1. Packages
  2. Vcd Provider
  3. API Docs
  4. VappFirewallRules
vcd 3.14.1 published on Monday, Apr 14, 2025 by vmware

vcd.VappFirewallRules

Explore with Pulumi AI

Create VappFirewallRules Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new VappFirewallRules(name: string, args: VappFirewallRulesArgs, opts?: CustomResourceOptions);
@overload
def VappFirewallRules(resource_name: str,
                      args: VappFirewallRulesArgs,
                      opts: Optional[ResourceOptions] = None)

@overload
def VappFirewallRules(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      default_action: Optional[str] = None,
                      network_id: Optional[str] = None,
                      vapp_id: Optional[str] = None,
                      enabled: Optional[bool] = None,
                      log_default_action: Optional[bool] = None,
                      org: Optional[str] = None,
                      rules: Optional[Sequence[VappFirewallRulesRuleArgs]] = None,
                      vapp_firewall_rules_id: Optional[str] = None,
                      vdc: Optional[str] = None)
func NewVappFirewallRules(ctx *Context, name string, args VappFirewallRulesArgs, opts ...ResourceOption) (*VappFirewallRules, error)
public VappFirewallRules(string name, VappFirewallRulesArgs args, CustomResourceOptions? opts = null)
public VappFirewallRules(String name, VappFirewallRulesArgs args)
public VappFirewallRules(String name, VappFirewallRulesArgs args, CustomResourceOptions options)
type: vcd:VappFirewallRules
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. VappFirewallRulesArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. VappFirewallRulesArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. VappFirewallRulesArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. VappFirewallRulesArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. VappFirewallRulesArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var vappFirewallRulesResource = new Vcd.VappFirewallRules("vappFirewallRulesResource", new()
{
    DefaultAction = "string",
    NetworkId = "string",
    VappId = "string",
    Enabled = false,
    LogDefaultAction = false,
    Org = "string",
    Rules = new[]
    {
        new Vcd.Inputs.VappFirewallRulesRuleArgs
        {
            DestinationIp = "string",
            DestinationPort = "string",
            DestinationVmId = "string",
            DestinationVmIpType = "string",
            DestinationVmNicId = 0,
            EnableLogging = false,
            Enabled = false,
            Name = "string",
            Policy = "string",
            Protocol = "string",
            SourceIp = "string",
            SourcePort = "string",
            SourceVmId = "string",
            SourceVmIpType = "string",
            SourceVmNicId = 0,
        },
    },
    VappFirewallRulesId = "string",
    Vdc = "string",
});
Copy
example, err := vcd.NewVappFirewallRules(ctx, "vappFirewallRulesResource", &vcd.VappFirewallRulesArgs{
DefaultAction: pulumi.String("string"),
NetworkId: pulumi.String("string"),
VappId: pulumi.String("string"),
Enabled: pulumi.Bool(false),
LogDefaultAction: pulumi.Bool(false),
Org: pulumi.String("string"),
Rules: .VappFirewallRulesRuleArray{
&.VappFirewallRulesRuleArgs{
DestinationIp: pulumi.String("string"),
DestinationPort: pulumi.String("string"),
DestinationVmId: pulumi.String("string"),
DestinationVmIpType: pulumi.String("string"),
DestinationVmNicId: pulumi.Float64(0),
EnableLogging: pulumi.Bool(false),
Enabled: pulumi.Bool(false),
Name: pulumi.String("string"),
Policy: pulumi.String("string"),
Protocol: pulumi.String("string"),
SourceIp: pulumi.String("string"),
SourcePort: pulumi.String("string"),
SourceVmId: pulumi.String("string"),
SourceVmIpType: pulumi.String("string"),
SourceVmNicId: pulumi.Float64(0),
},
},
VappFirewallRulesId: pulumi.String("string"),
Vdc: pulumi.String("string"),
})
Copy
var vappFirewallRulesResource = new VappFirewallRules("vappFirewallRulesResource", VappFirewallRulesArgs.builder()
    .defaultAction("string")
    .networkId("string")
    .vappId("string")
    .enabled(false)
    .logDefaultAction(false)
    .org("string")
    .rules(VappFirewallRulesRuleArgs.builder()
        .destinationIp("string")
        .destinationPort("string")
        .destinationVmId("string")
        .destinationVmIpType("string")
        .destinationVmNicId(0)
        .enableLogging(false)
        .enabled(false)
        .name("string")
        .policy("string")
        .protocol("string")
        .sourceIp("string")
        .sourcePort("string")
        .sourceVmId("string")
        .sourceVmIpType("string")
        .sourceVmNicId(0)
        .build())
    .vappFirewallRulesId("string")
    .vdc("string")
    .build());
Copy
vapp_firewall_rules_resource = vcd.VappFirewallRules("vappFirewallRulesResource",
    default_action="string",
    network_id="string",
    vapp_id="string",
    enabled=False,
    log_default_action=False,
    org="string",
    rules=[{
        "destination_ip": "string",
        "destination_port": "string",
        "destination_vm_id": "string",
        "destination_vm_ip_type": "string",
        "destination_vm_nic_id": 0,
        "enable_logging": False,
        "enabled": False,
        "name": "string",
        "policy": "string",
        "protocol": "string",
        "source_ip": "string",
        "source_port": "string",
        "source_vm_id": "string",
        "source_vm_ip_type": "string",
        "source_vm_nic_id": 0,
    }],
    vapp_firewall_rules_id="string",
    vdc="string")
Copy
const vappFirewallRulesResource = new vcd.VappFirewallRules("vappFirewallRulesResource", {
    defaultAction: "string",
    networkId: "string",
    vappId: "string",
    enabled: false,
    logDefaultAction: false,
    org: "string",
    rules: [{
        destinationIp: "string",
        destinationPort: "string",
        destinationVmId: "string",
        destinationVmIpType: "string",
        destinationVmNicId: 0,
        enableLogging: false,
        enabled: false,
        name: "string",
        policy: "string",
        protocol: "string",
        sourceIp: "string",
        sourcePort: "string",
        sourceVmId: "string",
        sourceVmIpType: "string",
        sourceVmNicId: 0,
    }],
    vappFirewallRulesId: "string",
    vdc: "string",
});
Copy
type: vcd:VappFirewallRules
properties:
    defaultAction: string
    enabled: false
    logDefaultAction: false
    networkId: string
    org: string
    rules:
        - destinationIp: string
          destinationPort: string
          destinationVmId: string
          destinationVmIpType: string
          destinationVmNicId: 0
          enableLogging: false
          enabled: false
          name: string
          policy: string
          protocol: string
          sourceIp: string
          sourcePort: string
          sourceVmId: string
          sourceVmIpType: string
          sourceVmNicId: 0
    vappFirewallRulesId: string
    vappId: string
    vdc: string
Copy

