Solved: Re: NSX Security Tag Display

eaphilipp · ‎07-29-2019

Hello,

I am creating a menu driven function that will display all of VMs attached to a security tag. All of that works, the only issue I have is when the VMs display the security tag is not displaying.

function VM-Tag

{

cls

$v = Get-NsxSecurityTag | select name

$menu = for ($i = 0; $i -lt $v.Count; $i += 2)

{

$obj = [ordered]@{

Odd = "$($i+1). $($v[$i].Name)"

}

if ($v[$i + 1])

{

$obj.Add('Even', "$($i+2). $($v[$i+1].Name)") }

New-Object PSObject -Property $obj

}

$menu | Format-Table -HideTableHeaders

$choice = Read-Host -Prompt "Select Section (1..$($v.Count))"

$VMS = Get-NsxSecurityTagAssignment -SecurityTag (Get-NsxSecurityTag $v[$choice - 1].name)

cls

$VMS | FT

}

I am getting this for a display:

SecurityTag VirtualMachine

----------- --------------

securityTag G46PALATOWER004

securityTag G46PAL0011

securityTag G46PAL0012

securityTag G46PAL0013

securityTag G46PAL0014

I was hoping that the "security tag" would be my selection from the menu.

So:

SecurityTag VirtualMachine

----------- --------------

APP-TAG G46PALATOWER004

APP-TAG G46PAL0011

APP-TAG G46PAL0012

APP-TAG G46PAL0013

APP-TAG G46PAL0014

What am I missing?

LucD · ‎08-02-2019

That PowerNsx module seems to be using PSObjects and also XmlElements.

One more try, now with this

Get-NsxSecurityTag |

ForEach-Object -Process {

Write-Host "Looking at $($_.Name)"

Get-NsxSecurityTagAssignment -SecurityTag $_ |

Select @{N='SecurityTag';E={$_.SecurityTag.Name}},VirtualMachine

}

---------------------------------------------------------------------------------------------------------

Was it helpful? Let us know by completing this short survey here.

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

View solution in original post

LucD · ‎07-29-2019

Did you already try changing (Get-NsxSecurityTag $v[$choice - 1].name) into (Get-NsxSecurityTag $v[$choice - 1].name).SecurityTag

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

eaphilipp · ‎07-29-2019

Yes, when I do that. Nothing returns, which is odd.

LucD · ‎07-29-2019

Could you also try building the menu with this line

$v = Get-NsxSecurityTag | select -ExpandProperty name

And can you also check that this returns what you expect it to return.

Get-NsxSecurityTag |

ForEach-Object -Process {

Get-NsxSecurityTagAssignment -SecurityTag $_.Name

}

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

eaphilipp · ‎07-29-2019

When I did this: $v = Get-NsxSecurityTag | select -ExpandProperty name

I got this:

1. 2.

3. 4.

5. 6.

7. 8.

9. 10.

11. 12.

13. 14.

15. 16.

Tags didn't populate initial menu.

I tried this on its own:

Get-NsxSecurityTag |

ForEach-Object -Process {

Get-NsxSecurityTagAssignment -SecurityTag $_.Name

}

And I got this:

Get-NsxSecurityTagAssignment : Cannot process argument transformation on parameter 'SecurityTag'. Cannot convert the "APP-TANIUM" value of type "System.String" to type "System.Xml.XmlElement".

