I am looking for help to create security groups using PowerCLI for NSX-T on a Global Manager. I am new to PowerCLI, but I have manged to create segments ad DFW with no problem, however, I am struggling with the groups.
I am happy with the following...
$group = Initialize-Group -DisplayName $GroupName -Expression @($criteria)
$CreateGroup = Invoke-PatchGroupForDomain -DomainId default -Group $group -GroupId $GroupName
$GroupName = "JQ-Test-Group"
$cond = Initialize-Condition -ResourceType Condition -Id $GroupName -MemberType "Segment" -Value "JQ-Test-Segment" -Key "Tag" -Operator "EQUALS"
$group = Initialize-Group -DisplayName $GroupName -Expression @($cond)
$createdGroup = Invoke-PatchGroupForDomain -DomainId default -Group $group -GroupId $GroupName
I have spent a lot of time searching online but I am struggling to find anything I can use, although that may be due to me lack of understanding.
Any help would be greatly appreciated, even if it is just to point me in the right direction!
How do I create Security Groups in Global Manager with PowerCLI 13.0.
With the Code bellow I received back this error:
Code:
$MemberType="VirtualMachine"
$Key="name"
$Operator="EQUALS"
$GroupName = "TEST2"
$cond = Initialize-Condition -ResourceType Condition -Id $GroupName -MemberType $MemberType -Value $GroupName -Key $Key -Operator $Operator
$group = Initialize-Group -DisplayName $GroupName -Expression @($cond)
$createdGroup = Invoke-PatchGroupForDomain -Server $n -DomainId default -Group $group -GroupId $GroupName
Invoke-PatchGroupForDomain : Error calling PatchGroupForDomain: {
"httpStatus" : "BAD_REQUEST",
"error_code" : 500517,
"module_name" : "Policy",
"error_message" : "Local resource cannot accessed on the global manager."
}
At line:1 char:17
+ ... atedGroup = Invoke-PatchGroupForDomain -Server $n -DomainId default - ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Invoke-PatchGroupForDomain], ApiException
+ FullyQualifiedErrorId : VMware.Binding.OpenApi.Client.ApiException,VMware.Sdk.Nsx.Policy.Api.PolicyApi.InvokePatchGroupForDomain
I found a solution and changed only this command:
$createdGroup = Invoke-PatchGroupForDomain -Server $n -DomainId default -Group $group -GroupId $GroupName
to
$createdGroup = Invoke-GlobalInfraPatchGroupForDomain -Server $n -DomainId default -Group $group -GroupId $GroupName
With Get-Command -Module VMware.Sdk.Nsx.Policy we get all the necessary commands for NSX Module.