VappFirewallRules Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The VappFirewallRules resource accepts the following input properties:

DefaultAction This property is required. string
Either 'allow' or 'drop'. Specifies what to do should none of the rules match.
NetworkId This property is required. string
The identifier of vApp network.
VappId This property is required. string
The identifier of vApp.
Enabled bool
Enable or disable firewall. Default is true.
LogDefaultAction bool
Flag to enable logging for default action. Default value is false.
Org string
The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
Rules List<VappFirewallRulesRule>

Configures a firewall rule; see Rules below for details.

VappFirewallRulesId string
Vdc string
The name of VDC to use, optional if defined at provider level.
DefaultAction This property is required. string
Either 'allow' or 'drop'. Specifies what to do should none of the rules match.
NetworkId This property is required. string
The identifier of vApp network.
VappId This property is required. string
The identifier of vApp.
Enabled bool
Enable or disable firewall. Default is true.
LogDefaultAction bool
Flag to enable logging for default action. Default value is false.
Org string
The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
Rules []VappFirewallRulesRuleArgs

Configures a firewall rule; see Rules below for details.

VappFirewallRulesId string
Vdc string
The name of VDC to use, optional if defined at provider level.
defaultAction This property is required. String
Either 'allow' or 'drop'. Specifies what to do should none of the rules match.
networkId This property is required. String
The identifier of vApp network.
vappId This property is required. String
The identifier of vApp.
enabled Boolean
Enable or disable firewall. Default is true.
logDefaultAction Boolean
Flag to enable logging for default action. Default value is false.
org String
The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
rules List<VappFirewallRulesRule>

Configures a firewall rule; see Rules below for details.

