NSX-T Data Center REST API

Associated URIs:

API Description	API Path
List of VPC gateway policies Paginated list of VPC gateway policies.	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/gateway-policies
Delete Gateway Policy Delete Gateway Policy.	DELETE /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/gateway-policies/{gateway-policy-id}
Get Gateway Policy Get Gateway Policy	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/gateway-policies/{gateway-policy-id}
Create or update Gateway Policy If a GatewayPolicy with the policy-id is not already present, create a new GatewayPolicy. If it already exists, update the GatewayPolicy. This is a full replace.	PATCH /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/gateway-policies/{gateway-policy-id}
Revise the positioning of VPC gateway policies This is used to set a precedence of a VPC gateway policy w.r.t others.	POST /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/gateway-policies/{gateway-policy-id}?action=revise
Update the Gateway Policy Update the Gateway Policy.	PUT /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/gateway-policies/{gateway-policy-id}
List N-S Firewall Rules List N-S Firewall Rules GET /orgs/org1/projects/project1/vpcs/vpc-1/gateway-policies/default/rules	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/gateway-policies/{gateway-policy-id}/rules
Delete N-S Firewall Rule Delete N-S Firewall Rule DELETE /orgs/org1/projects/project1/vpcs/vpc-1/gateway-policies/default/rules/rule-1	DELETE /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/gateway-policies/{gateway-policy-id}/rules/{rule-id}
Read N-S Firewall Rule Read N-S Firewall Rule GET /orgs/org1/projects/project1/vpcs/vpc-1/gateway-policies/default/rules/rule-1	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/gateway-policies/{gateway-policy-id}/rules/{rule-id}
Patch N-S Firewall Rule Patch the N-S Firewall Rule. If a Rule for the given Rule-id is not present, the object will get created and if it is present it will be updated. This is a full replace PATCH /orgs/org1/projects/project1/vpcs/vpc-1/gateway-policies/default/rules/rule-1	PATCH /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/gateway-policies/{gateway-policy-id}/rules/{rule-id}
Revise the positioning of VPC N-S Firewall rule This is used to re-order a rule within a VPC gateway policy.	POST /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/gateway-policies/{gateway-policy-id}/rules/{rule-id}?action=revise
Create or update N-S Firewall Rule Update the N-S Firewall Rule. If a Rule with the rule-id is not already present, this API fails with a 404. Creation of Rules is not allowed using this API. PUT /orgs/org1/projects/project1/vpcs/vpc-1/gateway-policies/default/rules/rule-1	PUT /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/gateway-policies/{gateway-policy-id}/rules/{rule-id}
Get rule statistics Get statistics of N-S Firewall rule. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point.	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/gateway-policies/{gateway-policy-id}/rules/{rule-id}/statistics
Get gateway policy statistics Get statistics of a gateway policy. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point.	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/gateway-policies/{gateway-policy-id}/statistics
Get groups for which the given object is a member Get policy groups for which the given object is a member.	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/group-associations
List VPC Groups Paginated list of VPC Groups.	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/groups
Delete VPC Group Delete VPC Group.	DELETE /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/groups/{group-id}
Get VPC Group Get VPC Group	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/groups/{group-id}
Create or update VPC Group If a VPC group with the group-id is not already present, create a new VPC group. If it already exists, update the group.	PATCH /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/groups/{group-id}
Create or update VPC Group If a VPC group with the group-id is not already present, create a new VPC group. If it already exists, update the VPC group.	PUT /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/groups/{group-id}
Get IP addresses that belong to this VPC Group Get IP addresses that belong to this VPC Group. This API is applicable for Groups containing either VirtualMachine, VIF, Segment ,Segment Port or IP Address member type.For Groups containing other member types,an empty list is returned	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/groups/{group-id}/members/ip-addresses
Get subnet ports that belong to this VPC Group Get subnet ports that belong to this VPC Group	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/groups/{group-id}/members/subnet-ports
Get subnets that belong to this VPC Group Get subnets that belong to this VPC Group	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/groups/{group-id}/members/subnets
Get Virtual Network Interface instances that belong to this Group Get Virtual Network Interface instances that belong to this Group. This API is applicable for Groups containing VirtualNetworkInterface and VirtualMachine member types. For Groups containing other member types,an empty list is returned. target_id in response is external_id of VirtualNetworkInterface or VirtualMachine.	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/groups/{group-id}/members/vifs
Get Virtual machines that belong to this VPC Group Get Virtual machines that belong to this VPC Group. This API is applicable for Groups containing VirtualMachine,member type. For Groups containing other member types,an empty list is returned.	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/groups/{group-id}/members/virtual-machines
Get groups for which the given IP address is a member Get policy groups for which the given IP address is a member.	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/ip-address-group-associations
List of VPC security policies Paginated list of VPC security policies.	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/security-policies
Delete SecurityPolicy Delete SecurityPolicy.	DELETE /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/security-policies/{security-policy-id}
Get SecurityPolicy Get SecurityPolicy	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/security-policies/{security-policy-id}
Create or update SecurityPolicy If a SecurityPolicy with the policy-id is not already present, create a new SecurityPolicy. If it already exists, update the SecurityPolicy. This is a full replace.	PATCH /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/security-policies/{security-policy-id}
Revise the positioning of VPC security policies This is used to set a precedence of a VPC security policy w.r.t others.	POST /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/security-policies/{security-policy-id}?action=revise
Update the SecurityPolicy Update the SecurityPolicy.	PUT /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/security-policies/{security-policy-id}
List E-W Firewall Rules List Rules GET /orgs/org1/projects/project1/vpcs/vpc-1/security-policies/default/rules	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/security-policies/{security-policy-id}/rules
Delete E-W Firewall Rule Delete E-W Firewall Rule DELETE /orgs/org1/projects/project1/vpcs/vpc-1/security-policies/default/rules/rule-1	DELETE /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/security-policies/{security-policy-id}/rules/{rule-id}
Read E-W Firewall Rule Read Rule GET /orgs/org1/projects/project1/vpcs/vpc-1/security-policies/default/rules/rule-1	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/security-policies/{security-policy-id}/rules/{rule-id}
Patch E-W Firewall Rule Patch the E-W Firewall Rule. If a Rule for the given Rule-id is not present, the object will get created and if it is present it will be updated. This is a full replace PATCH /orgs/org1/projects/project1/vpcs/vpc-1/security-policies/default/rules/rule-1	PATCH /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/security-policies/{security-policy-id}/rules/{rule-id}
Revise the positioning of VPC E-W Firewall rule This is used to re-order a rule within a VPC security policy.	POST /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/security-policies/{security-policy-id}/rules/{rule-id}?action=revise
Create or update E-W Firewall Rule Update the E-W Firewall Rule. If a Rule with the rule-id is not already present, this API fails with a 404. Creation of Rules is not allowed using this API. PUT /orgs/org1/projects/project1/vpcs/vpc-1/security-policies/default/rules/rule-1	PUT /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/security-policies/{security-policy-id}/rules/{rule-id}
Get rule statistics Get statistics of E-W Firewall rule. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point.	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/security-policies/{security-policy-id}/rules/{rule-id}/statistics
Get security policy statistics Get statistics of a security policy. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point.	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/security-policies/{security-policy-id}/statistics
Get groups for which the given VM is a member Get policy groups for which the given VM is a member.	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/virtual-machine-group-associations
Get groups for which the given VIF is a member Get policy groups for which the given VIF is a member.	GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/vpcs/{vpc-id}/virtual-network-interface-group-associations

