxxxx -password xxxxxxx
Connect-VIServer -Server xxx.xxx.xxx.xxx
$myOrgInput = "orgname"
$myvAppInput = "vappname"
$myNetwork = "xxx-xxxxxxxx-org-ext-rn-1"
$myOrg = Get-Org -Name $myOrgInput
$vApps = Get-CIVApp -Name $myvAppInput -Org $myOrg
foreach ($vApp in $vApps) {
$vApp
$networkConfigSection = $vApp.ExtensionData.GetNetworkConfigSection()
$networkConfigSection
$vAppNetwork = $networkConfigSection.NetworkConfig | where {$_.networkName -eq $myNetwork}
$vAppNetwork
$fwService = New-Object vmware.vimautomation.cloud.views.firewallservice
$fwService.DefaultAction = "allow"
$fwService.LogDefaultAction = $true
$fwService.IsEnabled = $true
$fwService.FirewallRule = New-Object vmware.vimautomation.cloud.views.firewallrule
# First Rule - RDP
$fwService.FirewallRule[0].isenabled = $true
$fwService.FirewallRule[0].description = "RDP"
$fwService.FirewallRule[0].protocols = New-Object vmware.vimautomation.cloud.views.firewallRuleTypeProtocols
$fwService.FirewallRule[0].protocols.Tcp = $true
$fwService.FirewallRule[0].policy = "allow"
$fwService.FirewallRule[0].port = "3389"
$fwService.FirewallRule[0].destinationIp = "internal"
$fwService.FirewallRule[0].sourceip = "external"
$vAppNetwork.Configuration.Features = $vAppNetwork.Configuration.Features | where {!($_ -is [vmware.vimautomation.cloud.views.firewallservice])}
$vAppNetwork.configuration.features += $fwService
$networkConfigSection.UpdateServerData()
}
I get an error when I run this script on vcloud 1.5
Exception calling "UpdateServerData" with "0" argument(s): "Bad request - Unex
pected JAXB Exception - cvc-complex-type.2.4.b: The content of element 'NatRul
e' is not complete. One of '{"http://www.vmware.com/vcloud/v1.5":VCloudExtensio
n, "http://www.vmware.com/vcloud/v1.5":Description, "http://www.vmware.com/vclo
ud/v1.5":OneToOneBasicRule, "http://www.vmware.com/vcloud/v1.5":OneToOneVmRule,
"http://www.vmware.com/vcloud/v1.5":PortForwardingRule, "http://www.vmware.com
/vcloud/v1.5":VmRule}' is expected."
At line:24 char:43
+ $networkConfigSection.UpdateServerData <<<< ()
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : DotNetMethodException
If I run this on vcloud 5.1 the script runs through without any errors but the firewall rule is not created.
If anyone could help I would be most grateful.