vappFirewallRulesId String
vdc String
The name of VDC to use, optional if defined at provider level.
defaultAction This property is required. string
Either 'allow' or 'drop'. Specifies what to do should none of the rules match.
networkId This property is required. string
The identifier of vApp network.
vappId This property is required. string
The identifier of vApp.
enabled boolean
Enable or disable firewall. Default is true.
logDefaultAction boolean
Flag to enable logging for default action. Default value is false.
org string
The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
rules VappFirewallRulesRule[]

Configures a firewall rule; see Rules below for details.

vappFirewallRulesId string
vdc string
The name of VDC to use, optional if defined at provider level.
default_action This property is required. str
Either 'allow' or 'drop'. Specifies what to do should none of the rules match.
network_id This property is required. str
The identifier of vApp network.
vapp_id This property is required. str
The identifier of vApp.
enabled bool
Enable or disable firewall. Default is true.
log_default_action bool
Flag to enable logging for default action. Default value is false.
org str
The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
rules Sequence[VappFirewallRulesRuleArgs]

Configures a firewall rule; see Rules below for details.

vapp_firewall_rules_id str
vdc str
The name of VDC to use, optional if defined at provider level.
defaultAction This property is required. String
Either 'allow' or 'drop'. Specifies what to do should none of the rules match.
networkId This property is required. String
The identifier of vApp network.
vappId This property is required. String
The identifier of vApp.
enabled Boolean
Enable or disable firewall. Default is true.
logDefaultAction Boolean
Flag to enable logging for default action. Default value is false.
org String
The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
rules List<Property Map>

Configures a firewall rule; see Rules below for details.

vappFirewallRulesId String
vdc String
The name of VDC to use, optional if defined at provider level.

Outputs

All input properties are implicitly available as output properties. Additionally, the VappFirewallRules resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.

Look up Existing VappFirewallRules Resource

Get an existing VappFirewallRules resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: VappFirewallRulesState, opts?: CustomResourceOptions): VappFirewallRules
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        default_action: Optional[str] = None,
        enabled: Optional[bool] = None,
        log_default_action: Optional[bool] = None,
        network_id: Optional[str] = None,
        org: Optional[str] = None,
        rules: Optional[Sequence[VappFirewallRulesRuleArgs]] = None,
        vapp_firewall_rules_id: Optional[str] = None,
        vapp_id: Optional[str] = None,
        vdc: Optional[str] = None) -> VappFirewallRules
func GetVappFirewallRules(ctx *Context, name string, id IDInput, state *VappFirewallRulesState, opts ...ResourceOption) (*VappFirewallRules, error)
public static VappFirewallRules Get(string name, Input<string> id, VappFirewallRulesState? state, CustomResourceOptions? opts = null)
public static VappFirewallRules get(String name, Output<String> id, VappFirewallRulesState state, CustomResourceOptions options)
resources:  _:    type: vcd:VappFirewallRules    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
DefaultAction string
Either 'allow' or 'drop'. Specifies what to do should none of the rules match.
Enabled bool
Enable or disable firewall. Default is true.
LogDefaultAction bool
Flag to enable logging for default action. Default value is false.
NetworkId string
The identifier of vApp network.
Org string
The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
Rules List<VappFirewallRulesRule>

Configures a firewall rule; see Rules below for details.

VappFirewallRulesId string
VappId string
The identifier of vApp.
Vdc string
The name of VDC to use, optional if defined at provider level.
DefaultAction string
Either 'allow' or 'drop'. Specifies what to do should none of the rules match.
Enabled bool
Enable or disable firewall. Default is true.
LogDefaultAction bool
Flag to enable logging for default action. Default value is false.
NetworkId string
The identifier of vApp network.
Org string
The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
Rules []VappFirewallRulesRuleArgs

Configures a firewall rule; see Rules below for details.

VappFirewallRulesId string
VappId string
The identifier of vApp.
Vdc string
The name of VDC to use, optional if defined at provider level.
defaultAction String
Either 'allow' or 'drop'. Specifies what to do should none of the rules match.
enabled Boolean
Enable or disable firewall. Default is true.
logDefaultAction Boolean
Flag to enable logging for default action. Default value is false.
networkId String
The identifier of vApp network.
org String
The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
rules List<VappFirewallRulesRule>

Configures a firewall rule; see Rules below for details.

