NSX Autonomous Edge REST API

ActionDescriptor (schema)

Name	Description	Type	Notes
description	A description of what the action does	string	Readonly
descriptor	The URI of the REST routine provider that implements the action	string	Required Readonly
name	The name of the action	string	Required Readonly
uri	The URI to use to invoke the action	string	Required Readonly

ApiCertificate (schema)

Name	Description	Type	Notes
api_certificate	API certificate	string	Required
api_key	API private key	string
ca_certificate	CA certificate	string	Required

ApiCertificateReply (schema)

Name	Description	Type	Notes
status	API certificate replacement status	string	Required

ApplianceManagementSuppressRedirectQueryParameter (schema)

Name	Description	Type	Notes
suppress_redirect	Suppress redirect status if applicable Do not return a redirect HTTP status.	boolean	Default: "False"

ApplianceManagementTaskListResult (schema)

Appliance management task query results

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Task property results	array of ApplianceManagementTaskProperties	Required

ApplianceManagementTaskProperties (schema)

Appliance management task properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
async_response_available	True if response for asynchronous request is available	boolean	Readonly
cancelable	True if this task can be canceled	boolean	Readonly
description	Description of the task	string	Readonly
details	Details about the task if known	object	Readonly
end_time	The end time of the task in epoch milliseconds	EpochMsTimestamp	Readonly
id	Identifier for this task	string	Readonly Pattern: "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}_[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$"
message	A message describing the disposition of the task	string	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
progress	Task progress if known, from 0 to 100	integer	Readonly Minimum: 0 Maximum: 100
request_is_async	True if request was invoked with Vmw-Async:true header; otherwise, false	boolean	Readonly
request_method	HTTP request method	string	Readonly
request_uri	URI of the method invocation that spawned this task	string	Readonly
start_time	The start time of the task in epoch milliseconds	EpochMsTimestamp	Readonly
status	Current status of the task	ApplianceManagementTaskStatus	Readonly
user	Name of the user who created this task	string	Readonly

ApplianceManagementTaskQueryParameters (schema)

Name	Description	Type	Notes
fields	Fields to include in query results Comma-separated field names to include in query result	string
request_method	Request method(s) to include in query result Comma-separated request methods to include in query result	string	Pattern: "^(=|!=|~|!~)?.+$"
request_path	Request URI path(s) to include in query result Comma-separated request paths to include in query result	string	Pattern: "^(=|!=|~|!~)?.+$"
request_uri	Request URI(s) to include in query result Comma-separated request URIs to include in query result	string	Pattern: "^(=|!=|~|!~)?.+$"
status	Status(es) to include in query result Comma-separated status values to include in query result	string	Pattern: "^(=|!=|~|!~)?.+$"
user	Names of users to include in query result Comma-separated user names to include in query result	string	Pattern: "^(=|!=|~|!~)?.+$"

ApplianceManagementTaskStatus (schema)

Current status of the appliance management task

Name	Description	Type	Notes
ApplianceManagementTaskStatus	Current status of the appliance management task	string	Enum: running, error, success, canceling, canceled, killed

AuthenticationPolicyProperties (schema)

Configuration of authentication and password policies for the NSX node

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_retry_prompt	Prompt user at most N times before returning with error.	integer	Readonly Default: "3"
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
api_failed_auth_lockout_period	Lockout period in seconds Once a lockout occurs, the account remains locked out of the API for this time period. Only applies to NSX Manager nodes. Ignored on other node types.	integer	Minimum: 0 Maximum: 9000 Default: "900"
api_failed_auth_reset_period	Period, in seconds, for authentication failures to trigger lockout In order to trigger an account lockout, all authentication failures must occur in this time window. If the reset period expires, the failed login count is reset to zero. Only applies to NSX Manager nodes. Ignored on other node types.	integer	Minimum: 0 Maximum: 9000 Default: "900"
api_max_auth_failures	Number of authentication failures that trigger API lockout Only applies to NSX Manager nodes. Ignored on other node types.	integer	Minimum: 0 Maximum: 50 Default: "5"
cli_failed_auth_lockout_period	Lockout period in seconds Once a lockout occurs, the account remains locked out of the CLI for this time period. While the lockout period is in effect, additional authentication attempts restart the lockout period, even if a valid password is specified.	integer	Minimum: 0 Maximum: 604800 Default: "900"
cli_max_auth_failures	Number of authentication failures that trigger CLI lockout	integer	Minimum: 0 Maximum: 10 Default: "5"
digits	Number of digits in password Number of digits (0..9) expected in user password. N < 0, to set minimum credit for having digits in the new password, i.e. this is the minimum number of digits that must be met for a new password. N > 0, to set maximum credit for having digits in the new password, i.e. per occurrence of digit in password will attribute additional credit of +1 towards meeting the current minimum_password_length value upto N digits. N = 0, policy will be not applicable. By default minimum 1 digit is required for a new password.	integer	Minimum: -128 Maximum: 128 Default: "-1"
hash_algorithm	Hash algorithm Sets hash/cryptographic algorithm type for new passwords.	string	Enum: sha512, sha256 Default: "sha512"
lower_chars	Number of lower-case characters in password Number of lower case characters (a..z) expected in user password. N < 0, to set minimum credit for having lower case characters in the new password, i.e. this is the minimum number of lower case characters that must be met for a new password. N > 0, to set maximum credit for having lower case characters in the new password, i.e. per occurrence of lower case character in password will attribute additional credit of +1 towards meeting the current minimum_password_length value upto N lower case characters. N = 0, policy will be not applicable. By default minimum 1 lower case character is required for a new password.	integer	Minimum: -128 Maximum: 128 Default: "-1"
max_repeats	Number of same consecutive characters Reject passwords which contain more than N same consecutive characters, like aaa or 7777. To disable the check, value should be set to 0.	integer	Minimum: 0 Maximum: 128 Default: "0"
max_sequence	Length of permissible monotonic sequence in password substring Reject passwords which contain more than N monotonic character sequences. Monotonic sequences can be '12345' or 'fedcb'. To disable the check, value should be set to 0.	integer	Minimum: 0 Maximum: 128 Default: "0"
maximum_password_length	Maximum password length Maximum number of characters allowed in password; user can not set their password of length greater than this parameter. By default maximum length of password is 128 characters.	integer	Minimum: 8 Maximum: 128 Default: "128"
minimum_password_length	Minimum password length Minimum number of characters expected in password; user can not set their password of length less than this parameter. NOTE, for existing users upgrading to NSX-T datacenter version 4.0 or above - if existing appliance is configured with minimum_password_length less than current default value, then upgraded appliance will reset the configured setting back to recommended default; which can be explicitly modified back to original value or any other integer greater than or equal to supported minimum value. VMware recommends to set strong passwords for systems and appliances, further suggests to maintain strong minimum_password_length value. NSX resets this value to default and recommends to maintain upgraded default value or above for password complexity requirement. If any existing user passwords are set with length of less than newly configured minimum_password_length, then its recommended to reset the user passwords as per newly configured password complexity compliance. If existing minimum_password_length is greater than or equal to default value, which shall be retained as it is in newly upgraded appliance. By default minimum length of password is 12 characters and passwords less than 8 characters are never allowed.	integer	Minimum: 8 Maximum: 128 Default: "12"
minimum_unique_chars	Number of unique characters from old password Number of character changes in the new password that differentiate it from the old password. To disable the check, value should be set to 0.	integer	Minimum: 0 Maximum: 128 Default: "0"
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
password_remembrance	Password remembrance from previous generations Limit using a password that was used in past; users can not set the same password within the N generations. To disable the check, value should be set to 0.	integer	Minimum: 0 Default: "0"
special_chars	Number of special characters in password Number of special characters (!@#$&*..) expected in user password. N < 0, to set minimum credit for having special characters in the new password, i.e. this is the minimum number of special characters that must be met for a new password. N > 0, to set maximum credit for having special characters in the new password, i.e. per occurrence of special case character in password will attribute additional credit of +1 towards meeting the current minimum_password_length value upto N special case characters. N = 0, policy will be not applicable. By default minimum 1 special character is required for a new password.	integer	Minimum: -128 Maximum: 128 Default: "-1"
upper_chars	Number of upper-case characters in password Number of upper case characters (A..Z) expected in user password. N < 0, to set minimum credit for having upper case characters in the new password, i.e. this is the minimum number of lower case characters that must be met for a new password. N > 0, to set maximum credit for having upper case characters in the new password, i.e. per occurrence of upper case character in password will attribute additional credit of +1 towards meeting the current minimum_password_length value upto N upper case characters. N = 0, policy will be not applicable. By default minimum 1 upper case character is required for a new password.	integer	Minimum: -128 Maximum: 128 Default: "-1"

AuthenticationScheme (schema)

Name	Description	Type	Notes
scheme_name	Authentication scheme name	string	Required

AutonomousEdgeClusterConfig (schema)

Name	Description	Type	Notes
nodes	Nodes in the cluster	array of TransportNodeInEdgeCluster	Minimum items: 1 Maximum items: 2

BasicAuthenticationScheme (schema)

Name	Description	Type	Notes
password	Password to authenticate with	string	Required
scheme_name	Authentication scheme name	string	Required Enum: basic
username	User name to authenticate with	string	Required Pattern: "^.+$"

BlackholeAction (schema)

Action to be taken on matching packets for NULL routes. For action is DISCARD, matching packets are dropped rather than forwarded.

Name	Description	Type	Notes
BlackholeAction	Action to be taken on matching packets for NULL routes. For action is DISCARD, matching packets are dropped rather than forwarded.	string	Enum: DISCARD

Certificate (schema)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
details	list of X509Certificates	array of X509Certificate	Readonly
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Readonly Sortable
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
pem_encoded	pem encoded certificate data	string	Required
resource_type	Must be set to the value Certificate	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
used_by	list of node IDs with services, that are using this certificate	array of NodeIdServicesMap	Readonly

CertificateList (schema)

Certificate queries result

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Certificate list	array of Certificate	Required Readonly

ConfigType (schema)

Config Type

Name	Description	Type	Notes
ConfigType	Config Type	string	Enum: nsxa-state, nsxa-edge-cluster, nsxa-lrouter, nsxa-service-router, nestdb, edge-agent, dataplane, nsd, manager, controller, core

CopyFromRemoteFileProperties (schema)

Name	Description	Type	Notes
port	Server port	integer	Minimum: 1 Maximum: 65535
preserve_file_properties	Preserve file properties flag	boolean	Default: "True"
protocol	Protocol to use to copy file	Protocol (Abstract type: pass one of the following concrete types) HttpProtocol HttpsProtocol ScpProtocol SftpProtocol	Required
server	Remote server hostname or IP address	string	Required Pattern: "^.+$"
uri	URI of file to copy	string	Required

CopyRemoteFileProperties (schema)

Name	Description	Type	Notes
port	Server port	integer	Minimum: 1 Maximum: 65535
preserve_file_properties	Preserve file properties flag	boolean	Default: "True"
server	Remote server hostname or IP address	string	Required Pattern: "^.+$"
uri	URI of file to copy	string	Required

CopyToRemoteFileProperties (schema)

Name	Description	Type	Notes
port	Server port	integer	Minimum: 1 Maximum: 65535
preserve_file_properties	Preserve file properties flag	boolean	Default: "True"
protocol	Protocol to use to copy file Only scp and sftp may be used.	Protocol (Abstract type: pass one of the following concrete types) HttpProtocol HttpsProtocol ScpProtocol SftpProtocol	Required
server	Remote server hostname or IP address	string	Required Pattern: "^.+$"
uri	URI of file to copy	string	Required

CoreDumpConfig (schema)

Node core dump config

Node core dump config

Name	Description	Type	Notes
global_file_limit	Core dump file persistence config global limit	integer	Minimum: 0 Default: "2"
global_frequency_threshold	Core dump files frequency threshold config in seconds, set 0 to disable	integer	Minimum: 0 Default: "600"
process_config	Core dump config per process limit	array of CoreDumpProcessConfig

CoreDumpProcessConfig (schema)

Core dump process config

Name	Description	Type	Notes
limit	Core dump process limit	integer	Required
process_name	Core dump process name	string	Required

CpuStats (schema)

CPU core statistics

Provides the following CPU stats for a given core:

- Core ID.
- CPU type.
- Number of packets sent and received per second on the core for the last 100ms.
- Number of packets received per second from the crypto module, the KNI interface,
the slowpath threads and the other cores within the last 100ms.
- Statistics of the mega flow cache which holds flow cache key and the corresponding
flow cache actions for all the entries. The counts are from the time the edge
dataplane is UP and will be reset on edge reboot or edge dataplane restart.
- Statistics of the micro flow cache which holds a hash of the entire flow cache key
and a pointer to the mega flow cache entry. The counts are from the time the edge
dataplane is UP and will be reset on edge reboot or edge dataplane restart.
- Percentage of live CPU utilization of the core sampled within the last 60 seconds.
- Percentage of CPU utilization of the core for actual packet processing for the last
100ms.

Name	Description	Type	Notes
core	core id CPU id	string	Readonly
cpu_type	cpu type cpu type, one of datapath_core, controlpath_core and service_core	string	Readonly Enum: datapath_core, controlpath_core, service_core Default: "controlpath_core"
crypto	CPU crypto packet rate The total number of packets per second (pps) received from the crypto module for the last 100ms.	string	Readonly
intercore	CPU intercore packet rate The total number of packets per second (pps) received from other cores for the last 100ms.	string	Readonly
kni	CPU Kernel Network Interface (KNI) packet rate The total number of packets per second (pps) received from Linux KNI interface for the last 100ms.	string	Readonly
mega_flowcachestats	Mega flow cache stats Provides statistics of the mega flow cache which holds the flow cache key and the corresponding flow cache actions for all the entries. The flow cache key is the five tuples of an IP connection - src/dst IP, protocol, and src/dst ports. This will be reset on edge reboot or edge dataplane restart.	FlowCacheStatistics	Readonly
micro_flowcachestats	Micro flow cache stats Provides statistics of the micro flow cache which holds a hash of the entire flow cache key and a pointer to the mega flow cache entry, where the flow cache key and actions are stored. This will be reset on edge reboot or edge dataplane restart.	FlowCacheStatistics	Readonly
packet_processing_usage	Datapath CPU packet processing usage Provides the percentage of CPU utilization of the core on actual packet processing for the last 100ms. It is percentage of busy cycles vs. total cycles, where busy cycles are the cycles spent in a poll round where at least one packet was received.	string	Readonly
rx	CPU Rx packet rate The total number of packets per second (pps) received from NICs for the last 100ms.	string	Readonly
slowpath	CPU slowpath packet rate The total number of packets per second (pps) received from slowpath threads for the last 100ms.	string	Readonly
tx	CPU Tx packet rate The total number of packets per second (pps) transmitted from NICs for the last 100ms. This also includes the packets dropped due to Tx ring full.	string	Readonly
usage	CPU usage Provides the percentage of live CPU utilisation of the core sampled within the last 60 seconds.	string	Readonly

CreateRemoteDirectoryProperties (schema)

Name	Description	Type	Notes
port	Server port	integer	Minimum: 1 Maximum: 65535
preserve_file_properties	Preserve file properties flag	boolean	Default: "True"
protocol	Protocol to use to copy file	SftpProtocol	Required
server	Remote server hostname or IP address	string	Required Pattern: "^.+$"
uri	URI of file to copy	string	Required

Crl (schema)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
details	details of the X509Crl object	X509Crl	Readonly
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Readonly Sortable
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
pem_encoded	pem encoded crl data	string	Required
resource_type	Must be set to the value Crl	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

CrlList (schema)

Crl queries result

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	CRL list	array of Crl	Required Readonly

CrlObjectData (schema)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Readonly Sortable
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
pem_encoded	pem encoded crl data	string	Required
resource_type	Must be set to the value CrlObjectData	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

DHGroup (schema)

Diffie-Hellman groups

Diffie-Hellman groups represent algorithm used to derive shared
keys between IPSec VPN initiator and responder over an
unsecured network.
GROUP2 uses 1024-bit Modular Exponentiation (MODP) group.
GROUP5 uses 1536-bit MODP group.
GROUP14 uses 2048-bit MODP group.
GROUP15 uses 3072-bit MODP group.
GROUP16 uses 4096-bit MODP group.
GROUP19 uses 256-bit random Elliptic Curve (ECP) group.
GROUP20 uses 384-bit random ECP group.
GROUP21 uses 521-bit random ECP group.

Name	Description	Type	Notes
DHGroup	Diffie-Hellman groups Diffie-Hellman groups represent algorithm used to derive shared keys between IPSec VPN initiator and responder over an unsecured network. GROUP2 uses 1024-bit Modular Exponentiation (MODP) group. GROUP5 uses 1536-bit MODP group. GROUP14 uses 2048-bit MODP group. GROUP15 uses 3072-bit MODP group. GROUP16 uses 4096-bit MODP group. GROUP19 uses 256-bit random Elliptic Curve (ECP) group. GROUP20 uses 384-bit random ECP group. GROUP21 uses 521-bit random ECP group.	string	Enum: GROUP2, GROUP5, GROUP14, GROUP15, GROUP16, GROUP19, GROUP20, GROUP21

DatetimeUTC (schema)

Datetime string in UTC

Datetime string in UTC in the RFC3339 format 'yyyy-mm-ddThh:mm:ssZ'

Name	Description	Type	Notes
DatetimeUTC	Datetime string in UTC Datetime string in UTC in the RFC3339 format 'yyyy-mm-ddThh:mm:ssZ'	string

DeleteRemoteDirectoryProperties (schema)

Name	Description	Type	Notes
directory_path	Directory Path Directory Path which needs to be retained	string
port	Server port	integer	Minimum: 1 Maximum: 65535
preserve_file_properties	Preserve file properties flag	boolean	Default: "True"
protocol	Protocol to use to delete directory Protocol to use to delete directory	SftpProtocol	Required
server	Remote server hostname or IP address	string	Required Pattern: "^.+$"
uri	URI of file to copy	string	Required

EdgeConfigDiagnosis (schema)

Name	Description	Type	Notes
failed	Failed Config	FailedOrWarningConfig	Required
passed	Passed Config	array of ConfigType	Required
warning	Config Warning	FailedOrWarningConfig	Required

EdgeDataplaneCpuStats (schema)

Edge dataplane CPU stats

Provides the dataplane CPU statistics per CPU core for a given edge transport
node. It includes the following information:

- Core ID.
- CPU type.
- Number of packets sent and received per second on the core for the last 100ms.
- Number of packets received per second from the crypto module, the KNI interface,
the slowpath threads and the other cores within the last 100ms.
- Statistics of the mega flow cache which holds flow cache key and the corresponding
flow cache actions for all the entries. The counts are from the time the edge
dataplane is UP and will be reset on edge reboot or edge dataplane restart.
- Statistics of the micro flow cache which holds a hash of the entire flow cache key
and a pointer to the mega flow cache entry. The counts are from the time the edge
dataplane is UP and will be reset on edge reboot or edge dataplane restart.
- Percentage of live CPU utilization of the core sampled within the last 60 seconds.
- Percentage of CPU utilization of the core for actual packet processing for the last
100ms.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
cores	Statistics of all CPU cores Provides the per-core CPU statistics of an edge transport node for the last 100ms. It includes the number of packets sent and received per second; the number of packets received from the crypto module, the other cores, the Kernel Network interface (KNI), and the slowpath threads per second and the CPU packet processing usage. It also provides the live CPU usage of the core sampled within the last 60 seconds. It includes the flow cache statistics since the time the edge dataplane is UP. The flow cache statistics will be reset on edge reboot or edge dataplane restart.	array of CpuStats	Maximum items: 64
datapath_cores_mode	Datapath core mode Mode of how the datapath cores get the packets from driver	string	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"

EdgeDataplaneCtrlPrioSetting (schema)

Information about Edge Dataplane control packet prioritization setting.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
ctrl_prio_enabled	Control packet prioritization setting	boolean
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"

EdgeDataplaneFlow (schema)

Edge dataplane flow record

Name	Description	Type	Notes
dst_ip	Destination IP Destination IP of the flow	string
dst_port	Destination port Destination port of the flow	integer
proto	Protocol Protocol of the flow	integer
src_ip	Source IP Source IP of the flow	string
src_port	Source port Source port of the flow	integer
tunnel_dst_ip	Tunnel destination IP Tunnel destination IP of the flow	string
tunnel_src_ip	Tunnel source IP Tunnel source IP of the flow	string

EdgeDataplaneFlowCacheSetting (schema)

Information about Edge Dataplane Flow Cache mode.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
flow_cache_enabled	Flow cache setting	boolean
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"

EdgeDataplaneFlowMonitorMessage (schema)

Edge dataplane flow monitor message

Name	Description	Type	Notes
message	Message Edge dataplane flow monitor message	string

EdgeDataplaneFlowMonitorStartSetting (schema)

Information about Edge Dataplane flow monitor start setting.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
core_id	Core id Flow monitor core id	string
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
timeout	Timeout for flow monitor in seconds, in the range of 1 - 600. Flow monitor timeout in seconds	string	Default: "15"

EdgeDataplaneFlowQueryParameters (schema)

Name	Description	Type	Notes
fields	Fields to include in query results Comma-separated field names to include in query result	string
top_10	Collect top 10 flows when set to true Collect top 10 flows when set to true, else collect all flows.	boolean	Default: "False"

EdgeDataplaneGeneveCbitSetting (schema)

Information about Edge Dataplane geneve cbit setting.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
geneve_cbit_set	geneve critical bit setting	boolean
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"

EdgeDataplaneIntrModeSetting (schema)

Information about Edge Dataplane interrupt mode setting.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
intr_mode_enabled	interrupt mode setting	boolean
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"

EdgeDataplaneL2vpnPmtuSetting (schema)

Information about Edge Dataplane l2vpn pmtu message generation setting.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
l2vpn_pmtu_enabled	l2vpn pmtu setting	boolean
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"

EdgeDataplanePmtuLearningSetting (schema)

Information about Edge Dataplane pmtu learning setting.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
pmtu_learning_enabled	l3vpn pmtu setting	boolean

EdgeDataplaneQatAdminSetting (schema)

Information about Edge Dataplane QAT feature enabled setting.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
qat_admin_enabled	QAT feature enabled setting	boolean

EdgeDataplaneQatAdminSettingResponse (schema)

Information about Edge Dataplane QAT feature enabled setting.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
update_message	Datapath QAT enable CLI message Message to display after setting QAT feature	string	Readonly

EdgeDataplaneQatStatus (schema)

Information about Edge Dataplane QAT status

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
admin_status	QAT enabled QAT device enabled	boolean	Readonly
device_present	QAT present QAT device present	boolean	Readonly
fips_compliant	FIPS compliance FIPS compliance of QAT feature	boolean	Readonly
is_vm	VM deployment Edge is deployed in VM	boolean	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
operational_status	QAT running QAT device currently running	boolean	Readonly

EdgeDataplaneQueueNumPerPortPerCoreSetting (schema)

Rx and Tx queue number

Provides information about the number of receive(Rx) and transmit(Tx) queue per port
per core on the edge transport node.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
queue_num_per_port_per_core	Queue number per port per core The total number of receive(Rx) and transmit(Tx) queues that edge dataplane allocates per port per core.	integer	Minimum: 1 Maximum: 16

EdgeDataplaneRingSize (schema)

Edge dataplane ring size

Provides information about the receive(Rx) and transmit(Tx) ring buffer size of
the edge dataplane. These buffers store the incoming and outgoing packets on the
edge NIC respectively.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
rx_ring_size	Rx ring size The size of the ring buffer which stores the incoming packets on the edge NIC before they are processed.	integer
tx_ring_size	Tx ring size The size of the ring buffer which stores the packets to be sent out from the edge NIC.	integer

EdgeDataplaneRingSizeSetting (schema)

Information about Edge physical port ring size setting.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
ring_size	ring size	integer

EdgeDataplaneTopKFlowQueryParameters (schema)

Name	Description	Type	Notes
core_id	CPU core on which the flows are to be monitored CPU core on which the flows are to be monitored	integer	Minimum: 0 Maximum: 128
fields	Fields to include in query results Comma-separated field names to include in query result	string
timeout	Timeout for flow monitor in seconds Timeout for flow monitor in seconds	integer	Minimum: 1 Maximum: 120 Default: "30"

EdgeDataplaneTopKFlows (schema)

Edge dataplane top-k flow dump

Name	Description	Type	Notes
flow_count	Count of flow records Count of flow records in the result	integer
flows	Array of flow records Array of flow records	array of EdgeDataplaneFlow

EdgeDataplaneUptModeSetting (schema)

Information about Edge Dataplane UPT mode setting.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
upt_mode_enabled	UPT (Uniform Pass Thru) mode setting	boolean	Default: "False"

EdgeDiagnosis (schema)

Name	Description	Type	Notes
config	Edge Config Diagnosis	EdgeConfigDiagnosis	Required
ha-state	HA State	string	Required Enum: disabled, offline, discover, statesync, inactive, active, unknown

EdgeDiagnosisInconsistency (schema)

NSX Edge inconsistency check

Name	Description	Type	Notes
detail	NSX Edge inconsistency check detail NSX Edge inconsistency check detail	array of string
title	NSX Edge inconsistency check type NSX Edge inconsistency check type	string

EdgeDiagnosisInconsistencyResult (schema)

NSX Edge inconsistency check result

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	NSX Edge inconsistency check result	array of EdgeDiagnosisInconsistency

EdgeInconsistencyQueryParameters (schema)

Name	Description	Type	Notes
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page) A cursor points to a specific record in the inconsistency check result	integer	Minimum: 0
page_size	Maximum number of results to return in this page (server may return fewer) The page size determines the number of records to be returned	integer	Minimum: 1 Maximum: 100

EdgeNodeServiceLoggingProperties (schema)

Edge node service properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
service_name	Service name	string	Required
service_properties

EdgeNodeServiceLoggingReadOnlyProperties (schema)

Edge node service properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
service_name	Service name	string	Required
service_properties

EmbeddedResource (schema)

Base class for resources that are embedded in other resources

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_owner	Owner of this resource	OwnerResourceLink	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Identifier of the resource	string	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
resource_type	The type of this resource.	string

EpochMsTimestamp (schema)

Timestamp in milliseconds since epoch

Name	Description	Type	Notes
EpochMsTimestamp	Timestamp in milliseconds since epoch	integer

ExitEdgeInterface (schema)

Exit interface for logical router port

Name	Description	Type	Notes
ExitEdgeInterface	Exit interface for logical router port	string	Enum: eth1, eth2, eth3, eth4, eth5, eth6, eth7, eth8

FailedOrWarningConfig (schema)

Failed or Warning Config

Name	Description	Type	Notes
controller	Controller Connection State	string
core	Core Names	array of string
dataplane	Dataplane State	string
edge-agent	Edge Agent State	string
manager	Manager Connection State	string
nestdb	NestDB State	string
nsd	Nsd State	string
nsxa-edge-cluster	Edge Cluster State	string
nsxa-lrouter	Logical Router State	string
nsxa-service-router	Service Router State	string
nsxa-state	NSXA State	string

FileProperties (schema)

File properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
created_epoch_ms	File creation time in epoch milliseconds	integer	Required
modified_epoch_ms	File modification time in epoch milliseconds	integer	Required
name	File name	string	Required Pattern: "^[^/]+$"
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
path	File path	string	Readonly
size	Size of the file in bytes	integer	Required

FilePropertiesListResult (schema)

File properties query results

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	File property results	array of FileProperties	Required

FileThumbprint (schema)

File thumbprint

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
name	File name	string	Required Pattern: "^[^/]+$"
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
sha1	File's SHA1 thumbprint	string	Deprecated Required
sha256	File's SHA256 thumbprint	string	Required

FlowCacheStatistics (schema)

Flow cache statistics

Provides the following statistics for flow cache since the time the edge
dataplane is UP:

- Number of active entries.
- Number of cache entry insertions.
- Number of bucket collisions when the entry insertion happens to
a bucket which is full.
- Number of key collisions when the entry to be inserted has a key
colliding with that of an existing entry.
- Number of cache hits, hit_rate, misses and skips.
- Number of packets that cannot be cached.
- Number of maximum entries with respect to size.

