Publish Saved Configuration

[ypeguero1]

Is there anyways for PowerNSX to "publish" a saved configuration? I've found several cmdlets like "Get-NsxFirewallSavedConfiguration" which are able to retried the list of 100 saved configuration, but I am looking to retried/publish a configuration.

Main goal is to be able to automate configuration publishing which can only take place at certain points in the day.

Thanks!

[dcoghlan]

Here is a snippet of code that I use to take the output of GET /api/4.0/firewall/globalroot-0/config, make the required changes, and then upload it as a saved configuration.

    write-log -level verbose -msg ("-" * 80)
    write-log -level host -ForegroundColor green -msg "$($MyInvocation.MyCommand)($($MyInvocation.ScriptLineNumber)) : Preparing DFW Saved Config in a DFW Draft format ready for upload"
    # Now we need to create a firewalldraft and upload it
    # Taken from New-NsxFirewallSavedCOnfiguration in PowerNSX

    # Create the XMLRoot
    [System.XML.XMLDocument]$xmlDoc = New-Object System.XML.XMLDocument
    [System.XML.XMLElement]$xmlRoot = $XMLDoc.CreateElement("firewallDraft")

    # Set the name attribute
    $xmlDoc.appendChild($xmlRoot) | Out-Null
    $xmlAttrName = $xmlDoc.createAttribute("name")
    $xmlAttrName.value = "Imported Firewall Configuration"
    $xmlRoot.Attributes.Append($xmlAttrName) | Out-Null

    Add-XmlElement -xmlRoot $xmlRoot -xmlElementName "preserve" -xmlElementText "True"
    Add-XmlElement -xmlRoot $xmlRoot -xmlElementName "mode" -xmlElementText "userdefined"
    Add-XmlElement -xmlRoot $xmlRoot -xmlElementName "description" -xmlElementText "Configuration from Firewall Importer"

    [System.XML.XMLElement]$xmlConfigNode = $xmlRoot.OwnerDocument.CreateElement("config")
    $xmlRoot.AppendChild($xmlConfigNode) | Out-Null

    foreach ($node in $dfwSavedConfig.firewallConfiguration.ChildNodes) {
        $xmlConfigBackup = $xmlroot.OwnerDocument.ImportNode($node, $true)
        $xmlConfigNode.AppendChild($xmlConfigBackup) | Out-Null
    }

    write-log -level host -ForegroundColor green -msg "$($MyInvocation.MyCommand)($($MyInvocation.ScriptLineNumber)) : Uploading DFW Saved Config as a DFW Draft"

    $body = $xmlroot.OuterXml
    $body | Format-XML | Out-File "dfwSavedConfig_upload.xml"
    Write-Progress -Activity "Creating firewall saved configuration."
    $uri = "/api/4.0/firewall/globalroot-0/drafts/action/import"
    try {
        Invoke-NsxWebRequest -method POST -URI $uri -body $body
    }
    catch {
        Write-Log -Level Error "An error occured uploading the DFW Saved Configuration. `n $_"
        write-log -level Host "An error occured uploading the DFW Saved Configuration. Please check the log file."
    }

[ypeguero1]

@dcoghlan thanks for this, so you use this to create the DFW Saved Configuration, then how do you got about publishing your Saved Configuration, through the web interface? or do you then call PUT /api/4.0/firewall/globalroot-0/config