At line:4 char:46

+ Get-NsxSecurityTagAssignment -SecurityTag $_.Name

+ ~~~~~~~

+ CategoryInfo : InvalidData: (:) [Get-NsxSecurityTagAssignment], ParameterBindingArgumentTransformationException

+ FullyQualifiedErrorId : ParameterArgumentTransformationError,Get-NsxSecurityTagAssignment

I have found a few bugs in PowerNSX. So maybe this is just another. But I feel like I am missing something obvious.

LucD · ‎07-29-2019

Strange, can you what properties are available?
With Get-NsxSecurityTag | Get-Member

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

eaphilipp · ‎07-31-2019

I got this:

PS C:\> Get-NsxSecurityTag | Get-Member

TypeName: System.Xml.XmlElement

Name MemberType Definition

---- ---------- ----------

ToString CodeMethod static string XmlNode(psobject instance)

AppendChild Method System.Xml.XmlNode AppendChild(System.Xml.XmlNode newChild)

Clone Method System.Xml.XmlNode Clone(), System.Object ICloneable.Clone()

CloneNode Method System.Xml.XmlNode CloneNode(bool deep)

CreateNavigator Method System.Xml.XPath.XPathNavigator CreateNavigator(), System.Xml.XPath.XPathNavigator IXPathNavigable.CreateNavigator()

Equals Method bool Equals(System.Object obj)

GetAttribute Method string GetAttribute(string name), string GetAttribute(string localName, string namespaceURI)

GetAttributeNode Method System.Xml.XmlAttribute GetAttributeNode(string name), System.Xml.XmlAttribute GetAttributeNode(string localName, string namespaceURI)

GetElementsByTagName Method System.Xml.XmlNodeList GetElementsByTagName(string name), System.Xml.XmlNodeList GetElementsByTagName(string localName, string namespaceURI)

GetEnumerator Method System.Collections.IEnumerator GetEnumerator(), System.Collections.IEnumerator IEnumerable.GetEnumerator()

GetHashCode Method int GetHashCode()

GetNamespaceOfPrefix Method string GetNamespaceOfPrefix(string prefix)

GetPrefixOfNamespace Method string GetPrefixOfNamespace(string namespaceURI)

GetType Method type GetType()

HasAttribute Method bool HasAttribute(string name), bool HasAttribute(string localName, string namespaceURI)

InsertAfter Method System.Xml.XmlNode InsertAfter(System.Xml.XmlNode newChild, System.Xml.XmlNode refChild)

InsertBefore Method System.Xml.XmlNode InsertBefore(System.Xml.XmlNode newChild, System.Xml.XmlNode refChild)

Normalize Method void Normalize()

PrependChild Method System.Xml.XmlNode PrependChild(System.Xml.XmlNode newChild)

RemoveAll Method void RemoveAll()

RemoveAllAttributes Method void RemoveAllAttributes()

RemoveAttribute Method void RemoveAttribute(string name), void RemoveAttribute(string localName, string namespaceURI)

RemoveAttributeAt Method System.Xml.XmlNode RemoveAttributeAt(int i)

RemoveAttributeNode Method System.Xml.XmlAttribute RemoveAttributeNode(System.Xml.XmlAttribute oldAttr), System.Xml.XmlAttribute RemoveAttributeNode(string localName, string namespaceURI)

RemoveChild Method System.Xml.XmlNode RemoveChild(System.Xml.XmlNode oldChild)

ReplaceChild Method System.Xml.XmlNode ReplaceChild(System.Xml.XmlNode newChild, System.Xml.XmlNode oldChild)

SelectNodes Method System.Xml.XmlNodeList SelectNodes(string xpath), System.Xml.XmlNodeList SelectNodes(string xpath, System.Xml.XmlNamespaceManager nsmgr)

SelectSingleNode Method System.Xml.XmlNode SelectSingleNode(string xpath), System.Xml.XmlNode SelectSingleNode(string xpath, System.Xml.XmlNamespaceManager nsmgr)

SetAttribute Method void SetAttribute(string name, string value), string SetAttribute(string localName, string namespaceURI, string value)

SetAttributeNode Method System.Xml.XmlAttribute SetAttributeNode(System.Xml.XmlAttribute newAttr), System.Xml.XmlAttribute SetAttributeNode(string localName, string namespaceURI)

Supports Method bool Supports(string feature, string version)

WriteContentTo Method void WriteContentTo(System.Xml.XmlWriter w)

WriteTo Method void WriteTo(System.Xml.XmlWriter w)

Item ParameterizedProperty System.Xml.XmlElement Item(string name) {get;}, System.Xml.XmlElement Item(string localname, string ns) {get;}

clientHandle Property string clientHandle {get;set;}

description Property string description {get;set;}

extendedAttributes Property string extendedAttributes {get;set;}

isTemporal Property string isTemporal {get;set;}

isUniversal Property string isUniversal {get;set;}

name Property string name {get;set;}

nodeId Property string nodeId {get;set;}

objectId Property string objectId {get;set;}

objectTypeName Property string objectTypeName {get;set;}

revision Property string revision {get;set;}

systemResource Property string systemResource {get;set;}

type Property System.Xml.XmlElement type {get;}

universalRevision Property string universalRevision {get;set;}

vmCount Property string vmCount {get;set;}

vsmUuid Property string vsmUuid {get;set;}

LucD · ‎07-31-2019

That shows that the name property is there.

And it seems to have the expected value.

Can you check that it does?

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

eaphilipp · ‎07-31-2019

When you say that are you asking for this:

Get-NsxSecurityTag | select name

??? Sorry If I am missing something

LucD · ‎07-31-2019

Correct.

As an alternative, you can try the following alternative for the earlier snippet I gave.

It should say which tag it handling.

Get-NsxSecurityTag |

ForEach-Object -Process {

Write-Host "Looking at $($_.Name)"

Get-NsxSecurityTagAssignment -SecurityTag $_.Name

}

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

eaphilipp · ‎07-31-2019

Ok... If I run Get-nsxsecuritytag | select name I get a list of all of our security tags by name. So that works correctly:

If I run your snippet, I get this:

Looking at APP-TANIUM

Get-NsxSecurityTagAssignment : Cannot process argument transformation on parameter 'SecurityTag'. Cannot convert the "APP-TANIUM" value of type "System.String" to type "System.Xml.XmlElement".

At line:6 char:46

+ Get-NsxSecurityTagAssignment -SecurityTag $_.Name