vappFirewallRulesId String
vappId String
The identifier of vApp.
vdc String
The name of VDC to use, optional if defined at provider level.
defaultAction string
Either 'allow' or 'drop'. Specifies what to do should none of the rules match.
enabled boolean
Enable or disable firewall. Default is true.
logDefaultAction boolean
Flag to enable logging for default action. Default value is false.
networkId string
The identifier of vApp network.
org string
The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
rules VappFirewallRulesRule[]

Configures a firewall rule; see Rules below for details.

vappFirewallRulesId string
vappId string
The identifier of vApp.
vdc string
The name of VDC to use, optional if defined at provider level.
default_action str
Either 'allow' or 'drop'. Specifies what to do should none of the rules match.
enabled bool
Enable or disable firewall. Default is true.
log_default_action bool
Flag to enable logging for default action. Default value is false.
network_id str
The identifier of vApp network.
org str
The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
rules Sequence[VappFirewallRulesRuleArgs]

Configures a firewall rule; see Rules below for details.

vapp_firewall_rules_id str
vapp_id str
The identifier of vApp.
vdc str
The name of VDC to use, optional if defined at provider level.
defaultAction String
Either 'allow' or 'drop'. Specifies what to do should none of the rules match.
enabled Boolean
Enable or disable firewall. Default is true.
logDefaultAction Boolean
Flag to enable logging for default action. Default value is false.
networkId String
The identifier of vApp network.
org String
The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
rules List<Property Map>

Configures a firewall rule; see Rules below for details.

vappFirewallRulesId String
vappId String
The identifier of vApp.
vdc String
The name of VDC to use, optional if defined at provider level.

