NSX-T Data Center REST API

Details of NSX firewall rules of cloud virtual machine

Return the NSX firewall rules of an agentless cloud virtual machine within the given cloud network
and the details/status of each rule. VMs with NSX agent do not have the NSX rules populated.
Rule errors are populated if failed to realize for the instance.In AWS, instance id is same as instance guid.
In Azure, instance guid refers to the global unique identifier of the instance.

Request:

Method:
GET
URI Path(s):
/api/v1/csm/virtual-machines/{virtual-machine-id}/firewall-rules
Request Headers:
n/a
Query Parameters:
NsxFirewallRulesListRequestParameters+
Request Body:
n/a

Example Request:

GET https://<nsx-csm>/api/v1/csm/virtual-machines/i-027c0b32cbe631ec9/firewall-rules

Successful Response:

Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NsxFirewallRulesListResult+

Example Response:

{ "results" : [ { "id" : "1026", "section_id" : "b6b1219b-g76d-456g-8012-ebbdg9c4c497", "direction" : "IN_OUT", "priority" : 100, "sources" : [ { "target_id" : "a6a1219a-f76c-456f-8012-daacf9b4b497", "target_display_name" : "web-vms" } ], "destinations" : [ { "target_id" : "d79460ce-3404-4424-a931-3f70a2e39aee", "target_display_name" : "app-vms" } ], "services" : [ { "service" : { "l4_protocol" : "TCP", "source_ports" : [], "destination_ports: ["1024"] } } ], "action" : "ALLOW", "error_details" : { "error_id" : "1234", "error_message" : "NSX stateless rules are not supported" } }, { "id" : "1027", "section_id" : "", "direction" : "IN", "priority" : 1000, "sources" : [ { "target_id" : "d79460ce-3404-4424-a931-3f70a2e39aee", "target_display_name" : "app-vms" } ], "destinations" : [ { "target_id" : "a6a1219a-f76c-456f-8012-daacf9b4b497", "target_display_name" : "web-vms" } ], "services" : [ { "service" : { "l4_protocol" : "TCP", "source_ports" : [], "destination_ports: ["464"] } } ], "action" : "DENY", "error_details" : {} } ] }

Required Permissions:

read

Feature:

cloud_resources

Additional Errors: