| Parameter |
Choices/Defaults |
Comments |
|
ca_path
string
|
|
Path to the CA bundle to be used to verify host's SSL certificate
|
|
description
string
|
|
Policy Group description.
|
|
display_name
string
|
|
Display name.
If resource ID is not specified, display_name will be used as ID.
|
|
do_wait_till_create
boolean
|
|
Can be used to wait for the realization of subresource before the request to create the next resource is sent to the Manager.
Can be specified for each subresource.
|
|
domain_id
string
|
|
Domain ID.
|
|
expression
list
|
|
The expression list must follow below criteria - 1. A non-empty expression list, must be of odd size. In a list, with indices starting from 0, all non-conjunction expressions must be at even indices, separated by a conjunction expression at odd indices. - 2. The total of ConditionExpression and NestedExpression in a list should not exceed 5. - 3. The total of IPAddressExpression, MACAddressExpression, external IDs in an ExternalIDExpression and paths in a PathExpression must not exceed 500. - 4. Each expression must be a valid Expression. See the definition of the Expression type for more information.
|
|
extended_expression
list
|
|
Extended Expression allows additional higher level context to be specified for grouping criteria (e.g. user AD group). This field allow users to specified user context as the source of a firewall rule for IDFW feature. Current version only support a single IdentityGroupExpression. In the future, this might expand to support other conjunction and non-conjunction expression.
The extended expression list must follow below criteria - 1. Contains a single IdentityGroupExpression. No conjunction expression is supported - 2. No other non-conjunction expression is supported, except for IdentityGroupExpression - 3. Each expression must be a valid Expression. See the definition of the Expression type for more information - 4. Extended expression are implicitly AND with expression - 5. No nesting can be supported if this value is used - 6. If a Group is using extended expression, this group must be the only member in the source field of an communication map
|
|
group_state
string
|
Choices:
- IN_PROGRESS
- SUCCESS
- FAILURE
|
Realization state of this group
|
|
hostname
string
/ required
|
|
Deployed NSX manager hostname.
|
|
id
string
|
|
The id of the Policy Policy Group.
|
|
nsx_cert_path
string
|
|
Path to the certificate created for the Principal Identity using which the CRUD operations should be performed
|
|
nsx_key_path
string
|
|
Path to the certificate key created for the Principal Identity using which the CRUD operations should be performed
Must be specified if nsx_cert_path is specified
|
|
password
string
|
|
The password to authenticate with the NSX manager.
Must be specified if username is specified
|
|
request_headers
dictionary
|
|
HTTP request headers to be sent to the host while making any request
|
|
state
-
/ required
|
|
State can be either 'present' or 'absent'. 'present' is used to create or update resource. 'absent' is used to delete resource.
|
|
tags
dictionary
|
|
Opaque identifiers meaningful to the API user.
|
|
scope
string
/ required
|
|
Tag scope.
|
|
tag
string
/ required
|
|
Tag value.
|
|
username
string
|
|
The username to authenticate with the NSX manager.
|
|
validate_certs
boolean
|
|
Enable server certificate verification.
|