Hi,
when running the Get firewall/sections/<section_id>/rules API, some of source/destination/appliedTo objects are prefixed with "default." :
the name of the security group is Nsx_AAA but i see it as "default.Nsx_AAA"
"sources": [
{
"target_id": "51b9313d-c5c7-4b72-9ea7-efc591b72af8",
"target_display_name": "default.Nsg_AAA",
"target_type": "NSGroup",
"is_valid": true
}
]
So two questions:
1) what does the default prefix represent?
2) is there a way to request the data without that prefix? i need to correlate between objects in the rule to existing SG's and when retrieving the SG's i dont have that prefix, meening i have to drop the default prefix from objects in rules, is there a flag i can use to avoid it?
Hi Cloudistan,
forgive me the question. Which NSX version are you referring??
I tried with GET /api/4.0/firewall/globalroot-0/config and even whit GET /api/4.0/firewall/globalroot-0/config/layer3sections/1005/ (as you can see on picture bellow, where 1005 is the section id o layer3) but, I don't get your result "default.".
More reference can be found here.
Best Regards
LM
Hi Imogile,
I'm talking about NSX-T.
Help will be appreciated
Hi Cloudistan,
I tried for curiosity on my lab on NSX-T environment, but I can't see the prefixed "default."
I don't really know where it comes from. Now I'm curious to know
Regards,
LM
Same here. Didn't find those.
Those objects are created by the NSX Policy Manager. The "default" references the domain in which the were created.
To query the rules you need to use the policy API. It will be something like /policy/api/v1/infra/domains/default/security-policies/<security-policy-id>/rules