Additional Links

E-W Firewall

Groups

Group Members

N-S Firewall

NSX-T Data Center REST API

Associated URIs:

List of VPC gateway policies

Delete Gateway Policy

Get Gateway Policy

Create or update Gateway Policy

Revise the positioning of VPC gateway policies

Update the Gateway Policy

List N-S Firewall Rules

Delete N-S Firewall Rule

Read N-S Firewall Rule

Patch N-S Firewall Rule

Revise the positioning of VPC N-S Firewall rule

Create or update N-S Firewall Rule

Get rule statistics

Get gateway policy statistics

Get groups for which the given object is a member

List VPC Groups

Delete VPC Group

Get VPC Group

Create or update VPC Group

Create or update VPC Group

Get IP addresses that belong to this VPC Group

Get subnet ports that belong to this VPC Group

Get subnets that belong to this VPC Group

Get Virtual Network Interface instances that belong to this Group

Get Virtual machines that belong to this VPC Group

Get groups for which the given IP address is a member

List of VPC security policies

Delete SecurityPolicy

Get SecurityPolicy

Create or update SecurityPolicy

Revise the positioning of VPC security policies

Update the SecurityPolicy

List E-W Firewall Rules

Delete E-W Firewall Rule

Read E-W Firewall Rule

Patch E-W Firewall Rule

Revise the positioning of VPC E-W Firewall rule

Create or update E-W Firewall Rule

Get rule statistics

Get security policy statistics

Get groups for which the given VM is a member

Get groups for which the given VIF is a member