Exporting the NSX-T DFW configuration via the Policy API

Some times it's useful to export the entire distributed firewall configuration. It could be used as an offline backup before applying configuration changes, provided to personnel who does not have direct access to the NSX manager for auditing or information, or leveraged as a starting point for a migration to a new environment. Unfortunately, NSX-T … Continue reading Exporting the NSX-T DFW configuration via the Policy API

Adding Terraform NSX configurations to a multibranch CI/CD Pipeline

Managing our network with an infrastructure as code (IaC) approach means using the same methodologies and processes we would use for the application code. Even better would be to treat the network configurations required to support the application as an integral part of the app itself. But, what does it exactly mean in practice? An … Continue reading Adding Terraform NSX configurations to a multibranch CI/CD Pipeline

Network & Security as a service via the NSX Policy API, Git, and Jenkins

When getting started with infrastructure automation, it is common to put together a script that sequentially performs the steps we would have done through the UI or the CLI.  There is nothing wrong with that. Still, the more I played with APIs and Automation tools, the more I realized that to really treat my infrastructure … Continue reading Network & Security as a service via the NSX Policy API, Git, and Jenkins

NSX-T Multitenancy – Object-Based RBAC with Principal Identities and Policy API

In this post, I will explore the possibility of leveraging NSX-T Principal Identities in lieu of a proper object-based RBAC functionality not available in the current 2.4 version. This solution may be appealing in some multi-tenant scenarios. What is multitenancy? Since I started working at VMware, I learned that any time I talk about multitenancy … Continue reading NSX-T Multitenancy – Object-Based RBAC with Principal Identities and Policy API