Supporting Types

VappFirewallRulesRule
, VappFirewallRulesRuleArgs

DestinationIp string
Destination IP address to which the rule applies. A value of Any matches any IP address.
DestinationPort string
Destination port to which this rule applies.
DestinationVmId string
Destination VM identifier
DestinationVmIpType string
The value can be one of: assigned - assigned internal IP will be automatically chosen. NAT: NATed external IP will be automatically chosen.
DestinationVmNicId double
Destination VM NIC ID to which this rule applies.
EnableLogging bool
'true' value will enable rule logging. Default is false
Enabled bool
Enable or disable firewall. Default is true.
Name string
Rule name
Policy string
One of: drop (drop packets that match the rule), allow (allow packets that match the rule to pass through the firewall)
Protocol string
Specify the protocols to which the rule should be applied. One of: any, icmp, tcp, udp, tcp&udp
SourceIp string
Source IP address to which the rule applies. A value of Any matches any IP address.
SourcePort string
Source port to which this rule applies.
SourceVmId string
Source VM identifier
SourceVmIpType string
The value can be one of: assigned - assigned internal IP will be automatically chosen. NAT: NATed external IP will be automatically chosen.
SourceVmNicId double
Source VM NIC ID to which this rule applies.
DestinationIp string
Destination IP address to which the rule applies. A value of Any matches any IP address.
DestinationPort string
Destination port to which this rule applies.
DestinationVmId string
Destination VM identifier
DestinationVmIpType string
The value can be one of: assigned - assigned internal IP will be automatically chosen. NAT: NATed external IP will be automatically chosen.
DestinationVmNicId float64
Destination VM NIC ID to which this rule applies.
EnableLogging bool
'true' value will enable rule logging. Default is false
Enabled bool
Enable or disable firewall. Default is true.
Name string
Rule name
Policy string
One of: drop (drop packets that match the rule), allow (allow packets that match the rule to pass through the firewall)
Protocol string
Specify the protocols to which the rule should be applied. One of: any, icmp, tcp, udp, tcp&udp
SourceIp string
Source IP address to which the rule applies. A value of Any matches any IP address.
SourcePort string
Source port to which this rule applies.
SourceVmId string
Source VM identifier
SourceVmIpType string
The value can be one of: assigned - assigned internal IP will be automatically chosen. NAT: NATed external IP will be automatically chosen.
SourceVmNicId float64
Source VM NIC ID to which this rule applies.
destinationIp String
Destination IP address to which the rule applies. A value of Any matches any IP address.
destinationPort String
Destination port to which this rule applies.
destinationVmId String
Destination VM identifier
destinationVmIpType String
The value can be one of: assigned - assigned internal IP will be automatically chosen. NAT: NATed external IP will be automatically chosen.
destinationVmNicId Double
Destination VM NIC ID to which this rule applies.
enableLogging Boolean
'true' value will enable rule logging. Default is false
enabled Boolean
Enable or disable firewall. Default is true.
name String
Rule name
policy String
One of: drop (drop packets that match the rule), allow (allow packets that match the rule to pass through the firewall)
protocol String
Specify the protocols to which the rule should be applied. One of: any, icmp, tcp, udp, tcp&udp
sourceIp String
Source IP address to which the rule applies. A value of Any matches any IP address.
sourcePort String
Source port to which this rule applies.
sourceVmId String
Source VM identifier
sourceVmIpType String
The value can be one of: assigned - assigned internal IP will be automatically chosen. NAT: NATed external IP will be automatically chosen.
sourceVmNicId Double
Source VM NIC ID to which this rule applies.
destinationIp string
Destination IP address to which the rule applies. A value of Any matches any IP address.
destinationPort string
Destination port to which this rule applies.
destinationVmId string
Destination VM identifier
destinationVmIpType string
The value can be one of: assigned - assigned internal IP will be automatically chosen. NAT: NATed external IP will be automatically chosen.
destinationVmNicId number
Destination VM NIC ID to which this rule applies.
enableLogging boolean
'true' value will enable rule logging. Default is false
enabled boolean
Enable or disable firewall. Default is true.
name string
Rule name
policy string
One of: drop (drop packets that match the rule), allow (allow packets that match the rule to pass through the firewall)
protocol string
Specify the protocols to which the rule should be applied. One of: any, icmp, tcp, udp, tcp&udp
sourceIp string
Source IP address to which the rule applies. A value of Any matches any IP address.
sourcePort string
Source port to which this rule applies.
sourceVmId string
Source VM identifier
sourceVmIpType string
The value can be one of: assigned - assigned internal IP will be automatically chosen. NAT: NATed external IP will be automatically chosen.
sourceVmNicId number
Source VM NIC ID to which this rule applies.
destination_ip str
Destination IP address to which the rule applies. A value of Any matches any IP address.
destination_port str
Destination port to which this rule applies.
destination_vm_id str
Destination VM identifier
destination_vm_ip_type str
The value can be one of: assigned - assigned internal IP will be automatically chosen. NAT: NATed external IP will be automatically chosen.
destination_vm_nic_id float
Destination VM NIC ID to which this rule applies.
enable_logging bool
'true' value will enable rule logging. Default is false
enabled bool
Enable or disable firewall. Default is true.
name str
Rule name
policy str
One of: drop (drop packets that match the rule), allow (allow packets that match the rule to pass through the firewall)
protocol str
Specify the protocols to which the rule should be applied. One of: any, icmp, tcp, udp, tcp&udp
source_ip str
Source IP address to which the rule applies. A value of Any matches any IP address.
source_port str
Source port to which this rule applies.
source_vm_id str
Source VM identifier
source_vm_ip_type str
The value can be one of: assigned - assigned internal IP will be automatically chosen. NAT: NATed external IP will be automatically chosen.
source_vm_nic_id float
Source VM NIC ID to which this rule applies.
destinationIp String
Destination IP address to which the rule applies. A value of Any matches any IP address.
destinationPort String
Destination port to which this rule applies.
destinationVmId String
Destination VM identifier
destinationVmIpType String
The value can be one of: assigned - assigned internal IP will be automatically chosen. NAT: NATed external IP will be automatically chosen.
destinationVmNicId Number
Destination VM NIC ID to which this rule applies.
enableLogging Boolean
'true' value will enable rule logging. Default is false
enabled Boolean
Enable or disable firewall. Default is true.
name String
Rule name
policy String
One of: drop (drop packets that match the rule), allow (allow packets that match the rule to pass through the firewall)
protocol String
Specify the protocols to which the rule should be applied. One of: any, icmp, tcp, udp, tcp&udp
sourceIp String
Source IP address to which the rule applies. A value of Any matches any IP address.
sourcePort String
Source port to which this rule applies.
sourceVmId String
Source VM identifier
sourceVmIpType String
The value can be one of: assigned - assigned internal IP will be automatically chosen. NAT: NATed external IP will be automatically chosen.
sourceVmNicId Number
Source VM NIC ID to which this rule applies.

Package Details

Repository
vcd vmware/terraform-provider-vcd
License
Notes
This Pulumi package is based on the vcd Terraform Provider.