commit bd983d2673c975fb062d0377b432ee07ab7ced11
Author: Shih-Hao Li <shihli@vmware.com>
Date:   Mon Aug 24 03:28:43 2020 -0700

    NSXT: Add rule tag support
    
    Expose firewall rule rule_tag property.
    
    Change-Id: Iec6848e325bb7e1eb43b83d060ba9486897cc93a
    (cherry picked from commit 3ba085fec36668e70dd1a26a12d5c7be83b5156b)

diff --git a/vmware_nsxlib/tests/unit/v3/test_security.py b/vmware_nsxlib/tests/unit/v3/test_security.py
index 1f57e08..64a6df3 100644
--- a/vmware_nsxlib/tests/unit/v3/test_security.py
+++ b/vmware_nsxlib/tests/unit/v3/test_security.py
@@ -63,6 +63,26 @@ class TestNsxLibFirewallSection(nsxlib_testcase.NsxLibTestCase):
         }
         self.assertEqual(expected, result)
 
+    def test_get_rule_dict(self):
+        result = self.nsxlib.firewall_section.get_rule_dict(
+            'display_name', sources='sources', destinations='destinations',
+            direction=const.IN_OUT, ip_protocol=const.IPV4_IPV6,
+            services='services', action=const.FW_ACTION_ALLOW,
+            logged=True, disabled=True, applied_tos='applied_tos',
+            rule_tag='rule_tag')
+        expected = {'display_name': 'display_name',
+                    'sources': 'sources',
+                    'destinations': 'destinations',
+                    'direction': const.IN_OUT,
+                    'ip_protocol': const.IPV4_IPV6,
+                    'services': 'services',
+                    'action': const.FW_ACTION_ALLOW,
+                    'logged': True,
+                    'disabled': True,
+                    'applied_tos': 'applied_tos',
+                    'rule_tag': 'rule_tag'}
+        self.assertEqual(expected, result)
+
     def test_create_rules_with_protocol(self):
         with mock.patch("vmware_nsxlib.v3.security.NsxLibFirewallSection"
                         ".add_rules") as add_rules:
diff --git a/vmware_nsxlib/v3/security.py b/vmware_nsxlib/v3/security.py
index 47bb3b1..bbfeb02 100644
--- a/vmware_nsxlib/v3/security.py
+++ b/vmware_nsxlib/v3/security.py
@@ -407,7 +407,8 @@ class NsxLibFirewallSection(utils.NsxLibApiBase):
     def get_rule_dict(self, display_name, sources=None, destinations=None,
                       direction=consts.IN_OUT, ip_protocol=consts.IPV4_IPV6,
                       services=None, action=consts.FW_ACTION_ALLOW,
-                      logged=False, disabled=False, applied_tos=None):
+                      logged=False, disabled=False, applied_tos=None,
+                      rule_tag=None):
         rule_dict = {'display_name': display_name,
                      'direction': direction,
                      'ip_protocol': ip_protocol,
@@ -419,6 +420,8 @@ class NsxLibFirewallSection(utils.NsxLibApiBase):
                      'services': services or []}
         if applied_tos is not None:
             rule_dict['applied_tos'] = applied_tos
+        if rule_tag is not None:
+            rule_dict['rule_tag'] = rule_tag
         return rule_dict
 
     def add_rule(self, rule, section_id, operation=consts.FW_INSERT_BOTTOM):