Unable to access forgedTransmitsInherited, allowPromiscuousInherited and macChangesInherited in the security policy for virtual portgroups

Question

Unable to access forgedTransmitsInherited, allowPromiscuousInherited and macChangesInherited in the security policy for virtual portgroups

madhanse opened this issue a year ago · comments

Madhan Selvapandian commented a year ago

Describe the bug

I am able to access the above attributes in PowerCLI but this attribute is not present in the security policy class in pyvmomi.

Can kindly help to fix this adding the attribute in the class.

Thank you.

Reproduction steps

From each portgroup object, this setting needs to be accessed in portgroup.spec.policy.security

...

Expected behavior

Should contain true or false.

Additional context

No response

prziborowski · Answer 1 · Thu Jun 22 2023 12:23:45 GMT+0800 (China Standard Time)

The API itself doesn't really have a checkbox like the UI or powerCLI about inherited. It is more explicit.
https://developer.vmware.com/apis/358/vsphere/doc/vim.host.NetworkPolicy.html

This data object type describes network policies that can be configured for both virtual switches and port groups. The policy settings on the port group can inherit policy settings from their containing virtual switch. These policy settings are inherited if the settings on the port group are not set. Since every policy setting on a port group is optional, every individual policy setting can be inherited.

So if you configure a policy for a portgroup and leave a field unset, then it will inherit the virtual switch setting.
I believe that also means if you read the network policy of a portgroup and something is unset/None, then it is inheriting it from the switch, so you'd have to look at the switch for the actual value it is using.