Name	Description	Type	Notes
active	Active The number of current active entries in the flow cache.	string
bucket_collisions	Bucket collisions The total number of times when during an entry insertion, the corresponding bucket is full with unexpired entries. This collision will result in a flow cache miss. This is valid only for mega flow cache. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	string
dont_cache	Dont cache The total number of packets that cannot be cached. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	string
hit_rate	Hit rate The rate at which the packets matching the flow cache are forwarded. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	string
hits	Hits The total number of packets forwarded due to matching flow cache entry. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	string
insertions	Insertions The total number of times a new flow cache entry is added. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	string
key_collisions	Key collisions The total number of times a newly inserted entry has a key colliding with that of an existing entry. In this case, the new entry will replace the existing entry. This is only valid for mega flow cache. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	string
max_seen_percentage	Max seen percentage The percentage of maximum entries in a flow cache with respect to total size. This is collected from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	string
misses	Misses The total number of packets passed on to the next layer due to cache miss. The next layer can be either slow path (in case of megaflow cache) or megaflow cache (in case of microflow cache). The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	string
skipped	Skipped The total number of packet misses due to unsupported packet type or the cache is disabled. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	string

GetCertParameter (schema)

Name	Description	Type	Notes
details	whether to expand the pem data and show all its details	boolean	Default: "False"

GetSNMPParameters (schema)

Get SNMP request parameters

Get SNMP request parameters.

Name	Description	Type	Notes
show_sensitive_data	Show SNMP sensitive data or not Whether to show SNMP service properties including community strings if any applicable.	boolean	Default: "False"

HANodeStatusProperties (schema)

Name	Description	Type	Notes
admin_state	Node Admin State	NodeAdminState
high_availability_status	Node High Availability Status	NodeHAStatus
node_status	Actual Node Status	NodeStatus
vtep_state	State of VTEP interfaces. All VTEPs share the same state.	NodeVtepState

HaInfo (schema)

Name	Description	Type	Notes
failover_mode	Logical router failover mode Logical router failover mode	string	Readonly Enum: PREEMPTIVE, NON-PREEMPTIVE
ha_mode	Logical router HA mode Logical router HA mode	string	Readonly Enum: ACTIVE-STANDBY, ACTIVE-ACTIVE
ha_state	Logical router HA state Logical router HA state DOWN - Logical router is not in good health SYNC - Logical router is synchronizing data from peer logical router STANDBY - Logical router is available to go Active ACTIVE - Logical router is forwarding traffic	string	Readonly Enum: DOWN, SYNC, STANDBY, ACTIVE
rank	Rank of logical router Rank of logical router	integer	Readonly
state-history	Logical router high-availability history Logical router high-availability history	LogicalRouterHaHistory	Readonly

HostKeyAlgorithms (schema)

SSH key type

Name	Description	Type	Notes
HostKeyAlgorithms	SSH key type	string	Enum: ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, ssh-dss, ssh-ed25519, ssh-rsa

HostnameOrIPv46Address (schema)

Hostname or IPv4 or IPv6 address

Name	Description	Type	Notes
HostnameOrIPv46Address	Hostname or IPv4 or IPv6 address	string	Maximum length: 255 Pattern: "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*\.?$|^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$"

HttpProtocol (schema)

Name	Description	Type	Notes
authentication_scheme	Scheme to authenticate if required	BasicAuthenticationScheme
name	Must be set to the value HttpProtocol	string	Required Enum: http, https, scp, sftp

HttpsProtocol (schema)

Name	Description	Type	Notes
authentication_scheme	Scheme to authenticate if required	BasicAuthenticationScheme
name	Must be set to the value HttpsProtocol	string	Required Enum: http, https, scp, sftp
sha256_thumbprint	SSL thumbprint of server	string	Required

IKEDigestAlgorithm (schema)

Digest Algorithms used in IKE negotiations

The IKEDigestAlgorithms are used to verify message
integrity during IKE negotiation. SHA1 produces 160
bits hash and SHA2_XXX produces XXX bit hash.

Name	Description	Type	Notes
IKEDigestAlgorithm	Digest Algorithms used in IKE negotiations The IKEDigestAlgorithms are used to verify message integrity during IKE negotiation. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.	string	Enum: SHA1, SHA2_256, SHA2_384, SHA2_512

IKEEncryptionAlgorithm (schema)

Encryption algorithms used in IKE

IKEEncryption algorithms are used to ensure confidentiality of
the messages exchanged during IKE negotiations. AES stands for
Advanced Encryption Standards. AES_128 uses 128-bit keys whereas
AES_256 uses 256-bit keys for encryption and decryption.
AES_GCM stands for Advanced Encryption Standard(AES) in
Galois/Counter Mode(GCM) and is used to provide both
confidentiality and data origin authentication. AES_GCM composed
of two separate functions one for encryption(AES) and one for
authentication(GMAC). AES_GCM algorithms will be available with
IKE_V2 version only.
AES_GCM_128 uses 128-bit keys.
AES_GCM_192 uses 192-bit keys.
AES_GCM_256 uses 256-bit keys.

Name	Description	Type	Notes
IKEEncryptionAlgorithm	Encryption algorithms used in IKE IKEEncryption algorithms are used to ensure confidentiality of the messages exchanged during IKE negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode(GCM) and is used to provide both confidentiality and data origin authentication. AES_GCM composed of two separate functions one for encryption(AES) and one for authentication(GMAC). AES_GCM algorithms will be available with IKE_V2 version only. AES_GCM_128 uses 128-bit keys. AES_GCM_192 uses 192-bit keys. AES_GCM_256 uses 256-bit keys.	string	Enum: AES_128, AES_256, AES_GCM_128, AES_GCM_192, AES_GCM_256

IPCIDRBlock (schema)

IPv4 or IPv6 CIDR Block

Name	Description	Type	Notes
IPCIDRBlock	IPv4 or IPv6 CIDR Block	string

IPSecMultiPathGroup (schema)

IPSec VPN multipath group

Configuration to allow IPSec VPN traffic through multipaths.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
enabled	Enable IPSec VPN multipath group If true, enable IPSec VPN multipath group.	boolean	Default: "False"
id	Unique identifier of this resource	string	Readonly Sortable
ipsec_vpn_session_ids	List of IPSec VPN session Ids that are using this multipath group List of all IPSec VPN session Ids that are using this multipath group.	array of string	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
resource_type	Must be set to the value IPSecMultiPathGroup	string
scheme	The scheme specified to decide best paths Specify a scheme to probe the quality of different paths for IPSec VPN traffic and to select the best equally good paths. THRESHOLD_BASED: The best paths are selected based on the threshold limit configured.		Enum: THRESHOLD_BASED Default: "THRESHOLD_BASED"
scheme_value	The value specified for the scheme If scheme is THRESHOLD_BASED, scheme_value represents margin above the average path metric used for selecting the best paths. Paths below the specified threshold are considered good while above the selected threshold are considered bad quality. Threshold is a percentage value in the range of [0-100]. If not specified, the default is 20.	integer
source_port_pool_size	The size of the source port pool The maximum number of best paths allowed for an IPSec VPN session. For each path, a UDP source port number is assigned from an internal source port pool for encapsulating the IPSec VPN traffic through the path.	integer	Minimum: 2 Maximum: 7 Default: "7"
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

IPSecMultiPathGroupListResult (schema)

List of IPSec multipath groups

List all the IPSec multipath groups.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	IPSec multipath group list results	array of IPSecMultiPathGroup	Required

IPSecVPNDPDProfile (schema)

Dead peer detection (DPD) profile

Dead peer detection (DPD) is a method that allows detection of unreachable internet key excahnge (IKE) peers. Any changes affects all IPSec VPN sessions consuming this profile.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
dpd_probe_interval	DPD probe interval defines an interval for DPD probes (in seconds) When the DPD probe mode is periodic, this interval is the number of seconds between DPD messages. When the DPD probe mode is on-demand, this interval is the number of seconds during which traffic is not received from the peer before DPD retry messages are sent if there is IPSec traffic to send. For PERIODIC Mode: Minimum: 3 Maximum: 360 Default: 60 For ON_DEMAND Mode: Minimum: 1 Maximum: 10 Default: 3	integer	Minimum: 1 Maximum: 360
dpd_probe_mode	DPD probe mode DPD probe mode is used to query the liveliness of the peer. Two modes are possible - PERIODIC - is used to query the liveliness of the peer at regular intervals (dpd_probe_interval). It does not take into consideration traffic coming from the peer. The benefit of this mode over the on-demand mode is earlier detection of dead peers. However, use of periodic DPD incurs extra overhead. When communicating to large numbers of peers, please consider using on-demand DPD instead. ON_DEMAND - is used to query the liveliness of the peer by instructing the local endpoint to send DPD message to a peer if there is traffic to send to the peer AND the peer was idle for dpd_probe_interval seconds (i.e. there was no traffic from the peer for dpd_probe_interval seconds)	string	Enum: PERIODIC, ON_DEMAND Default: "PERIODIC"
enabled	Enable dead peer detection (DPD) If true, enable dead peer detection.	boolean	Default: "True"
id	Unique identifier of this resource	string	Readonly Sortable
is_default	Default Profile It is a boolean flag which reflects whether a profile is created and owned by system or not. If the session creation/update does not define a profile, this default profile will be used. Default profiles cannot be edited or deleted. If the sessions needs different settings, please create a new profile.	boolean	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
resource_type	Must be set to the value IPSecVPNDPDProfile	string
retry_count	Retry count Maximum number of DPD messages retry attempts. This value is applicable for both dpd probe modes, periodic and on-demand.	integer	Minimum: 1 Maximum: 100 Default: "5"
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

IPSecVPNDPDProfileListResult (schema)

List dead peer detection (DPD) profiles

List all the dead peer detection (DPD) profiles.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	IPSec DPD Profile list results	array of IPSecVPNDPDProfile	Required

IPSecVPNIKEProfile (schema)

Internet key exchange (IKE) profile

IKE Profile is a reusable profile that captures IKE phase one negotiation parameters. Any changes affects all IPSec VPN sessions consuming this profile.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
dh_groups	DH group Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.	array of DHGroup
digest_algorithms	Algorithm for message hash Algorithm used for message digest during Internet Key Exchange(IKE) negotiation. Default is SHA2_256.	array of IKEDigestAlgorithm
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
encryption_algorithms	Encryption algorithm for IKE Encryption algorithm used during Internet Key Exchange(IKE) negotiation. Default is AES_128.	array of IKEEncryptionAlgorithm
id	Unique identifier of this resource	string	Readonly Sortable
ike_version	IKE version IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.	string	Enum: IKE_V1, IKE_V2, IKE_FLEX Default: "IKE_V2"
is_default	Default Profile It is a boolean flag which reflects whether a profile is created and owned by system or not. If the session creation/update does not define a profile, this default profile will be used. Default profiles cannot be edited or deleted. If the sessions needs different settings, please create a new profile.	boolean	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
resource_type	Must be set to the value IPSecVPNIKEProfile	string
sa_life_time	Security association (SA) life time Life time for security association. Default is 86400 seconds (1 day).	integer	Minimum: 21600 Maximum: 31536000 Default: "86400"
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

IPSecVPNIKEProfileListResult (schema)

List IKE profiles

List all the IKE profiles.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	IKE Profile list results	array of IPSecVPNIKEProfile	Required

IPSecVPNIKESessionStatus (schema)

IKE session status

Status for IPSec VPN IKE session UP, DOWN, NEGOTIATING and fail reason if IKE session is down.

Name	Description	Type	Notes
fail_reason	Fail reason Reason for failure.	string	Readonly
ike_session_state	IKE session state IKE session service status UP, DOWN and NEGOTIATING.	string	Readonly Enum: UP, DOWN, NEGOTIATING

IPSecVPNLocalEndpoint (schema)

IPSec VPN Local Endpoint

Local endpoint represents a logical router on which tunnel needs to be terminated.

Name	Description	Type	Notes
certificate_id	Certificate Id Site certificate identifier.	string	Pattern: "^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$"
local_address	IPV4 Address for local endpoint IPV4 Address for local endpoint.	IPv4Address	Required
local_id	Local identifier Local identifier. Only one Local id is allowed for a local address.	string
trust_ca_ids	Certificate authority (CA) identifiers Certificate authority (CA) identifier list to verify peer certificates.	array of string
trust_crl_ids	Certificate revocation list (CRL) Identifiers Certificate revocation list (CRL) identifier list of peer certificates.	array of string

IPSecVPNPolicyRule (schema)

IPSec VPN policy rules

For policy-based IPsec VPNs, a security policy specifies as its action the VPN tunnel to be used for transit traffic that meets the policy's match criteria.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_owner	Owner of this resource	OwnerResourceLink	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
action	Action to be applied PROTECT - Protect rules are defined per policy based IPSec VPN session.	string	Readonly Enum: PROTECT Default: "PROTECT"
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
destinations	Destination list List of peer subnets.	array of IPSecVPNPolicySubnet	Maximum items: 128
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
enabled	Enabled flag A flag to enable/disable the policy rule.	boolean	Default: "True"
id	Unique policy id Unique policy id.	string
logged	Logging flag A flag to enable/disable the logging for the policy rule.	boolean	Default: "False"
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
resource_type	Must be set to the value IPSecVPNPolicyRule	string
sources	Source list List of local subnets.	array of IPSecVPNPolicySubnet	Maximum items: 128

IPSecVPNPolicySubnet (schema)

Subnet for IPSec Policy based VPN

Used to specify the local/peer subnets in IPSec VPN Policy rule.

Name	Description	Type	Notes
subnet	Peer or local subnet Subnet used in policy rule.	IPv4CIDRBlock	Required

IPSecVPNPolicyTrafficStatistics (schema)

IPSec VPN policy traffic statistics

IPSec VPN policy traffic statistics

Name	Description	Type	Notes
aggregate_traffic_counters	Traffic summary Aggregate traffic statistics across all ipsec tunnels.	IPSecVPNTrafficCounters	Readonly
policy_id	Policy Identifier Policy Identifier.	string	Readonly
tunnel_statistics	Tunnel statistics Tunnel statistics.	array of IPSecVPNTunnelTrafficStatistics	Readonly

IPSecVPNService (schema)

IPSec VPN service

IPSec VPN service for given logical router.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
enabled	Enable virtual private network (VPN) service If true, enable VPN services for given logical router.	boolean	Default: "True"
id	Unique identifier of this resource	string	Readonly Sortable
ike_log_level	Internet key exchange (IKE) log level Log level for internet key exchange (IKE).	string	Enum: DEBUG, INFO, WARN, ERROR, EMERGENCY Default: "INFO"
ipsec_ha_sync	IPSec HA State Sync flag Enable/disable IPSec HA state sync. IPSec HA state sync can be disabled in case there are performance issues with the state sync messages. Default is to enable HA Sync.	boolean	Default: "True"
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
resource_type	Must be set to the value IPSecVPNService	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

IPSecVPNSession (schema)

IPSec VPN session

VPN session defines connection between local and peer endpoint. Untill VPN session is defined configuration is not realized. This is an abstract type. Concrete child types:
PolicyBasedIPSecVPNSession
RouteBasedIPSecVPNSession

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
authentication_mode	Authentication Mode Authentication mode used for the peer authentication. For PSK (Pre Shared Key) authentication mode, 'psk' property is mandatory and for the CERTIFICATE authentication mode, 'peer_id' property is mandatory.	string	Enum: PSK, CERTIFICATE Default: "PSK"
connection_initiation_mode	Connection initiation mode Connection initiation mode used by local endpoint to establish ike connection with peer endpoint. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request.	string	Enum: INITIATOR, RESPOND_ONLY, ON_DEMAND Default: "INITIATOR"
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
dpd_profile_id	Dead peer detection (DPD) profile id Dead peer detection (DPD) profile id. Default will be set according to system default policy.	string	Pattern: "^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$"
enabled	Enable/Disable IPSec VPN session Enable/Disable IPSec VPN session.	boolean	Default: "True"
id	Unique identifier of this resource	string	Readonly Sortable
ike_profile_id	Internet key exchange (IKE) profile id IKE profile id to be used. Default will be set according to system default policy.	string	Pattern: "^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$"
ipsec_tunnel_profile_id	IPSec tunnel profile id Tunnel profile id to be used. By default it will point to system default profile.	string	Pattern: "^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$"
local_endpoint	Local endpoint Local endpoint.	IPSecVPNLocalEndpoint	Required
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
peer_address	IPV4 address of peer endpoint on remote site. IPV4 address of peer endpoint on remote site.	string	Required
peer_id	Peer id Peer identifier.	string	Required
psk	Pre-shared key IPSec Pre-shared key. Maximum length of this field is 128 characters. Its required input in PSK authentication mode.	string	Minimum: 1 Maximum: 128
resource_type	Must be set to the value IPSecVPNSession	IPSecVPNSessionResourceType	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
tcp_mss_clamping		TcpMssClamping

IPSecVPNSessionListParameters (schema)

List parameters for IPSec VPN Sessions

Parameters to get filtered list of IPSec VPN Sessions. The filter parameters are not mutually exclusive and can be used together.

Name	Description	Type	Notes
session_type	Type of the vpn session All the IPSec VPN sessions of specified type will be included in the result.	IPSecVPNSessionResourceType

IPSecVPNSessionListResult (schema)

List IPSec VPN sessions

List all the IPSec VPN sessions.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	IPSec VPN sessions list result	array of IPSecVPNSession (Abstract type: pass one of the following concrete types) PolicyBasedIPSecVPNSession RouteBasedIPSecVPNSession	Required

IPSecVPNSessionResourceType (schema)

Resource types of IPsec VPN session

A Policy Based VPN requires to define protect rules that match
local and peer subnets. IPSec security associations is
negotiated for each pair of local and peer subnet.
A Route Based VPN is more flexible, more powerful and recommended over
policy based VPN. IP Tunnel port is created and all traffic routed via
tunnel port is protected. Routes can be configured statically
or can be learned through BGP. A route based VPN is must for establishing
redundant VPN session to remote site.

Name	Description	Type	Notes
IPSecVPNSessionResourceType	Resource types of IPsec VPN session A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet. A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site.	string	Enum: PolicyBasedIPSecVPNSession, RouteBasedIPSecVPNSession

IPSecVPNSessionStatistics (schema)

IPSec VPN session statistics

Session statistics gives aggregated statistics of all policies for all the tunnels.

Name	Description	Type	Notes
aggregate_traffic_counters	Traffic summary Aggregate traffic statistics across all ipsec tunnels.	IPSecVPNTrafficCounters	Readonly
display_name	Display name Display name of vpn session.	string	Readonly
failed_tunnels	Failed tunnels Number of failed tunnels.	integer	Readonly
ike_status	IKE status summary Status for IPSec VPN IKE session UP/DOWN and fail reason if IKE session is down.	IPSecVPNIKESessionStatus	Readonly
ipsec_vpn_session_id	Session identifier UUID of vpn session.	string	Readonly
last_update_timestamp	Last updated timestamp Timestamp when the data was last updated.	EpochMsTimestamp	Readonly
negotiated_tunnels	Negotiated tunnels Number of negotiated tunnels.	integer	Readonly
partial_stats	Partial Statistics Partial statistics if true specifies that the statistics are only from active node.	boolean	Readonly
policy_statistics	IPSec policy statistics Gives aggregate traffic statistics across all ipsec tunnels and individual tunnel statistics.	array of IPSecVPNPolicyTrafficStatistics	Readonly
session_status	Session status Gives session status consolidated using IKE status and tunnel status. It can be UP, DOWN, DEGRADED. If IKE and all tunnels are UP status will be UP, if all down it will be DOWN, otherwise it will be DEGRADED.	string	Readonly Enum: UP, DOWN, DEGRADED
total_tunnels	Total tunnels Total number of tunnels.	integer	Readonly

IPSecVPNTrafficCounters (schema)

IPSec VPN traffic counters

Traffic counters for IPSec VPN session.

Name	Description	Type	Notes
bytes_in	Bytes in Total number of bytes recevied.	integer	Readonly
bytes_out	Bytes out Total number of bytes sent.	integer	Readonly
dropped_packets_in	Dropped incoming packets Total number of incoming packets dropped on inbound security association.	integer	Readonly
dropped_packets_out	Dropped outgoing packets Total number of outgoing packets dropped on outbound security association.	integer	Readonly
packets_in	Packets in Total number of packets received.	integer	Readonly
packets_out	Packets out Total number of packets sent.	integer	Readonly

IPSecVPNTunnelProfile (schema)

IPSec VPN tunnel profile

IPSec VPN tunnel profile is a reusable profile that captures phase two negotiation parameters and tunnel properties. Any changes affects all IPSec VPN sessions consuming this profile.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
df_policy	Policy for handling defragmentation bit Defragmentation policy helps to handle defragmentation bit present in the inner packet. COPY copies the defragmentation bit from the inner IP packet into the outer packet. CLEAR ignores the defragmentation bit present in the inner packet.	string	Enum: COPY, CLEAR Default: "COPY"
dh_groups	DH group Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.	array of DHGroup
digest_algorithms	Algorithm for message hash Algorithm used for message digest. Default digest algorithm is implicitly covered by default encryption algorithm "AES_GCM_128".	array of TunnelDigestAlgorithm
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
enable_perfect_forward_secrecy	Enable perfect forward secrecy If true, perfect forward secrecy (PFS) is enabled.	boolean	Default: "True"
encapsulation_mode	Encapsulation Mode Encapsulation Mode to be used for encryption of packet. Tunnel mode protects internal routing information by encrypting IP header of original packet.	string	Readonly Enum: TUNNEL_MODE Default: "TUNNEL_MODE"
encryption_algorithms	Encryption algorithm to use in tunnel establishement Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128.	array of TunnelEncryptionAlgorithm
id	Unique identifier of this resource	string	Readonly Sortable
is_default	Default Profile It is a boolean flag which reflects whether a profile is created and owned by system or not. If the session creation/update does not define a profile, this default profile will be used. Default profiles cannot be edited or deleted. If the sessions needs different settings, please create a new profile.	boolean	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
resource_type	Must be set to the value IPSecVPNTunnelProfile	string
sa_life_time	Security association (SA) life time SA life time specifies the expiry time of security association. Default is 3600 seconds.	integer	Minimum: 900 Maximum: 31536000 Default: "3600"
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
transform_protocol	Tunnel protocol IPSec transform specifies IPSec security protocol.	string	Readonly Enum: ESP Default: "ESP"

IPSecVPNTunnelProfileListResult (schema)

List tunnel profiles

List all the tunnel profiles.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	IPSec Tunnel Profile list results	array of IPSecVPNTunnelProfile	Required

IPSecVPNTunnelTrafficStatistics (schema)

IPSec VPN tunnel traffic statistics

IPSec VPN tunnel traffic statistics.

Name	Description	Type	Notes
bytes_in	Bytes in Total number of incoming bytes on inbound Security association (SA).	integer	Readonly
bytes_out	Bytes out Total number of outgoing bytes on outbound Security association (SA).	integer	Readonly
decryption_failures	Decryption failures Total number of packets dropped due to decryption failures.	integer	Readonly
dropped_packets_in	Dropped incoming packets Total number of incoming packets dropped on inbound security association.	integer	Readonly
dropped_packets_out	Dropped outgoing packets Total number of outgoing packets dropped on outbound security association.	integer	Readonly
encryption_failures	Encryption failures Total number of packets dropped because of failure in encryption.	integer	Readonly
integrity_failures	Integrity failures Total number of packets dropped due to integrity failures.	integer	Readonly
local_subnet	Local subnet Local subnet to which a tunnel belongs.	string	Readonly
nomatching_policy_errors	Nomatching Policy errors Number of packets dropped because of no matching policy is available.	integer	Readonly
packets_in	Packets in Total number of incoming packets on inbound Security association (SA).	integer	Readonly
packets_out	Packets out Total number of outgoing packets on outbound Security association (SA).	integer	Readonly
packets_receive_other_error	Packets receive other error Total number of incoming packets dropped on inbound Security association (SA)(misc).	integer	Readonly
packets_sent_other_error	Packets sent other error Total number of packets dropped while sending for any reason.	integer	Readonly
peer_subnet	Peer subnet Peer subnet to which a tunnel belongs.	string	Readonly
replay_errors	Replay errors Total number of packets dropped due to replay check on that Security association (SA).	integer	Readonly
sa_mismatch_errors_in	Security association (SA) mismatch errors on incoming packets Totoal number of security association (SA) mismatch errors on incoming packets.	integer	Readonly
sa_mismatch_errors_out	Security association (SA) mismatch errors on outgoing packets Totoal number of security association (SA) mismatch errors on outgoing packets.	integer	Readonly
seq_number_overflow_error	Sequence number overflow error Total number of packets dropped while sending due to overflow in sequence number.	integer	Readonly
tunnel_down_reason	Tunnel down reason Gives the detailed reason about the tunnel when it is down. If tunnel is UP tunnel down reason will be empty.	string	Readonly
tunnel_status	Tunnel Status Specifies the status of tunnel. If all the SA (Security association) are negotiated then tunnels status will be UP. If negotiation fails for the SAs status will be DOWN, if SAs are in negotiating phase tunnels status will be NEGOTIATING.	string	Readonly Enum: UP, DOWN, NEGOTIATING

IPSubnet (schema)

Name	Description	Type	Notes
ip_addresses	IPv4 Addresses	array of IPv4Address	Required Minimum items: 1 Maximum items: 1
prefix_length	Subnet Prefix Length	integer	Required Minimum: 1 Maximum: 32

IPv4Address (schema)

IPv4 address

Name	Description	Type	Notes
IPv4Address	IPv4 address	string	Maximum length: 255 Pattern: "^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$"

IPv4AddressProperties (schema)

IPv4 address properties

Name	Description	Type	Notes
ip_address	Interface IPv4 address	string	Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$"
netmask	Interface netmask	string	Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$"

IPv4CIDRBlock (schema)

IPv4 CIDR Block

Name	Description	Type	Notes
IPv4CIDRBlock	IPv4 CIDR Block	string	Maximum length: 255 Pattern: "^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\/(3[0-2]|[1-2][0-9]|[0-9]))$"

IPv6AddressProperties (schema)

IPv6 address properties

Name	Description	Type	Notes
ip6_address	Interface IPv6 address	string	Pattern: "^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$"
ip6_gateway	IPv6 Gateway	string	Pattern: "^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$"
prefixlen	Prefix length	integer

IncludedFieldsParameters (schema)

A list of fields to include in query results

Name	Description	Type	Notes
included_fields	Comma separated list of fields that should be included in query result	string

Interface (schema)

Interface properties

Interface properties.

Name	Description	Type	Notes
address	CIDR block IPv4 or IPv6 CIDR block.	IPCIDRBlock	Required
interface_type	Interface type Interface type.	string	Required Enum: MANAGEMENT, TUNNEL
name	Interface name Interface name.	string	Required

KnownHostParameter (schema)

Name	Description	Type	Notes
host	Known host hostname or IPv4/v6 address	HostnameOrIPv46Address	Required
port	Known host port	integer	Minimum: 1 Maximum: 65535 Default: "22"

L2Extension (schema)

L2 Extension

Configuration for extending L2 domain with L2VPN.

Name	Description	Type	Notes
l2vpn_session_id	L2VPN session ID L2VPN sessions identifier for L2 extension.	string	Required
l2vpn_session_name	Display name of the given l2vpn session Display name of the given l2vpn session.	string
tunnel_id	Tunnel ID Tunnel ID to uniquely identify the L2 extension.	integer	Required Minimum: 1 Maximum: 4093

L2VPNSession (schema)

L2VPN Session

L2VPN Session represents meta data necessary to create
the L2VPN Session. For client, it is represented by an array
of peer code for each transport tunnel.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
enabled	Enable L2VPN session Enable to extend all the associated logical switches.	boolean	Default: "True"
id	Unique identifier of this resource	string	Readonly Sortable
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
resource_type	Must be set to the value L2VPNSession	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
transport_tunnels	List of L2VPN Transport Tunnel List of L2VPN transport tunnel.	array of TransportTunnel	Required Minimum items: 1 Maximum items: 4

L2VPNSessionListResult (schema)

List all L2VPN sessions

list all the L2VPN sessions

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	L2VPN sessions list result	array of L2VPNSession	Required

L2VPNSessionStatistics (schema)

L2VPN session statistics

L2VPN session statistics.

Name	Description	Type	Notes
display_name	Display name Display name of L2VPN session.	string	Readonly
l2vpn_session_id	Session identifier UUID of L2VPN session.	string	Readonly
reference_count	Number of references to L2VPN session Number of logical ports that are referencing the L2VPN session.	integer	Readonly
session_status	L2VPN session status L2VPN session status. It can be UP and DOWN.	string	Readonly Enum: UP, DOWN
traffic_counter	Traffic counter Traffic counter through the L2VPN session.	L2VPNTrafficStatistics	Readonly
transport_tunnels	List of transport tunnels List of transport tunnels.	array of TransportTunnel	Readonly

L2VPNTrafficStatistics (schema)

L2VPN traffic statistics

Traffic statistics for L2VPN.

Name	Description	Type	Notes
bytes_in	Bytes in Total number of incoming bytes.	integer	Readonly
bytes_out	Bytes out Total number of outgoing bytes.	integer	Readonly
dropped_packets_in	Dropped incoming packets Total number of incoming packets dropped.	integer	Readonly
dropped_packets_out	Dropped outgoing packets Total number of outgoing packets dropped.	integer	Readonly
packets_in	Packets in Total number of incoming packets.	integer	Readonly
packets_out	Packets out Total number of outgoing packets.	integer	Readonly

ListCertParameter (schema)

Name	Description	Type	Notes
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string
details	whether to expand the pem data and show all its details	boolean	Default: "False"
included_fields	Comma separated list of fields that should be included in query result	string
page_size	Maximum number of results to return in this page (server may return fewer)	integer	Minimum: 0 Maximum: 1000 Default: "1000"
sort_ascending		boolean
sort_by	Field by which records are sorted	string
type	Type of certificate to return Provide this parameter to limit the list of returned certificates to those matching a particular usage. Passing cluster_certificate will return the certificate used for the cluster wide API service.	string	Enum: cluster_api_certificate

ListRequestParameters (schema)

Name	Description	Type	Notes
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string
included_fields	Comma separated list of fields that should be included in query result	string
page_size	Maximum number of results to return in this page (server may return fewer)	integer	Minimum: 0 Maximum: 1000 Default: "1000"
sort_ascending		boolean
sort_by	Field by which records are sorted	string

ListResult (schema)

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Result list	array of Resource	Required

ListResultQueryParameters (schema)

Name	Description	Type	Notes
fields	Fields to include in query results Comma-separated field names to include in query result	string

LogicalPort (schema)

This is an abstract type. Concrete child types:
LogicalRouterIPTunnelPort
LogicalRouterLoopbackPort
LogicalRouterPort

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Readonly Sortable
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
resource_type	Must be set to the value LogicalPort	LogicalPortResourceType	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

LogicalPortListParameters (schema)

List parameters for logical port

Parameters to get filtered list of logical ports. The filter parameters are mutually exclusive.

Name	Description	Type	Notes
l2_extension_id	Id of a specified l2vpn session List all of the logical ports that are extended via the specified l2vpn session id.	string
port_type	Type of logical port If routed, list all of the routed logical ports. If extended, list all of the extended logial ports. If none, list all pure l2 logical ports (not routed and extended).	string	Enum: routed, extended, none

LogicalPortListResult (schema)

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Logical port list results	array of LogicalPort (Abstract type: pass one of the following concrete types) LogicalRouterIPTunnelPort LogicalRouterLoopbackPort LogicalRouterPort	Required

LogicalPortResourceType (schema)

Resource types of logical port

LogicalRouterPort is the L3 Port attached to the router.
LogicalRouterIPTunnelPort is a IPSec VPN tunnel port created on
logical router when route based VPN session configured.
LogicalRouterLoopbackPort is a loopback port for the logical router.
LogicalRouterManagementPort is a management port on the logical router.

Name	Description	Type	Notes
LogicalPortResourceType	Resource types of logical port LogicalRouterPort is the L3 Port attached to the router. LogicalRouterIPTunnelPort is a IPSec VPN tunnel port created on logical router when route based VPN session configured. LogicalRouterLoopbackPort is a loopback port for the logical router. LogicalRouterManagementPort is a management port on the logical router.	string	Enum: LogicalRouterPort, LogicalRouterIPTunnelPort, LogicalRouterLoopbackPort, LogicalRouterManagementPort

LogicalRouterHaHistory (schema)

Name	Description	Type	Notes
event	Logical router HA event that triggered state change Logical router HA event that triggered state change	string	Readonly
event_timestamp	Time in UTC when the last HA event occured Time in UTC when the last HA event occured	EpochMsTimestamp	Readonly
state	Logical router HA state Logical router HA state DOWN - Logical router is not in good health SYNC - Logical router is synchronizing data from peer logical router STANDBY - Logical router is available to go Active ACTIVE - Logical router is forwarding traffic	string	Readonly Enum: DOWN, SYNC, STANDBY, ACTIVE

LogicalRouterIPTunnelPort (schema)

Logical router IP tunnel port

Logical router IP tunnel port.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
admin_state	Admin state of port Admin state of port.	string	Readonly Enum: UP, DOWN
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Readonly Sortable
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
resource_type	Must be set to the value LogicalRouterIPTunnelPort	LogicalPortResourceType	Required
subnets	Tunnel port subnets Tunnel port subnets.	array of IPSubnet	Required Readonly Minimum items: 1 Maximum items: 1
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
vpn_session_id	VPN session identifier Associated VPN session identifier.	string	Readonly

LogicalRouterLoopbackPort (schema)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Readonly Sortable
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
resource_type	Must be set to the value LogicalRouterLoopbackPort	LogicalPortResourceType	Required
subnets	Logical router loopback port subnets	array of IPSubnet	Maximum items: 1
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

LogicalRouterPort (schema)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
dhcp_server_id	DHCP server ID Specify DHCP server for L2 domain to use. If not given, there is no DHCP service in the L2 domain.	string
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
exit_interface	Exit interface from edge Exit interface from edge	ExitEdgeInterface	Required
id	Unique identifier of this resource	string	Readonly Sortable
l2_extensions	L2 extensions Configuration for extending L2 domain via L2VPN.	array of L2Extension	Minimum items: 1
mac_address	MAC address MAC address	string	Readonly
mtu	Maximum transmission unit (MTU) Maximum transmission unit specifies the size of the largest packet that a network protocol can transmit.	integer	Minimum: 64 Maximum: 9000 Default: "1500"
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
resource_type	Must be set to the value LogicalRouterPort	LogicalPortResourceType	Required
subnets	Logical router port subnets	array of IPSubnet	Maximum items: 1
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
urpf_mode	Unicast Reverse Path Forwarding mode	UrpfMode	Default: "STRICT"
vlan_id	VLAN for the Logical Switch	integer	Required Minimum: 0 Maximum: 4091

LogicalRouterPortCounters (schema)

Name	Description	Type	Notes
dropped_packets	Number of Dropped Packets	integer	Required
total_bytes	Total Number of Bytes	integer	Required
total_packets	Total Number of Packets	integer	Required

LogicalRouterPortStatistics (schema)

Name	Description	Type	Notes
admin_state	Administrative State Configurable administrative state.	string	Required Enum: UP, DOWN
last_update_timestamp	Timestamp in Milliseconds Since Epoch	integer	Required
logical_router_port_id	Logical Router Port UUID	string	Required
operational_state	Operational State Operational state of the port. Takes into account the exit interface status.	string	Required Enum: UP, DOWN
rx	Logical Router Port Receive Count	LogicalRouterPortCounters	Required
tx	Logical Router Port Transmit Count	LogicalRouterPortCounters	Required

LogicalRouterRouteEntry (schema)

Name	Description	Type	Notes
admin_distance	Admin Distance	integer	Required
logical_router_port_id	Logical Router Port ID	string	Required
network	Network	IPv4CIDRBlock	Required
next_hop	Next Hop	IPv4Address
route_type	Route Type	RouteType	Required

LogicalRouterRouteTable (schema)

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
last_update_timestamp	Timestamp in Milliseconds Since Epoch	integer	Required Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Logical Router Route Entry	array of LogicalRouterRouteEntry	Required

LogicalRouterType (schema)

Name	Description	Type	Notes
fields	Fields to include in query results Comma-separated field names to include in query result	string
router_type	Logical router type Logical router type	string	Enum: SERVICE_ROUTER_TIER0, VRF_SERVICE_ROUTER_TIER0, DISTRIBUTED_ROUTER_TIER0, VRF_DISTRIBUTED_ROUTER_TIER0, SERVICE_ROUTER_TIER1, VRF_SERVICE_ROUTER_TIER1, DISTRIBUTED_ROUTER_TIER1, VRF_DISTRIBUTED_ROUTER_TIER1, TUNNEL, RTEP_TUNNEL_VRF

LogicalRoutersInfo (schema)

Name	Description	Type	Notes
ha_info	Logical router high-availability information Logical router high-availability information	HaInfo	Readonly
logical_router_uuid	Logical router UUID Logical router UUID	string	Readonly
mp_router_uuid	MP logical router UUID MP logical router UUID	string	Readonly
name	Name of the logical router Name of the logical router	string	Readonly
router_type	Logical router type Logical router type	string	Readonly Enum: SERVICE_ROUTER_TIER0, VRF_SERVICE_ROUTER_TIER0, DISTRIBUTED_ROUTER_TIER0, VRF_DISTRIBUTED_ROUTER_TIER0, SERVICE_ROUTER_TIER1, VRF_SERVICE_ROUTER_TIER1, DISTRIBUTED_ROUTER_TIER1, VRF_DISTRIBUTED_ROUTER_TIER1, TUNNEL, RTEP_TUNNEL_VRF

MaintenanceModePropertiesReply (schema)

Information about the Edge maintenance mode

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
maintenance_mode	current maintenance mode	string	Readonly Enum: enabled, disabled Default: "disabled"
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"

MaintenanceModePropertiesRequest (schema)

Information about the Edge maintenance mode

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
maintenance_mode	current maintenance mode	boolean
notify_mpa	send notification to MPA	boolean	Default: "True"

ManagedResource (schema)

Base type for resources that are managed by API clients

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Readonly Sortable
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
resource_type	The type of this resource.	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

MandatoryAccessControlProperties (schema)

Information about mandatory access control

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
enabled	Enabled can be True/False	boolean
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
status	current status of Mandatory Access Control	string	Readonly Enum: ENABLED, DISABLED, ENABLED_PENDING_REBOOT

NAPILogLevelValue (schema)

Log Level Value

Name	Description	Type	Notes
log_level	Log Level	string	Required Enum: critical, error, warn, info, debug, off

NodeAdminState (schema)

Node Admin State

Name	Description	Type	Notes
NodeAdminState	Node Admin State	string	Enum: UP, DOWN, UNKNOWN

NodeFileSystemProperties (schema)

File system properties

Name	Description	Type	Notes
file_system	File system id	string	Readonly
mount	File system mount	string	Readonly
total	File system size in kilobytes	integer	Readonly
type	File system type	string	Readonly
used	Amount of file system used in kilobytes	integer	Readonly

NodeGrubProperties (schema)

Node GRUB properties

Name	Description	Type	Notes
timeout	GRUB menu timeout value in seconds	integer	Minimum: 0 Maximum: 2147483647
users	List of node GRUB user properties	array of NodeGrubUserProperties

NodeGrubUserProperties (schema)

Node GRUB user properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
password	Password for the GRUB user	string
username	Username of the GRUB user	string

NodeHAStatus (schema)

Node High Availability Status

Name	Description	Type	Notes
NodeHAStatus	Node High Availability Status	string	Enum: ACTIVE, INACTIVE, STATE_SYNC, DISCOVER, OFFLINE, DISABLED, UNKNOWN

NodeIdServicesMap (schema)

Name	Description	Type	Notes
node_id	NodeId	string	Required Maximum length: 255
service_types	list of ServiceTypes	array of ServiceType	Required

NodeInterfaceStatisticsProperties (schema)

Node network interface statistic properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
interface_id	Interface ID	string	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
rx_bytes	Number of bytes received	integer	Readonly
rx_dropped	Number of packets dropped	integer	Readonly
rx_errors	Number of receive errors	integer	Readonly
rx_frame	Number of framing errors	integer	Readonly
rx_packets	Number of packets received	integer	Readonly
tx_bytes	Number of bytes transmitted	integer	Readonly
tx_carrier	Number of carrier losses detected	integer	Readonly
tx_colls	Number of collisions detected	integer	Readonly
tx_dropped	Number of packets dropped	integer	Readonly
tx_errors	Number of transmit errors	integer	Readonly
tx_packets	Number of packets transmitted	integer	Readonly

NodeLogProperties (schema)

Node log properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
last_modified_time	Last modified time expressed in milliseconds since epoch	EpochMsTimestamp	Readonly
log_name	Name of log file	string	Readonly
log_size	Size of log file in bytes	integer	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"

NodeLogPropertiesListResult (schema)

Node log property query results

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Node log property results	array of NodeLogProperties	Required

NodeMotdProperties (schema)

Node message of the day properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
motd	Message of the day to display when users login to node using the NSX CLI	string or null
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"

NodeNameServersProperties (schema)

Node network name servers properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
name_servers	Name servers	array of string	Required Maximum items: 3
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"

NodeNetworkInterfaceProperties (schema)

Node network interface properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
admin_status	Interface administration status	string	Readonly Enum: up, down
bond_cur_active_slave	Bond's currently active slave device	string	Readonly
bond_lacp_rate	Bond's rate at which we'll ask our link partner to transmit LACPDU packets in 802.3ad mode	string	Readonly
bond_mode	Bond mode	string	Enum: ACTIVE_BACKUP, 802_3AD, ROUND_ROBIN, BROADCAST, XOR, TLB, ALB
bond_primary	Bond's primary device name in active-backup bond mode	string
bond_primary_slave	Bond's primary device name in active-backup bond mode	string	Readonly
bond_slaves	Bond's slave devices	array of string
bond_xmit_hash_policy	Bond's transmit hash policy for balance-xor and 802.3ad modes	string	Readonly Enum: layer2, layer2+3, layer3+4, encap2+3, encap3+4
broadcast_address	Interface broadcast address	string	Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$"
default_gateway	Interface's default gateway	string	Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$"
interface_id	Interface ID	string	Required Readonly
ip6_addresses	Interface IPv6 addresses	array of IPv6AddressProperties
ip_addresses	Interface IP addresses	array of IPv4AddressProperties	Maximum items: 1
ip_configuration	Interface configuration	string	Required Enum: dhcp, static, not configured
is_kni	Interface is a KNI	boolean	Readonly
link_status	Interface administration status	string	Readonly Enum: up, down
mtu	Interface MTU	integer
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
physical_address	Interface MAC address	string	Readonly Pattern: "^[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}$"
plane	Interface plane	string	Enum: mgmt, debug, none
vlan	VLAN Id	integer	Readonly Minimum: 1 Maximum: 4094

NodeNetworkInterfacePropertiesListResult (schema)

Node network interface properties list results

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Node network interface property results	array of NodeNetworkInterfaceProperties	Required

NodeNetworkProperties (schema)

Network configuration properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"

NodeNtpServiceProperties (schema)

Node NTP service properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
service_name	Service name	string	Required
service_properties	NTP Service properties	NtpServiceProperties

NodeProcessProperties (schema)

Node process properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
cpu_time	CPU time (user and system) consumed by process in milliseconds	integer	Readonly
mem_resident	Resident set size of process in bytes	integer	Readonly
mem_used	Virtual memory used by process in bytes	integer	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
pid	Process id	integer	Readonly
ppid	Parent process id	integer	Readonly
process_name	Process name	string	Readonly
start_time	Process start time expressed in milliseconds since epoch	EpochMsTimestamp	Readonly
uptime	Milliseconds since process started	integer	Readonly

NodeProcessPropertiesListResult (schema)

Node process property query results

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Node process property results	array of NodeProcessProperties	Required

NodeProperties (schema)

Node properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
cli_coredump_config	NSX CLI core dump files config	CoreDumpConfig	Readonly
cli_history_size	NSX CLI command history limit, set to 0 to configure no history size limit	integer	Minimum: 0
cli_output_datetime	NSX CLI display datetime stamp in command output	boolean
cli_timeout	NSX CLI inactivity timeout, set to 0 to configure no timeout	integer	Minimum: 0
export_type	Export restrictions in effect, if any	string	Readonly Enum: RESTRICTED, UNRESTRICTED
fully_qualified_domain_name	Fully qualified domain name	string	Readonly
hostname	Host name or fully qualified domain name of node	SystemHostname
kernel_version	Kernel version	string	Readonly
motd	Message of the day to display when users login to node using the NSX CLI	string or null
node_type	Node type	string	Readonly Enum: NSX Manager, NSX Global Manager, NSX Edge, NSX Autonomous Edge, NSX Cloud Service Manager, NSX Public Cloud Gateway, NSX Malware Prevention Service VM
node_uuid	Node Unique Identifier	string	Readonly Maximum length: 36
node_version	Node version	string	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
product_version	Product version	string	Readonly
system_datetime	System date time in UTC	DatetimeUTC
system_time	Current time expressed in milliseconds since epoch	EpochMsTimestamp	Readonly
timezone	Timezone	string

NodeRouteProperties (schema)

Node network route properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
destination	Destination covered by route	string	Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$|^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$"
from_address	From address	string	Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$|^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$"
gateway	Address of next hop	string	Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$|^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$"
interface_id	Network interface id of route	string
ipv6	IPv6 flag	boolean
metric	Metric value of route Default metric value for IPv4 is 0, whereas for IPv6 default value is 1024	string
netmask	Netmask or prefix length of destination covered by route For IPv4 this field expects valid IPv4 netmask address, whereas in case of IPv6 it expects valid prefix length	string	Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$|^[\d]{1,3}$"
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
proto	Routing protocol identifier of route	string	Enum: unspec, redirect, kernel, boot, static, gated, ra, mrt, zebra, bird, dnrouted, xorp, ntk, dhcp Default: "boot"
route_id	Unique identifier for the route	string	Readonly
route_type	Route type	string	Required Enum: default, static, blackhole, prohibit, throw, unreachable
scope	Scope of destinations covered by route	string
src	Source address to prefer when sending to destinations of route	string	Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$|^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$"

NodeRoutePropertiesListResult (schema)

Node network route properties list results

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Node route property results	array of NodeRouteProperties	Required

NodeSearchDomainsProperties (schema)

Node network search domains properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
search_domains	Search domains	array of string	Required

NodeServiceProperties (schema)

Node service properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
service_name	Service name	string	Required

NodeServicePropertiesListResult (schema)

Node service property query results

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Node service property results	array of NodeServiceProperties	Required

NodeServiceStatusProperties (schema)

Node service status properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
health	Service health in addition to runtime_state	string	Readonly Enum: STABLE, DEGRADED
monitor_pid	Service monitor process id	integer	Readonly
monitor_runtime_state	Service monitor runtime state	string	Readonly Enum: running, stopped
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
pids	Service process ids	array of integer	Readonly
reason	Reason for service degradation	string	Readonly
runtime_state	Service runtime state	string	Readonly Enum: running, stopped

NodeSnmpServiceProperties (schema)

Node SNMP service properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
service_name	Service name	string	Required
service_properties	SNMP Service properties	SnmpServiceProperties	Required

NodeSnmpV3EngineID (schema)

SNMP V3 Engine Id

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
service_name	Service name	string	Required
v3_engine_id	SNMP v3 engine id	string	Required

NodeSshServiceProperties (schema)

Node SSH service properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
service_name	Service name	string	Required
service_properties	SSH Service properties	SshServiceProperties

NodeStatus (schema)

Node Status

Name	Description	Type	Notes
NodeStatus	Node Status	string	Enum: DOWN, UP, UNREACHABLE, ADMIN_DOWN, UP_ROUTING_DOWN, INVALID, UNKNOWN

NodeStatusProperties (schema)

Node status properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
bootup_error	Autonomous edge bootup error	string	Readonly
cpu_cores	Number of CPU cores on the system	integer	Readonly
file_systems	File systems configured on the system	array of NodeFileSystemProperties	Readonly
load_average	One, five, and fifteen minute load averages for the system	array of number	Readonly
mem_available	Amount of available RAM in the system, in kilobytes. The amount of reclaimable buffer/cache memory in use is taken into consideration here to provide a better idea of how much memory is really available in the system	integer	Readonly
mem_buffer	Amount of RAM on the system used for temporary disk block storage, in kilobytes	integer	Readonly
mem_cache	Amount of RAM on the system that can be flushed out to disk, in kilobytes	integer	Readonly
mem_free	Amount of unused RAM in the system, in kilobytes	integer	Readonly
mem_slab	Amount of RAM allocated to the kernel slab allocator, in kilobytes	integer	Readonly
mem_slab_reclaimable	Amount of RAM allocated to the kernel slab allocator that is not currently in use, in kilobytes	integer	Readonly
mem_total	Amount of RAM allocated to the system, in kilobytes	integer	Readonly
mem_used	Amount of RAM in use on the system, in kilobytes. (This is mem_total - mem_available)	integer	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
swap_total	Amount of disk available for swap, in kilobytes	integer	Readonly
swap_used	Amount of swap disk in use, in kilobytes	integer	Readonly
system_time	Current time expressed in milliseconds since epoch	EpochMsTimestamp	Readonly
uptime	Milliseconds since system start	integer	Readonly

NodeSyslogExporterProperties (schema)

Node syslog exporter properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
exporter_name	Syslog exporter name	string	Required
facilities	Facilities to export	array of SyslogFacility
level	Logging level to export	string	Required Enum: EMERG, ALERT, CRIT, ERR, WARNING, NOTICE, INFO, DEBUG
msgids	MSGIDs to export	array of string
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
port	Port to export to, defaults to 514 for TCP, TLS, UDP protocols or 9000 for LI, LI-TLS protocols	integer	Minimum: 1 Maximum: 65535
protocol	Export protocol	string	Required Enum: TCP, TLS, UDP, LI, LI-TLS
server	IP address or hostname of server to export to	HostnameOrIPv46Address	Required
structured_data	Structured data to export	array of string
tls_ca_pem	CA certificate PEM of TLS server to export to	string
tls_cert_pem	Certificate PEM of the rsyslog client	string
tls_client_ca_pem	CA certificate PEM of the rsyslog client	string
tls_key_pem	Private key PEM of the rsyslog client	string

NodeSyslogExporterPropertiesListResult (schema)

Node syslog exporter list results

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Node syslog exporter results	array of NodeSyslogExporterProperties	Required

NodeTime (schema)

Node system time in UTC

Node system time in UTC

Name	Description	Type	Notes
system_datetime	Datetime string in UTC	DatetimeUTC	Required

NodeUserProperties (schema)

Node user properties

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
full_name	Full name for the user	string
group_id	Primary group id for the user	integer	Readonly Minimum: 0 Maximum: 2147483647
home_dir	The absolute path of user home directory	string	Readonly
last_password_change	Number of days since password was last changed	integer	Readonly Minimum: 0 Maximum: 2147483647
login_shell	The absolute path of login shell	string	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
old_password	Old password for the user (required on PUT if password specified)	string
password	Password for the user (optionally specified on PUT, unspecified on GET)	string
password_change_frequency	Number of days password is valid before it must be changed Number of days password is valid before it must be changed. This can be set to 0 to indicate no password change is required or a positive integer up to 9999. By default local user passwords must be changed every 90 days.	integer	Minimum: 0 Maximum: 9999 Default: "90"
password_change_warning	Number of days before user receives warning message of password expiration	integer	Minimum: 0 Maximum: 9999 Default: "7"
password_reset_required	Boolean value that states if a password reset is required	boolean
status	User status Status of the user. This value can be ACTIVE indicating authentication attempts will be successful if the correct credentials are specified. The value can also be PASSWORD_EXPIRED indicating authentication attempts will fail because the user's password has expired and must be changed. Or, this value can be NOT_ACTIVATED indicating the user's password has not yet been set and must be set before the user can authenticate.	string	Readonly Enum: ACTIVE, PASSWORD_EXPIRED, NOT_ACTIVATED
userid	Numeric id for the user	integer	Readonly Minimum: 0 Maximum: 2147483647
username	User login name (must be "root" if userid is 0)	string	Minimum length: 1 Maximum length: 32 Pattern: "^[a-zA-Z][a-zA-Z0-9@-_.\-]*$"

NodeUserPropertiesListResult (schema)

Node users list results

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	List of node users	array of NodeUserProperties	Required

NodeVersion (schema)

Name	Description	Type	Notes
node_version	Node version	string	Readonly
product_version	Product version	string	Readonly

NodeVtepState (schema)

VTEP interfaces State

Name	Description	Type	Notes
NodeVtepState	VTEP interfaces State	string	Enum: UP, DOWN, UNKNOWN

NtpServiceProperties (schema)

NTP Service properties

Name	Description	Type	Notes
servers	NTP servers	array of HostnameOrIPv46Address	Required
start_on_boot	Start NTP service when system boots	boolean	Default: "True"

OwnerResourceLink (schema)

Link to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.

Name	Description	Type	Notes
action	Optional action	string
href		string	Required
rel		string	Readonly Enum: owner

PasswordAuthenticationScheme (schema)

Name	Description	Type	Notes
identity_file	SSH private key file name	string
password	Password to authenticate with	string
scheme_name	Authentication scheme name	string	Required Enum: password, key
username	User name to authenticate with	string	Required Pattern: "^.+$"

PasswordComplexityProperties (schema)

Configurable properties of password complexity requirement for the NSX node

Configurable properties of password complexity requirement for the NSX node.

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_retry_prompt	Prompt user at most N times before returning with error.	integer	Readonly Default: "3"
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
digits	Number of digits in password Number of digits (0..9) expected in user password. N < 0, to set minimum credit for having digits in the new password, i.e. this is the minimum number of digits that must be met for a new password. N > 0, to set maximum credit for having digits in the new password, i.e. per occurrence of digit in password will attribute additional credit of +1 towards meeting the current minimum_password_length value upto N digits. N = 0, policy will be not applicable. By default minimum 1 digit is required for a new password.	integer	Minimum: -128 Maximum: 128 Default: "-1"
hash_algorithm	Hash algorithm Sets hash/cryptographic algorithm type for new passwords.	string	Enum: sha512, sha256 Default: "sha512"
lower_chars	Number of lower-case characters in password Number of lower case characters (a..z) expected in user password. N < 0, to set minimum credit for having lower case characters in the new password, i.e. this is the minimum number of lower case characters that must be met for a new password. N > 0, to set maximum credit for having lower case characters in the new password, i.e. per occurrence of lower case character in password will attribute additional credit of +1 towards meeting the current minimum_password_length value upto N lower case characters. N = 0, policy will be not applicable. By default minimum 1 lower case character is required for a new password.	integer	Minimum: -128 Maximum: 128 Default: "-1"
max_repeats	Number of same consecutive characters Reject passwords which contain more than N same consecutive characters, like aaa or 7777. To disable the check, value should be set to 0.	integer	Minimum: 0 Maximum: 128 Default: "0"
max_sequence	Length of permissible monotonic sequence in password substring Reject passwords which contain more than N monotonic character sequences. Monotonic sequences can be '12345' or 'fedcb'. To disable the check, value should be set to 0.	integer	Minimum: 0 Maximum: 128 Default: "0"
maximum_password_length	Maximum password length Maximum number of characters allowed in password; user can not set their password of length greater than this parameter. By default maximum length of password is 128 characters.	integer	Minimum: 8 Maximum: 128 Default: "128"
minimum_password_length	Minimum password length Minimum number of characters expected in password; user can not set their password of length less than this parameter. NOTE, for existing users upgrading to NSX-T datacenter version 4.0 or above - if existing appliance is configured with minimum_password_length less than current default value, then upgraded appliance will reset the configured setting back to recommended default; which can be explicitly modified back to original value or any other integer greater than or equal to supported minimum value. VMware recommends to set strong passwords for systems and appliances, further suggests to maintain strong minimum_password_length value. NSX resets this value to default and recommends to maintain upgraded default value or above for password complexity requirement. If any existing user passwords are set with length of less than newly configured minimum_password_length, then its recommended to reset the user passwords as per newly configured password complexity compliance. If existing minimum_password_length is greater than or equal to default value, which shall be retained as it is in newly upgraded appliance. By default minimum length of password is 12 characters and passwords less than 8 characters are never allowed.	integer	Minimum: 8 Maximum: 128 Default: "12"
minimum_unique_chars	Number of unique characters from old password Number of character changes in the new password that differentiate it from the old password. To disable the check, value should be set to 0.	integer	Minimum: 0 Maximum: 128 Default: "0"
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
password_remembrance	Password remembrance from previous generations Limit using a password that was used in past; users can not set the same password within the N generations. To disable the check, value should be set to 0.	integer	Minimum: 0 Default: "0"
special_chars	Number of special characters in password Number of special characters (!@#$&*..) expected in user password. N < 0, to set minimum credit for having special characters in the new password, i.e. this is the minimum number of special characters that must be met for a new password. N > 0, to set maximum credit for having special characters in the new password, i.e. per occurrence of special case character in password will attribute additional credit of +1 towards meeting the current minimum_password_length value upto N special case characters. N = 0, policy will be not applicable. By default minimum 1 special character is required for a new password.	integer	Minimum: -128 Maximum: 128 Default: "-1"
upper_chars	Number of upper-case characters in password Number of upper case characters (A..Z) expected in user password. N < 0, to set minimum credit for having upper case characters in the new password, i.e. this is the minimum number of lower case characters that must be met for a new password. N > 0, to set maximum credit for having upper case characters in the new password, i.e. per occurrence of upper case character in password will attribute additional credit of +1 towards meeting the current minimum_password_length value upto N upper case characters. N = 0, policy will be not applicable. By default minimum 1 upper case character is required for a new password.	integer	Minimum: -128 Maximum: 128 Default: "-1"

PhysicalPortQueueStats (schema)

Physical port queue statistics

Provides the packet statistics for individual queues of a physical port since
the port uptime. The statistics will be reset on edge reboot or edge dataplane
restart.

- Total number of incoming packets in the queue.
- Total number of outgoing packets in the queue.
- Total number of dropped packets in the queue.

Name	Description	Type	Notes
id	Queue ID	integer	Readonly
rx_bytes	Bytes in The total number of incoming packet bytes received in the queue. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	integer	Readonly
rx_errors	Rx errors The total number of erroneous incoming packets received in the queue. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	integer	Readonly
rx_packets	Packets in The total number of incoming packets in the queue. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	integer	Readonly
tx_bytes	Bytes out The total number of outgoing packet bytes transmitted from the queue. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	integer	Readonly
tx_drops	Tx drops The total number of outgoing packets dropped due to buffer overflow. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	integer	Readonly
tx_packets	Packets out The total number of outgoing packets transmitted from the queue. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	integer	Readonly

PhysicalPortStats (schema)

Physical port statistics

Provides the following statistics of a physical port since the uptime. For edge VM form
factor it refers to vmxnet3 vNIC stats. The statistics will be reset on edge reboot or
edge dataplane restart. It includes the following information:

- Statistics of individual queues of the specific port.
- Total number of incoming packets on the port.
- Total number of outgoing packets on the port.
- Total number of dropped packets on the port.
- Error/Failure reason for the dropped packets.

Name	Description	Type	Notes
name	Name	string	Readonly
queues	Per queue statistics Lists the statistics of individual queues of a specific port. It includes the number of incoming, outgoing and dropped packet counters. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	array of PhysicalPortQueueStats
rx_bytes	Bytes in The total number of bytes received on the port. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	integer	Readonly
rx_errors	Rx errors The total number of erroneous packets received on the port. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	integer	Readonly
rx_misses	Rx misses The total number of incoming packets dropped due to Rx buffer overflow or busy Fast Path(FP) core. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	integer	Readonly
rx_nombufs	Rx no mBufs The total number of incoming packets dropped due to Rx mBuf allocation failure. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	integer	Readonly
rx_packets	Packets in The total number of incoming packets on the port. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	integer	Readonly
tx_bytes	Bytes out The total number of bytes transmitted on the port. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	integer	Readonly
tx_drops	Tx drops The total number of outgoing packets dropped due to Tx buffer overflow. The vmxnet3 backend or the physical NIC is not able to process all the packets that edge is attempting to send out. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	integer	Readonly
tx_errors	Tx errors The total number of erroneous packets failed to be transmitted. The counts are from the time the edge dataplane is UP and will be reset on edge reboot or edge dataplane restart.	integer	Readonly
tx_packets	Packets out The total number of outgoing packets on the port since the uptime. This is reset on edge reboot or edge dataplane restart.	integer	Readonly

PolicyBasedIPSecVPNSession (schema)

Policy based VPN session

A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
authentication_mode	Authentication Mode Authentication mode used for the peer authentication. For PSK (Pre Shared Key) authentication mode, 'psk' property is mandatory and for the CERTIFICATE authentication mode, 'peer_id' property is mandatory.	string	Enum: PSK, CERTIFICATE Default: "PSK"
connection_initiation_mode	Connection initiation mode Connection initiation mode used by local endpoint to establish ike connection with peer endpoint. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request.	string	Enum: INITIATOR, RESPOND_ONLY, ON_DEMAND Default: "INITIATOR"
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
dpd_profile_id	Dead peer detection (DPD) profile id Dead peer detection (DPD) profile id. Default will be set according to system default policy.	string	Pattern: "^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$"
enabled	Enable/Disable IPSec VPN session Enable/Disable IPSec VPN session.	boolean	Default: "True"
id	Unique identifier of this resource	string	Readonly Sortable
ike_profile_id	Internet key exchange (IKE) profile id IKE profile id to be used. Default will be set according to system default policy.	string	Pattern: "^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$"
ipsec_tunnel_profile_id	IPSec tunnel profile id Tunnel profile id to be used. By default it will point to system default profile.	string	Pattern: "^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$"
local_endpoint	Local endpoint Local endpoint.	IPSecVPNLocalEndpoint	Required
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
peer_address	IPV4 address of peer endpoint on remote site. IPV4 address of peer endpoint on remote site.	string	Required
peer_id	Peer id Peer identifier.	string	Required
policy_rules	Policy rules	array of IPSecVPNPolicyRule	Required
psk	Pre-shared key IPSec Pre-shared key. Maximum length of this field is 128 characters. Its required input in PSK authentication mode.	string	Minimum: 1 Maximum: 128
resource_type	Must be set to the value PolicyBasedIPSecVPNSession	IPSecVPNSessionResourceType	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
tcp_mss_clamping		TcpMssClamping

Protocol (schema)

This is an abstract type. Concrete child types:
HttpProtocol
HttpsProtocol
ScpProtocol
SftpProtocol

Name	Description	Type	Notes
name	Protocol name	string	Required Enum: http, https, scp, sftp

ReplicaAgentClientStatusProperties (schema)

Name	Description	Type	Notes
last_fullsync_time	Timestamp when replica-agent performed last fullsync of messages from primary node's Nestdb	string
last_replication_time	Timestamp when replica-agent performed last replication from primary node.	string
last_rewrite_time	Timestamp when replica-agent performed last rewriting of message in secondary node's Nestdb	string
local_nestdb_connection_time	Timestamp when replica-agent established connection to Nestdb local to the secondary node.	string
node_api_server_role	Node High Availability Mode	string	Enum: PRIMARY, SECONDARY
node_id	Node UUID	string
peer_nestdb_connection_time	Timestamp when replica-agent established connection to the NestDB of primary node	string

Resource (schema)

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"

ResourceLink (schema)

Name	Description	Type	Notes
action	Optional action	string
href		string	Required
rel	Link relation type Custom relation type (follows RFC 5988 where appropriate definitions exist)	string	Required

ResourceReference (schema)

A weak reference to an NSX resource.

Name	Description	Type	Notes
is_valid	Target validity Will be set to false if the referenced NSX resource has been deleted.	boolean	Readonly
target_display_name	Target display name Display name of the NSX resource.	string	Readonly Maximum length: 255
target_id	Target ID Identifier of the NSX resource.	string	Maximum length: 64
target_type	Target type Type of the NSX resource.	string	Maximum length: 255

RevisionedResource (schema)

A base class for types that track revisions

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"

RouteBasedIPSecVPNSession (schema)

Route based VPN session

A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site.

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
authentication_mode	Authentication Mode Authentication mode used for the peer authentication. For PSK (Pre Shared Key) authentication mode, 'psk' property is mandatory and for the CERTIFICATE authentication mode, 'peer_id' property is mandatory.	string	Enum: PSK, CERTIFICATE Default: "PSK"
connection_initiation_mode	Connection initiation mode Connection initiation mode used by local endpoint to establish ike connection with peer endpoint. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request.	string	Enum: INITIATOR, RESPOND_ONLY, ON_DEMAND Default: "INITIATOR"
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
dpd_profile_id	Dead peer detection (DPD) profile id Dead peer detection (DPD) profile id. Default will be set according to system default policy.	string	Pattern: "^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$"
enabled	Enable/Disable IPSec VPN session Enable/Disable IPSec VPN session.	boolean	Default: "True"
id	Unique identifier of this resource	string	Readonly Sortable
ike_profile_id	Internet key exchange (IKE) profile id IKE profile id to be used. Default will be set according to system default policy.	string	Pattern: "^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$"
ipsec_tunnel_profile_id	IPSec tunnel profile id Tunnel profile id to be used. By default it will point to system default profile.	string	Pattern: "^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$"
local_endpoint	Local endpoint Local endpoint.	IPSecVPNLocalEndpoint	Required
multi_path_group_id	IPSec VPN multiple path group identifier Specify a multiple path group for the IPSec session to join for utilizing multipath functionality.	string
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
peer_address	IPV4 address of peer endpoint on remote site. IPV4 address of peer endpoint on remote site.	string	Required
peer_id	Peer id Peer identifier.	string	Required
psk	Pre-shared key IPSec Pre-shared key. Maximum length of this field is 128 characters. Its required input in PSK authentication mode.	string	Minimum: 1 Maximum: 128
resource_type	Must be set to the value RouteBasedIPSecVPNSession	IPSecVPNSessionResourceType	Required
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
tcp_mss_clamping		TcpMssClamping
tunnel_ports	IP Tunnel ports IP Tunnel ports.	array of TunnelPortConfig	Required Minimum items: 1 Maximum items: 1

RouteType (schema)

Route Type

Name	Description	Type	Notes
RouteType	Route Type	string	Enum: route, neighbor, connected, blackhole, unknown

ScpProtocol (schema)

Name	Description	Type	Notes
authentication_scheme	Scheme to authenticate if required	PasswordAuthenticationScheme	Required
host_key_algorithms	Host key algorithms Supported host key algorithms for SSH/SFTP connection. Algorithms are preferred in the order they are specified in list.	array of HostKeyAlgorithms	Minimum items: 1 Default: "['ecdsa-sha2-nistp256', 'ecdsa-sha2-nistp384', 'ecdsa-sha2-nistp521']"
name	Must be set to the value ScpProtocol	string	Required Enum: http, https, scp, sftp
ssh_fingerprint	SSH fingerprint of server	string	Required

SelfResourceLink (schema)

Link to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.

Name	Description	Type	Notes
action	Optional action	string
href		string	Required
rel		string	Readonly Enum: self

ServiceType (schema)

Supported service types, that are using certificates.

Name	Description	Type	Notes
ServiceType	Supported service types, that are using certificates.	string	Enum: MGMT_CLUSTER, MGMT_PLANE, API, NOTIFICATION_COLLECTOR, SYSLOG_SERVER, RSYSLOG_CLIENT

SftpProtocol (schema)

Name	Description	Type	Notes
authentication_scheme	Scheme to authenticate if required	PasswordAuthenticationScheme	Required
host_key_algorithms	Host key algorithms Supported host key algorithms for SSH/SFTP connection. Algorithms are preferred in the order they are specified in list.	array of HostKeyAlgorithms	Minimum items: 1 Default: "['ecdsa-sha2-nistp256', 'ecdsa-sha2-nistp384', 'ecdsa-sha2-nistp521']"
name	Must be set to the value SftpProtocol	string	Required Enum: http, https, scp, sftp
ssh_fingerprint	SSH fingerprint of server	string	Required

SnmpCommunity (schema)

SNMP v1, v2c community

SNMP v1, v2c community.

Name	Description	Type	Notes
access	Type of access Access permissions for this community.	string	Enum: read_only Default: "read_only"
community_string	Community string at most 64 characters long Community alias string at most 64 characters long.	string

SnmpServiceProperties (schema)

SNMP Service properties

Name	Description	Type	Notes
communities	SNMP v1, v2c community	array of SnmpCommunity	Maximum items: 10
start_on_boot	Start when system boots	boolean
v2_configured	SNMP v2 is configured or not Indicates whether the local SNMP agent is configured with community string(s).	boolean	Readonly
v2_targets	SNMP v2c targets information	array of SnmpV2Target	Maximum items: 3
v3_auth_protocol	SNMP v3 auth protocol	string	Enum: SHA1 Default: "SHA1"
v3_configured	SNMP v3 is configured or not Indicates whether the local SNMP agent is configured with v3 user(s).	boolean	Readonly
v3_priv_protocol	SNMP v3 private protocol	string	Enum: AES128 Default: "AES128"
v3_targets	SNMP v3 targets information	array of SnmpV3Target	Maximum items: 3
v3_users	SNMP v3 users information	array of SnmpV3User	Maximum items: 5

SnmpV2Target (schema)

SNMP v2c targets information

SNMP v2c manager's reachability information.

Name	Description	Type	Notes
community_string	Community string Community alias string at most 64 characters long.	string
port	SNMP v2c manager port SNMP v2c manager's port.	integer	Minimum: 1 Maximum: 65535 Default: "162"
server	SNMP v2c manager SNMP v2c manager's IP or FQDN.	HostnameOrIPv46Address	Required

SnmpV3Target (schema)

SNMP v3 targets information

SNMP v3 manager's reachability information.

Name	Description	Type	Notes
port	SNMP v2c manager port SNMP v2c manager's port.	integer	Minimum: 1 Maximum: 65535 Default: "162"
security_level	Security level SNMP v3 security level.	string	Enum: AUTH_PRIV Default: "AUTH_PRIV"
server	FQDN or IP address of the SNMP Manager Specify the fully qualified domain name, or ip address, of the server.	HostnameOrIPv46Address	Required
user_id	SNMP v3 user id Specify the user name used to authenticate with the SNMP Manager.	string	Required

SnmpV3User (schema)

Name	Description	Type	Notes
access	Type of access Access permissions for this User.	string	Readonly Enum: READ_ONLY Default: "READ_ONLY"
auth_password	SNMP v3 user auth password	string
priv_password	SNMP v3 user private password	string
security_level	Security level SNMP v3 security level.	string	Readonly Enum: AUTH_PRIV Default: "AUTH_PRIV"
user_id	SNMP v3 user id	string	Required

SshFingerprintProperties (schema)

Server ssh fingerprint properties

Server properties - hostname/ip_address, port and ssh fingerprint

Name	Description	Type	Notes
host_key_algorithms	Host key algorithms Supported host key algorithms for SSH/SFTP connection. Algorithms are preferred in the order they are specified in list.	array of HostKeyAlgorithms	Minimum items: 1 Default: "['ecdsa-sha2-nistp256', 'ecdsa-sha2-nistp384', 'ecdsa-sha2-nistp521']"
port	Server port Remote server port on which ssh connection is made.	integer	Required Minimum: 1 Maximum: 65535
server	Remote server hostname or IP address Server hostname/ip_address for which fingerprint has been retrieved.	string	Required Pattern: "^.+$"
ssh_fingerprint	SSH fingerprint of server Remote server's ssh fingerprint.	string

SshKeyBaseProperties (schema)

Name	Description	Type	Notes
label	SSH key label (used to identify the key)	string	Required
password	Current password for user (required for users root and admin)	string

SshKeyProperties (schema)

Name	Description	Type	Notes
label	SSH key label (used to identify the key)	string	Required
password	Current password for user (required for users root and admin)	string
type	SSH key type	string	Required Pattern: "^(ecdsa-sha2-nistp256|ecdsa-sha2-nistp384|ecdsa-sha2-nistp521|ssh-dss|ssh-ed25519|ssh-rsa)$"
value	SSH key value	string	Required

SshKeyPropertiesListResult (schema)

SSH key properties query results

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	SSH key properties query results	array of SshKeyProperties	Required

SshServiceProperties (schema)

SSH Service properties

Name	Description	Type	Notes
root_login	Permit SSH Root login	boolean
start_on_boot	Start service when system boots	boolean	Required

StaticRoute (schema)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Readonly Sortable
network	CIDR	IPv4CIDRBlock	Required
next_hops	Next Hops	array of StaticRouteNextHop	Required Minimum items: 1 Maximum items: 8
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
resource_type	Must be set to the value StaticRoute	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

StaticRouteListResult (schema)

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
page_cursor	Opaque cursor for next page of results, (not set on last page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Paginated list of static routes	array of StaticRoute	Required

StaticRouteNextHop (schema)

Name	Description	Type	Notes
administrative_distance	Administrative Distance for the next hop IP	integer	Minimum: 1 Maximum: 255 Default: "1"
blackhole_action	Action to be taken on matching packets for NULL routes.	BlackholeAction	Readonly
ip_address	Next Hop IP	IPv4Address
logical_router_port_id	Reference of logical router port to be used for next hop	ResourceReference

SupportBundleQueryParameters (schema)

Name	Description	Type	Notes
all	Include all files Include all files including files that may have sensitive information like core files.	boolean	Default: "False"

SyslogFacility (schema)

Syslog facility

Name	Description	Type	Notes
SyslogFacility	Syslog facility	string	Enum: KERN, USER, MAIL, DAEMON, AUTH, SYSLOG, LPR, NEWS, UUCP, AUTHPRIV, FTP, LOGALERT, CRON, LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7

SystemHostname (schema)

System host name

Name	Description	Type	Notes
SystemHostname	System host name	string	Maximum length: 255 Pattern: "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*\.?$"

Tag (schema)

Arbitrary key-value pairs that may be attached to an entity

Name	Description	Type	Notes
scope	Tag scope Tag searches may optionally be restricted by scope	string	Maximum length: 128 Default: ""
tag	Tag value Identifier meaningful to user	string	Maximum length: 256 Default: ""

TcpMssClamping (schema)

Tcp Mss Clamping Object

Tcp Mss Clamping Direction and value

Name	Description	Type	Notes
direction	MSS Clamping direction Specifies the traffic direction for which to apply MSS Clamping.	string	Enum: NONE, INBOUND_CONNECTION, OUTBOUND_CONNECTION, BOTH Default: "NONE"
max_segment_size	Maximum Segment Size value It defines the maximum amount of data that a host is willing to accept in a single TCP segment. This field is set in TCP header during connection establishment. To avoid packet fragmentation, you can set this field depending on uplink MTU and VPN overhead. This is optional field and in case it is left unconfigured, best possible MSS value will be calculated based on effective mtu of uplink interface. Supported MSS range is 108 to 8902.	integer	Minimum: 108 Maximum: 8902

TransportNodeInEdgeCluster (schema)

Transport node parameters

Transport node parameters.

Name	Description	Type	Notes
interface	Interface properties Interface properties.	array of Interface	Required
member_index	Transport node index in the edge cluster Transport node index in the edge cluster.	integer	Required
node_id	Transport node ID Transport node ID	string	Required
thumbprint	Transport node thumbprint Transport node thumbprint.	string	Required

TransportTunnel (schema)

L2VPN Session Transport Tunnel

For client, L2VPN Session Transport Tunnel uses a peer code
which has all the information to create the transport tunnel.

Name	Description	Type	Notes
display_name	Name for transport tunnel Name for transport tunnel.	string
ipsec_session_id	Transport tunnel id Transport tunnel id. When service is in client mode, this is read only.	string
local_address	IPv4 Address of local endpoint IPv4 Address of local endpoint. This is required when service is in client mode.	IPv4Address
peer_address	IPv4 Address of Peer endpoint IPv4 Address of Peer endpoint on remote site. This is required when service is in client mode.	IPv4Address
peer_code	Peer code for the transport tunnel Peer code represents a base64 encoded string which has all the configuration for tunnel. E.g. local/peer ids and protocol, encryption algorithm, etc. Peer code also contains PSK; be careful when sharing or storing it. This is required when service is in client mode.	string

TrustObjectData (schema)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	integer	Readonly
_schema	Location of schema for this resource	string	Readonly
_self		SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
actions	Actions applicable to the resource at this time	array of ActionDescriptor	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Readonly Sortable
key_algo	Key algorithm contained in this certificate	string
notify_mpa	send notification to MPA about this config change (applicable on edge node)	boolean	Default: "False"
passphrase	Password for private key encryption	string
pem_encoded	pem encoded certificate data	string	Required
private_key	private key data	string
resource_type	Must be set to the value TrustObjectData	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

TunnelDigestAlgorithm (schema)

Digest Algorithms used in tunnel establishment

The TunnelDigestAlgorithms are used to verify message
integrity during IPSec VPN tunnel establishment.
SHA1 produces 160 bits hash and SHA2_XXX produces
XXX bit hash.

Name	Description	Type	Notes
TunnelDigestAlgorithm	Digest Algorithms used in tunnel establishment The TunnelDigestAlgorithms are used to verify message integrity during IPSec VPN tunnel establishment. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.	string	Enum: SHA1, SHA2_256, SHA2_384, SHA2_512

TunnelEncryptionAlgorithm (schema)

Encryption algorithm used in tunnel

TunnelEncryption algorithms are used to ensure confidentiality
of the messages exchanged during Tunnel negotiations. AES
stands for Advanced Encryption Standards. AES_128 uses 128-bit
keys whereas AES_256 uses 256-bit keys for encryption and
decryption. AES_GCM stands for Advanced Encryption Standard(AES)
in Galois/Counter Mode (GCM) and is used to provide both
confidentiality and data origin authentication.
NO_ENCRYPTION_AUTH_AES_GMAC_* enables authentication on input
data without encyption. Digest algorithm should be empty for this
option.

Name	Description	Type	Notes
TunnelEncryptionAlgorithm	Encryption algorithm used in tunnel TunnelEncryption algorithms are used to ensure confidentiality of the messages exchanged during Tunnel negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode (GCM) and is used to provide both confidentiality and data origin authentication. NO_ENCRYPTION_AUTH_AES_GMAC_* enables authentication on input data without encyption. Digest algorithm should be empty for this option.	string	Enum: AES_128, AES_256, AES_GCM_128, AES_GCM_192, AES_GCM_256, NO_ENCRYPTION_AUTH_AES_GMAC_128, NO_ENCRYPTION_AUTH_AES_GMAC_192, NO_ENCRYPTION_AUTH_AES_GMAC_256, NO_ENCRYPTION

TunnelPortConfig (schema)

IP Tunnel port configuration

IP Tunnel port configuration.

Name	Description	Type	Notes
ip_subnets	IP Tunnel port subnet IP Tunnel port (commonly referred as VTI) subnet.	array of IPSubnet	Required Minimum items: 1 Maximum items: 1
tunnel_port_id	Logical route port identifier Logical route port identifier.	string	Readonly

UpgradeProgressStatus (schema)

Upgrade progress status

Name	Description	Type	Notes
last_upgrade_step_status	Status of last upgrade step	object
upgrade_bundle_present	True if upgrade bundle is present	boolean
upgrade_metadata	Meta info of upgrade	object

UpgradeStatusSummary (schema)

Upgrade status summry

Name	Description	Type	Notes
upgrade_bundle_present	True if upgrade bundle is present	boolean
upgrade_metadata	Meta info of upgrade	object
upgrade_steps	List of all upgrade steps performed	array of object

UpgradeTaskActionParameters (schema)

Name	Description	Type	Notes
action	Upgrade task The upgrade task to perform.	string	Pattern: "^[^/]+$"

UpgradeTaskProperties (schema)

Task properties

Name	Description	Type	Notes
bundle_name	Name of Bundle	string	Required
parameters	Bundle arguments	object	Readonly
step	Step name	string

UpgradeTaskStatusQueryParameters (schema)

Name	Description	Type	Notes
bundle_name	Bundle Name Provide a bundle name	string	Pattern: "^[a-zA-Z0-9-.]+$"
upgrade_task_id	Upgrade Task ID Provide a task id	string	Pattern: "^[a-z0-9-]+$"

UrpfMode (schema)

Unicast Reverse Path Forwarding mode

Name	Description	Type	Notes
UrpfMode	Unicast Reverse Path Forwarding mode	string	Enum: NONE, STRICT

X509Certificate (schema)

Name	Description	Type	Notes
dsa_public_key_g	One of the DSA cryptogaphic algorithm's strength parameters, base	string	Readonly
dsa_public_key_p	One of the DSA cryptogaphic algorithm's strength parameters, prime	string	Readonly
dsa_public_key_q	One of the DSA cryptogaphic algorithm's strength parameters, sub-prime	string	Readonly
dsa_public_key_y	One of the DSA cryptogaphic algorithm's strength parameters	string	Readonly
ecdsa_curve_name	ECDSA Curve Name The Curve name for the ECDSA certificate.	string	Readonly
ecdsa_ec_field	ECDSA Elliptic Curve Finite Field Represents an elliptic curve (EC) finite field in ECDSA.	string	Readonly Enum: F2M, FP
ecdsa_ec_field_f2mks	ECDSA Elliptic Curve F2MKS The order of the middle term(s) of the reduction polynomial in elliptic curve (EC) | characteristic 2 finite field.| Contents of this array are copied to protect against subsequent modification in ECDSA.	array of integer	Readonly
ecdsa_ec_field_f2mm	ECDSA Elliptic Curve F2MM The first coefficient of this elliptic curve in elliptic curve (EC) | characteristic 2 finite field for ECDSA.	integer	Readonly
ecdsa_ec_field_f2mrp	ECDSA Elliptic Curve F2MRP The value whose i-th bit corresponds to the i-th coefficient of the reduction polynomial | in elliptic curve (EC) characteristic 2 finite field for ECDSA.	string	Readonly
ecdsa_ec_field_f2pp	ECDSA Elliptic Curve F2PP The specified prime for the elliptic curve prime finite field in ECDSA.	string	Readonly
ecdsa_public_key_a	ECDSA Elliptic Curve Public Key A The first coefficient of this elliptic curve in ECDSA.	string	Readonly
ecdsa_public_key_b	ECDSA Elliptic Curve Public Key B The second coefficient of this elliptic curve in ECDSA.	string	Readonly
ecdsa_public_key_cofactor	ECDSA Elliptic Curve Public Key Cofactor The co-factor in ECDSA.	integer	Readonly
ecdsa_public_key_generator_x	ECDSA Elliptic Curve Public Key X x co-ordinate of G (the generator which is also known as the base point) in ECDSA.	string	Readonly
ecdsa_public_key_generator_y	ECDSA Elliptic Curve Public Key Y y co-ordinate of G (the generator which is also known as the base point) in ECDSA.	string	Readonly
ecdsa_public_key_order	ECDSA Elliptic Curve Public Key Order The order of generator G in ECDSA.	string	Readonly
ecdsa_public_key_seed	ECDSA Elliptic Curve Public Key Seed The bytes used during curve generation for later validation in ECDSA.| Contents of this array are copied to protect against subsequent modification.	array of string	Readonly
is_ca	True if this is a CA certificate.	boolean	Required Readonly
is_valid	True if this certificate is valid.	boolean	Required Readonly
issuer	the certificate issuers complete distinguished name	string	Required Readonly
issuer_cn	the certificate issuer's common name	string	Required Readonly
not_after	the time in epoch milliseconds at which the certificate becomes invalid	EpochMsTimestamp	Required Readonly
not_before	the time in epoch milliseconds at which the certificate becomes valid	EpochMsTimestamp	Required Readonly
public_key_algo	Public Key Algorithm Cryptographic algorithm used by the public key for data encryption.	string	Required Readonly Enum: RSA, DSA, ECDSA
public_key_length	size measured in bits of the public/private keys used in a cryptographic algorithm	integer	Required Readonly
rsa_public_key_exponent	An RSA public key is made up of the modulus and the public exponent. Exponent is a power number	string	Readonly
rsa_public_key_modulus	An RSA public key is made up of the modulus and the public exponent. Modulus is wrap around number	string	Readonly
serial_number	certificate's serial number	string	Required Readonly
signature	the signature value(the raw signature bits) used for signing and validate the cert	string	Required Readonly
signature_algorithm	the algorithm used by the Certificate Authority to sign the certificate	string	Required Readonly
subject	the certificate owners complete distinguished name	string	Required Readonly
subject_cn	the certificate owner's common name	string	Required Readonly
version	Certificate version (default v1)	string	Required Readonly

X509Crl (schema)

A CRL is a time-stamped list identifying revoked certificates.

Name	Description	Type	Notes
crl_entries	list of X509CrlEntry	array of X509CrlEntry	Readonly
issuer	Issuer's distinguished name(DN)	string	Readonly
next_update	Next update time for the CRL	string	Readonly
version	CRL's version number either 1 or 2	string	Readonly

X509CrlEntry (schema)

Each revoked certificate is identified in a CRL by its certificate serial number.

Name	Description	Type	Notes
revocation_date	Revocation date	string	Readonly
serial_number	the revoked certificate's serial number	string	Readonly