PATCH "https://${NSX_HOST}/policy/api/v1/infra/segments/${SEGMENT_ID}/segment-security-profile-binding-maps/${SECURE_ID}"
is accepting invalid values in the request payload which is causing the segments to become unmodifiable in GUI."https://${NSX_HOST}/policy/api/v1/infra/segments/${SEGMENT_ID}/segment-security-profile-binding-maps/${SECURE_ID}"
VMware NSX 4.1, 4.2
API request payload is missing the validation for segment_security_profile_path parameter when updating the binding maps.
This is a known issue, and our engineering team is working on a fix by adding validation for the segment_security_profile_path path parameter.
Meantime, you can apply one of workarounds:
Workaround 1:
1. Do a call GET "https://${NSX_HOST}/policy/api/v1/infra/segments/${SEGMENT_ID}/segment-security-profile-binding-maps/${SECURE_ID}"
to the segment binding map, which has the double special characters.
2. Do an Update call PATCH: "https://${NSX_HOST}/policy/api/v1/infra/segments/${SEGMENT_ID}/segment-security-profile-binding-maps/${SECURE_ID}"
by removing the profile path, which has the double special characters.
3. Do the Update call PATCH: "https://${NSX_HOST}/policy/api/v1/infra/segments/${SEGMENT_ID}/segment-security-profile-binding-maps/${SECURE_ID}"
again, this time putting back the profile as well as removing the extra special characters.
Steps:
1. GET API Request:
2. PATCH API request (removing the profile path):
3. PATCH API request (putting back the profile as well as removing the extra special characters):
Workaround 2:
Delete the Infra segment security profile binding map using DELETE API endpoint here: and re-create.