WilliamLam.com

You are here: Home / Automation / Which NSX-T Policy APIs are used in the NSX-T UI in VMC?

Which NSX-T Policy APIs are used in the NSX-T UI in VMC?

by // Leave a Comment

As the adoption of VMware Cloud on AWS (VMC) continues to accelerate, one of the very first UI interface that customers must interact with is the NSX-T UI, for enabling basic connectivity. By default the Edge Gateway has a Deny All Firewall Rule, so you will need to come to this screen to setup connectivity from your on-premises environment including a Direct Connect (DX) or Route/Policy-Based VPN. For some customers who have familiarize themselves with the NSX-T UI and its capabilities, usually the next order of business is how do I go about automating these various aspects from Day 0 setup all the way to Day N where I am migrating in or creating additional workloads.

A very common set of questions that I have been getting lately is which API do I need to look at to do X in the NSX-T UI in VMC?


Having spent some time with the NSX-T Policy API, I figure it would be useful to share the categories of NSX-T Policy API that maps back to what you see in the NSX-T UI in VMC. The list below is not exhaustive, but should it should point you in the right direction when needing to automate a particular operation.

0. Overviewhttps://www.williamlam.com/2019/02/how-to-retrieve-the-nsx-t-overview-info-sddc-public-ip-appliance-infra-subnet-etc-in-vmc.html

  1. Segments (Logical Networks) - https://vdc-download.vmware.com/vmwb-repository/dcr-public/fce962c2-9c8d-477c-ba14-0572c3f11ed6/da7645f7-fe16-47a9-9e8d-29b9bae8cb34/nsx_api_vmc.html#Sections.Policy.Connectivity.Segments
  2. Route Based VPN - https://vdc-download.vmware.com/vmwb-repository/dcr-public/fce962c2-9c8d-477c-ba14-0572c3f11ed6/da7645f7-fe16-47a9-9e8d-29b9bae8cb34/nsx_api_vmc.html#Sections.Policy.L3Vpn
    1. Edit Local ASN - https://vdc-download.vmware.com/vmwb-repository/dcr-public/fce962c2-9c8d-477c-ba14-0572c3f11ed6/da7645f7-fe16-47a9-9e8d-29b9bae8cb34/nsx_api_vmc.html#Methods.PatchBgpNeighborConfig
  3. Policy Based VPN - https://vdc-download.vmware.com/vmwb-repository/dcr-public/fce962c2-9c8d-477c-ba14-0572c3f11ed6/da7645f7-fe16-47a9-9e8d-29b9bae8cb34/nsx_api_vmc.html#Sections.Policy.L3Vpn
  4. Layer 2 VPN - https://vdc-download.vmware.com/vmwb-repository/dcr-public/fce962c2-9c8d-477c-ba14-0572c3f11ed6/da7645f7-fe16-47a9-9e8d-29b9bae8cb34/nsx_api_vmc.html#Sections.Policy.L2Vpn
  5. NAT - https://vdc-download.vmware.com/vmwb-repository/dcr-public/fce962c2-9c8d-477c-ba14-0572c3f11ed6/da7645f7-fe16-47a9-9e8d-29b9bae8cb34/nsx_api_vmc.html#Sections.Policy.Nat
  6. Gateway Firewall - https://vdc-download.vmware.com/vmwb-repository/dcr-public/fce962c2-9c8d-477c-ba14-0572c3f11ed6/da7645f7-fe16-47a9-9e8d-29b9bae8cb34/nsx_api_vmc.html#Sections.Policy.Gateway%20Firewall
  7. Distributed Firewall (DFW) - https://vdc-download.vmware.com/vmwb-repository/dcr-public/fce962c2-9c8d-477c-ba14-0572c3f11ed6/da7645f7-fe16-47a9-9e8d-29b9bae8cb34/nsx_api_vmc.html#Sections.Policy.Dfw
  8. Groups - https://vdc-download.vmware.com/vmwb-repository/dcr-public/fce962c2-9c8d-477c-ba14-0572c3f11ed6/da7645f7-fe16-47a9-9e8d-29b9bae8cb34/nsx_api_vmc.html#Methods.ListGroupForDomain
  9. Services - https://vdc-download.vmware.com/vmwb-repository/dcr-public/fce962c2-9c8d-477c-ba14-0572c3f11ed6/da7645f7-fe16-47a9-9e8d-29b9bae8cb34/nsx_api_vmc.html#Methods.ListServicesForTenant
  10. IPFIX - https://vdc-download.vmware.com/vmwb-repository/dcr-public/fce962c2-9c8d-477c-ba14-0572c3f11ed6/da7645f7-fe16-47a9-9e8d-29b9bae8cb34/nsx_api_vmc.html#Sections.Policy.Ipfixdfw
  11. Port Mirroring - https://vdc-download.vmware.com/vmwb-repository/dcr-public/fce962c2-9c8d-477c-ba14-0572c3f11ed6/da7645f7-fe16-47a9-9e8d-29b9bae8cb34/nsx_api_vmc.html#Methods.ListPortMirroringInstances
  12. DNS - https://vdc-download.vmware.com/vmwb-repository/dcr-public/fce962c2-9c8d-477c-ba14-0572c3f11ed6/da7645f7-fe16-47a9-9e8d-29b9bae8cb34/nsx_api_vmc.html#Sections.Policy.Dns%20Forwarder
  13. Public IPs - https://vdc-download.vmware.com/vmwb-repository/dcr-public/fce962c2-9c8d-477c-ba14-0572c3f11ed6/da7645f7-fe16-47a9-9e8d-29b9bae8cb34/nsx_api_vmc.html#Methods.ListPublicIps
  14. Direct Connect
    1. https://vmware.github.io/vsphere-automation-sdk-rest/vmc/index.html#SVC_com.vmware.vmc.orgs.account_link.connected_accounts
    2. https://vdc-download.vmware.com/vmwb-repository/dcr-public/fce962c2-9c8d-477c-ba14-0572c3f11ed6/da7645f7-fe16-47a9-9e8d-29b9bae8cb34/nsx_api_vmc.html#Methods.GetDxBgpInfo
  15. Connected VPC - https://vdc-download.vmware.com/vmwb-repository/dcr-public/fce962c2-9c8d-477c-ba14-0572c3f11ed6/da7645f7-fe16-47a9-9e8d-29b9bae8cb34/nsx_api_vmc.html#Methods.ListLinkedVpcs

Below are some additional resources including reference samples when working with the NSX-T Policy API, definitely worth checking out if you ask me? 😉

More from my site

Thanks for the comment!

This site uses Akismet to reduce spam. Learn how your comment data is processed.