+ ~~~~~~~

+ CategoryInfo : InvalidData: (:) [Get-NsxSecurityTagAssignment], ParameterBindingArgumentTransformationException

+ FullyQualifiedErrorId : ParameterArgumentTransformationError,Get-NsxSecurityTagAssignment

I really appreciate all of the help!

LucD · ‎07-31-2019

No problem :smileygrin:

And what if you do it like this?

Get-NsxSecurityTag |

ForEach-Object -Process {

Write-Host "Looking at $($_.Name)"

Get-NsxSecurityTagAssignment -SecurityTag $_

}

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

eaphilipp · ‎08-02-2019

So that did this:

Looking at APP-GITLAB

SecurityTag VirtualMachine

----------- --------------

securityTag G46PALATOWER004

securityTag G46PAL0011

securityTag G46PAL0012

securityTag G46PAL0013

securityTag G46PAL0014

securityTag G46PAL0013

securityTag G46PAL0014

securityTag G46PAL0017

securityTag G46PAL0018

I find it odd that it doesn't list the security tag "name" and instead just says security tag and not in this case. APP-GITLAB and then the VM.

I did find a bug where trying to delete NSX security tags from a VM with multiple tags assigned didn't work. It worked great if there was only one security tag assigned. So this snippet is suppose to remove all NSX security Tags assigned to a VM: get-vm $VM | Get-NsxSecurityTagAssignment | Remove-NsxSecurityTagAssignment -confirm:$false

That is just a side note.

LucD · ‎08-02-2019

That PowerNsx module seems to be using PSObjects and also XmlElements.

One more try, now with this

Get-NsxSecurityTag |

ForEach-Object -Process {

Write-Host "Looking at $($_.Name)"

Get-NsxSecurityTagAssignment -SecurityTag $_ |

Select @{N='SecurityTag';E={$_.SecurityTag.Name}},VirtualMachine

}

---------------------------------------------------------------------------------------------------------

Was it helpful? Let us know by completing this short survey here.

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference